For years, the standard advice for spotting phishing emails was simple: look for typos, bad grammar, and generic greetings like βDear Customer.β The logic was sound β most phishing campaigns were bulk operations run by people working in their second or third language, and the clumsiness showed.
That advice is becoming obsolete.
In 2026, AI-generated phishing emails have crossed a threshold. The typos are gone. The grammar is perfect. The tone matches your companyβs internal communications. And increasingly, the emails reference real details about you β your name, your managerβs name, a project you are working on β because that information is sitting in a LinkedIn post or a public Slack community or a data breach dump.
This is not a future threat. Security researchers are documenting it now, and the numbers on phishing success rates are rising.
What Changed and Why
The underlying shift is obvious in retrospect: large language models got very good, very fast.
A phishing attacker in 2022 might spend 15 minutes writing a clunky email impersonating your IT department. Today, the same attacker can paste a few bullet points into an AI tool and get back a polished, professional email that reads like it came from a real person β in seconds.
More importantly, AI tools can do this at scale. Mass phishing campaigns used to produce obviously cookie-cutter emails. Now attackers can generate thousands of individually tailored messages with small variations β different names, different project references, different tones β without any additional effort.
Spear phishing β targeted attacks on specific people β was always more effective than generic phishing, but it was also more expensive and time-consuming. AI has largely eliminated that cost. Targeted, personalized phishing is now as cheap as bulk phishing.
What AI-Powered Phishing Looks Like
To understand what you are up against, it helps to see the tactics being used.
Personalization from public data. Attackers scrape LinkedIn profiles, company websites, social media, and data breaches to build profiles on targets. An AI can take that profile and generate an email that feels personal. βHi [Name], I saw youβre leading the Q2 platform migration β wanted to loop you in on a compliance requirement that affects the timelineβ is more believable than βDear User, your account requires verification.β
Tone matching. Some attackers go further, collecting sample emails from a company (through a compromised inbox or public communications) and feeding them to an AI to match the companyβs writing style. Internal phishing emails that match the exact cadence of how your CTO writes are extremely difficult to recognize as fake.
AI-generated voice and deepfake audio. This goes beyond email. Vishing (voice phishing) attacks are increasingly using AI-generated voices that sound like real people. Several 2026 incidents have involved employees receiving phone calls from what sounded like their CEO or CFO requesting urgent wire transfers or credential resets. The voice was synthesized from publicly available audio β podcast appearances, conference talks, earnings calls.
Urgency without alarm. AI-crafted phishing has gotten better at calibrating urgency. The old βURGENT: Your account will be suspendedβ subject lines trigger suspicion. Newer attacks use lower-key urgency: βQuick question before our 3pm,β or βFollowing up on last weekβs request,β which feel more like real email and less like a scam.
The Tactics That No Longer Work
If you are still training employees (or yourself) on the old phishing indicators, it is worth acknowledging what has changed.
βLook for spelling mistakesβ β Less useful. AI-generated text has better grammar than most people.
βHover over links to check the URLβ β Still useful, but attackers are now using legitimate services (Google Docs, SharePoint, Dropbox) as landing pages that redirect to malicious sites, making the initial URL look clean.
βReal companies wonβt ask for your passwordβ β Still true, but attackers are now focusing on stealing session cookies and OAuth tokens instead of passwords. The fake login page might look completely legitimate and never ask for your password at all β just get you to click a button that grants an OAuth app access to your account.
βCheck the senderβs email addressβ β Still worth doing, but attackers are increasingly using compromised legitimate email accounts (your vendorβs actual email address, a hacked business account) to send phishing from real domains.
What Still Works
Despite the improvements in AI phishing, some fundamentals remain effective.
Slow down on urgent requests. The one thing AI cannot replicate is an already-established communication pattern you have with someone you trust. If you get an βurgentβ request β especially one involving money, credentials, or access β call the person using a phone number you already have, not one provided in the email. This single habit stops a significant percentage of social engineering attacks.
Verify out-of-band. Anything important should be confirmed through a second channel. Email request to reset credentials? Call your IT helpdesk directly. Text from your CEO asking for gift cards? Call their actual phone number. Do not use contact information provided in the suspicious message itself.
Multi-factor authentication remains critical. Even if someone gets your password through a phishing attack, MFA with an authenticator app (not SMS) prevents them from logging in. This is not a perfect defense β some sophisticated attacks can steal session tokens after you have already authenticated β but it stops the most common attack paths.
Watch for OAuth consent prompts. If you click a link and end up on a legitimate-looking page asking you to grant permissions to a third-party app, that is a red flag. Attackers increasingly phish for OAuth authorization rather than passwords. If an app you have never seen before is asking for access to your Google Drive or email, do not approve it.
Report suspicious emails, even if you are not sure. Most organizations have a βreport phishingβ button or email address. Using it β even for emails you are only mildly suspicious about β builds threat intelligence that helps your security team catch campaign patterns before they spread.
The Deepfake Voice Problem
A separate but related issue worth flagging: AI voice cloning is now accessible enough that it is showing up in fraud cases involving individuals, not just corporations.
If someone calls you claiming to be a family member in trouble and asks for money, be aware that AI can synthesize a recognizable voice from just a few seconds of audio. This is showing up in βgrandparent scamsβ where victims hear what sounds like a grandchildβs voice asking for help.
The defense is the same: establish a verification code or question with family members that would be hard for a stranger to know. βWhatβs our familyβs safe word?β breaks the attack immediately.
What Organizations Should Do
For security teams and business owners, AI phishing requires updating your defenses:
Update phishing simulation training to use AI-generated examples that do not have obvious markers. If your simulated phishing emails still have typos and generic greetings, you are training people to spot 2019 attacks, not 2026 attacks.
Implement DMARC, DKIM, and SPF on your domain to prevent attackers from spoofing your own email addresses. This is table stakes at this point.
Consider AI-powered email filtering. Traditional rule-based email filters struggle with AI-generated phishing because there are no obvious indicators. Newer email security tools use behavioral analysis to flag emails that match attack patterns even when the content looks clean.
Establish a clear out-of-band verification process for high-risk actions (wire transfers, credential resets, access grants) that does not rely on email alone.
Bottom Line
AI has not made phishing impossible to detect β it has made the old detection methods less reliable. The replacement is less about pattern-matching (spot the typo, check the sender address) and more about process discipline: slow down, verify out-of-band, and be skeptical of urgency.
The attackers are using better tools. The defenses that still work are the ones that rely on human judgment and established trust β not just technical pattern recognition.
Slow down. Pick up the phone. Verify before you click.
That has not changed, and it will not.
