Skip to main content
close search
site logo
Dive Brief

AI fuels social engineering but isn’t yet revolutionizing hacking

AI tools are still too computationally intense for cybercriminals to rely on, according to a new report.

Published Oct. 8, 2025
Eric Geller's headshot
Senior Reporter
Businessman touching an artificial intelligence-themed brain
Getty Images

Dive Brief:

  • AI isn’t yet transforming how hackers launch phishing attacks, although it is helping them clean up their lures, the security firm Intel 471 said in a report published on Wednesday.
  • Several factors have combined to keep AI in an evolutionary rather than revolutionary role, the report found.
  • Still, business and government leaders need to pay attention to several increasingly common AI-assisted attack strategies.

Dive Insight:

Security leaders in the public and private sectors have fretted for years about the impact of AI on cybercrime, but Intel 471’s report concluded that hackers aren’t rushing to completely overhaul their techniques to incorporate AI.

“Although AI is often touted as a game‑changer for the social‑engineering landscape, in the context of phishing, most threat actors still lean on [phishing-as-a-service] platforms and off‑the‑shelf kits and use AI primarily for content drafting and localization — not for true automation or innovation,” researchers wrote.

The report cited three reasons for this phenomenon: computational limitations, the difficulty of integrating AI into hacking tools and the continued effectiveness of existing tactics.

Incorporating AI into cyberattacks “involves training or configuring models, automating them within an attack infrastructure, integrating them with delivery systems and devising methods to evade detection,” Intel 471 said, all of which take time away from hackers’ profitable work. As a result, researchers wrote, cybercriminals favor “plug-and-play phishing kits” that “are easier to implement, [are] faster to deploy and have a proven track record of success.”

Still, hackers are finding generative AI useful in multiple ways, including audio deepfakes that can impersonate executives, AI-powered call centers that can automate scams, video deepfakes that can fool job interviewers and AI-powered voice bots that can solicit victims’ multifactor authentication codes and credit-card numbers. Intel 471’s report mentions one call center that used three AI models, including one from Google and another from OpenAI. The report also describes a cybercriminal advertising an AI-voice-bot service that boasts it successfully stole data from 10% of victims.

At the moment, however, “there is limited evidence of AI-driven tools circulating in underground markets,” Intel 471 said, “and discussions among threat actors rarely reference the operational use of generative AI.”

The company concluded that “practical adoption” of the technology by cybercriminals “is still in its infancy,” with widespread use hinging on “a decrease in the costs of model hosting and the emergence of ‘state-of-the-art’ AI kits comparable to today’s popular PhaaS offers.” Still, it also predicted “more deepfake-enabled impersonation calls” targeting business leaders and an AI-fueled disinformation surge “during elections, geopolitical flash points and social justice debates.”

Filed Under: Cyberattacks, Threats

Editors' picks

Company Announcements

View all | Post a press release
CyberFOX and MSP Process Announce Strategic Partnership to Deliver End-User and Technician Ver…
From CyberFOX
September 24, 2025
CyberFOX logo
Genians to Attend TechMixer XIII: Elevating Network Security and Zero Trust Objectives
From Genians
October 06, 2025
Genians logo
360 Privacy Launches 360 Strata, Transforming Digital Exposure into Dimensional Intelligence
From 360 Privacy
October 06, 2025
360 Privacy logo
Genians USA Elevates Computer Integration Technologies, Inc. (CIT) to Gold Partner Status
From Genians
September 19, 2025
Genians logo
Editors' picks
Latest in Cyberattacks
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.