As artificial intelligence becomes a bigger part of daily business operations, cybersecurity experts are warning that attackers are shifting their focus from software vulnerabilities to human behaviour. Recent advisories from major technology companies reveal that cybercriminals are adapting traditional scams to exploit growing AI adoption across workplaces.
The reports highlight how attackers are using the popularity of AI tools as a social engineering tactic. Cybercriminals have been impersonating well-known AI platforms, including ChatGPT, Copilot, DeepSeek, and Claude, to spread malware, steal credentials, and carry out financial fraud.
Researchers noted that while the branding may be new, the methods remain familiar. Attackers continue to rely on urgency-based messages, trusted services, phishing campaigns, and redirection techniques to trick users into revealing sensitive information.
The findings also show the rise of Adversary-in-the-Middle (AITM) attacks, QR code phishing campaigns, AI-powered investment scams, and the misuse of trusted cloud platforms. Global fraud losses are estimated to reach nearly $580 billion in 2025, highlighting the growing scale of cybercrime.
One notable trend is the increasing use of AI-themed scams. Fake subscription renewal emails, fraudulent repositories, and cryptocurrency schemes disguised as AI investment opportunities are becoming more common. These attacks are designed to take advantage of user trust in emerging technologies.
Security experts believe the threat landscape is changing rapidly. According to industry research, AI-enhanced phishing, deepfakes, voice cloning, and impersonation attacks are among the biggest concerns for enterprises, with 58% of organisations identifying them as a major risk.
Analysts say the attack surface is no longer limited to technology systems. Instead, cybercriminals are targeting how employees think, trust, and interact with AI-powered tools and digital services.
Experts also warn that “Shadow AI” presents a different challenge from traditional Shadow IT. While Shadow IT was primarily a visibility issue, Shadow AI focuses on exploiting trust through embedded AI features in software, browser extensions, copilots, and productivity tools.
Cybersecurity leaders are encouraging organisations to build long-term resilience rather than react to individual incidents. As AI-driven scams become more sophisticated, businesses are being urged to strengthen employee awareness, improve security practices, and prepare for an evolving threat environment where trust itself has become a primary target.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.