The cybersecurity landscape is witnessing a new arms race, with artificial intelligence (AI) playing a central role in the tactics used by attackers. These AI-powered cyberattacks are becoming more sophisticated, personalized, and challenging to detect, according to the recent findings in SoSafe’s Cybercrime Trends 2025 report. The statistics are alarming, as 87% of global organizations have reported facing AI-powered cyber threats in the past year, indicating a rapid escalation in the threat landscape.
Andrew Rose, the Chief Security Officer at SoSafe, emphasized the impact of AI on cyberattacks, stating that organizations are becoming increasingly vulnerable due to the evolving nature of these threats. While businesses are becoming more aware of the potential risks, there is still a lack of confidence in their ability to identify and respond effectively to these attacks.
The traditional methods of cyberattacks, such as phishing emails, are being replaced by a new era of multichannel attacks that leverage AI technologies. Financial institutions, in particular, have been targeted using a combination of deepfake voice calls, AI-generated video messages, and social engineering tactics across various communication platforms. The report highlights that 95% of cybersecurity professionals have witnessed a surge in these sophisticated multichannel attacks in the past two years.
A recent incident involving an AI-powered assault on the CEO of WWP exemplifies the effectiveness of these new tactics. The attackers used WhatsApp for initial contact, Microsoft Teams for further interaction, and concluded the attack with a deepfake voice call to extract sensitive financial information successfully. This multi-channel approach allows cybercriminals to create more convincing and legitimate communication patterns, making it challenging for organizations to identify and thwart such attacks.
While AI is being utilized by attackers to enhance the efficiency of their operations, it also poses a double-edged sword for organizations. The adoption of AI-driven tools within businesses can inadvertently create new vulnerabilities that cybercriminals can exploit. For instance, AI chatbots intended to assist employees can be manipulated by attackers to gather sensitive data and valuable corporate insights, as highlighted by Rose.
Despite the potential risks associated with AI technologies, many organizations have yet to implement adequate controls to mitigate these threats. The financial sector, which heavily relies on AI for forecasting, risk analysis, and fraud detection, must remain vigilant in safeguarding against AI-powered attacks.
In response to the evolving cyber threats, organizations are advised to prioritize cybersecurity resilience by incorporating AI security into their risk management processes, investing in multichannel threat detection tools, training employees on AI threats, and reassessing third-party risks. These proactive measures are crucial in enhancing the overall cybersecurity posture of organizations and mitigating the impact of AI-driven attacks.
As the CEO of SoSafe, Niklas Hellemann, emphasizes, AI remains a valuable ally in defending against cyber threats. However, the effectiveness of AI-driven security measures ultimately depends on the awareness and vigilance of employees. It is essential for organizations to invest in cybersecurity awareness programs to equip their teams with the knowledge and skills needed to identify and respond to AI-driven threats effectively. Ultimately, a combination of advanced technology and informed personnel is key to combating the ever-evolving cyber threats in the digital landscape.