A recent report from Menlo Security (PDF) highlights a staggering 140 percent surge in browser-based phishing attacks over the past year, alongside a 130 percent rise in zero-hour phishing attacks—novel threats that evade existing detection tools.
Several factors contribute to this rapid escalation, including increased reliance on web browsers in the workplace, the exploitation of zero-day vulnerabilities, the proliferation of advanced phishing tools, and the growing use of generative AI.
Cybercriminals are now leveraging AI to craft highly convincing phishing websites, deceive users with fraudulent AI services, and automate precision-targeted attacks.
Security strategist Andrew Harding notes that sophisticated social engineering techniques are being combined with “Phishing-as-a-Service” kits and zero-day exploits, signaling that this trend is only set to intensify in 2025.
The report also reveals that fake AI websites are not just designed to steal login credentials. Many are used to trick users into downloading infected PDFs—often disguised as résumé generators or other legitimate-seeming tools.
AI Phishing AttackThe risk is even greater on mobile devices, where smaller screens and automatic logins can obscure warning signs.
“In 2025, AI-driven cyber fraud will rise, making it harder to distinguish between legitimate and malicious sites…
…Scam activities such as fake AI tools used to offer premium AI services will be used to steal login credentials and personal data, or redirect users to phishing forms. Exploitation of user trust through sophisticated social engineering techniques will be key to targeting social media platforms and search engines.”
Now more than ever, recognizing common phishing tactics is crucial. Be especially wary of seemingly legitimate emails from well-known companies like PayPal, and always verify links before clicking or downloading files
. Before entering credentials or sharing personal information, double-check that the website is authentic to avoid falling victim to these increasingly sophisticated scams.
