
Phishing isn’t what it used to be. It's faster, smarter, and powered by AI.
In our latest report, Phishing 2.0: GenAI-Powered Attacks Demand New Mitigation Strategies, we break down how generative AI is reshaping phishing attacks—and what security leaders can do about it.
Here are 5 quick takeaways from the report.
1. AI has supercharged phishing success
Phishing emails generated by AI now have a 54% success rate, far above the 12% success rate of traditional attacks.
Attackers are using generative models to personalize messaging, mimic internal communications, and exploit human behavior with alarming precision.
2. Volume is exploding
Since ChatGPT’s launch in late 2022, phishing volume has surged by 4,151%.
It’s not just email anymore. Smishing, vishing, and deepfake video attacks are on the rise, and business email compromise (BEC) now accounts for 73% of reported cyber incidents.
3. Credential theft is still the endgame
Credential phishing now accounts for 70% of all email-based cyberattacks.
AI is enabling pixel-perfect spoof pages that capture passwords, MFA tokens, and session data, turning one mistake into full access.
4. Training alone isn’t enough
Traditional phishing training? It reduces click rates by just 1.7%.
AI-generated attacks are crafted to bypass not only spam filters but your employees’ instincts as well, exploiting emotional triggers to bypass logic and training. In addition, they’re increasingly typo-free, which eliminates a common phishing red flag.
5. Defenders must move at machine speed
Your security stack needs to evolve.Modern defenses require AI-powered phishing detection, real-time domain analysis, and tools that warn users before they click—not after the breach happens.
Sign up to receive news and updates about Dashlane