Navigating AI-driven Cyber Threats

October is Cybersecurity Awareness Month, a good time to pause and reflect on evolving cyber threats to ensure ongoing resilience and security.

“Cybercriminal groups are rapidly increasing their capabilities,” said Dominic Keller, QBE Global Head of Cyber Services. “Organizations should be proactive and engaged as they mitigate fast-moving cyber threats.”

A chief concern is increasingly sophisticated social engineering methods using artificial intelligence (AI) to execute sophisticated business email compromise (BEC) attacks. Highly personalized and convincing phishing emails that can evade traditional anti-phishing security measures are being deployed to successfully impersonate senior executives.

In a recent BEC incident that included extremely realistic deepfake videos, audio, and images, a finance employee at a company in Hong Kong was duped by a deepfake of the firm’s Chief Financial Officer requesting a confidential transfer of nearly $25 million.

“The human element is the primary vulnerability in social engineering attacks, and AI’s ability to generate convincing interactions elevates this threat and can bypass more conventional security measures,” said Jack Tolliday, QBE Threat Intelligence Specialist.

The growing use of AI in voice-calling phishing scams is another rising concern. “AI can rapidly analyze the sentiment of the person on the phone to generate responses. It’s getting much harder to tell what is AI-generated and what is real,” Tolliday said.

Threat actors are also using AI to rapidly expand their operations, enabling them to target a larger number of victims simultaneously than with traditional manual methods. Generative AI, for instance, can create convincing phishing emails in a fraction of the time it would take a human, accelerating attack campaigns.

Additional detection and response capabilities need to supplement existing measures to make it harder for cybercriminals to achieve their objections. Many threat actors are now highly capable and possess substantial resources, said Tolliday. “They know the ins and outs of corporate environments, quickly grasp the limitations in the most recent security tools, and leverage the latest techniques to exploit these vulnerabilities,” he said. “Companies are in a tight race to keep up.”

Below are four high-level recommendations to consider when taking steps to mitigate AI-enabled cyber threats:

• Reduce the Opportunity: Try to limit the amount of publicly available personal content on the internet that can be used to train AI models and craft deepfake content. Also consider alternatives to using audio-based authentication technology, given attackers’ ability to generate deepfake audio from public content.
• Deepfake Detection: Educate users on the telltale signs of deepfake content, such as unnatural facial movements, voice anomalies, and synchronization issues. Also consider the use of cybersecurity solutions that use specialized algorithms to detect these video and audio inconsistencies.
• AI attack simulation: Simulate AI-based phishing attacks to test the susceptibility of users to AI-generated content and identify other vulnerabilities in the organization’s defenses.
• Behavioral Analytics: Consider using AI tools to determine baselines of normal user and network behaviors. Once the patterns are established, machine learning algorithms can continuously monitor for unusual or significant deviations from the norms. AI models trained with Advanced Natural Language Processing can also identify manipulated language and inconsistencies.

“AI has undoubtedly changed the threat landscape in terms of capabilities,” said Keller. “Even with the best security tools in place, when a change in cybercriminal techniques occurs, organizations should proactively amend and adjust their   tactics accordingly.”

QBE makes no warranty, representation, or guarantee regarding the information herein or the suitability of these suggestions or information for any particular purpose. QBE hereby disclaims any and all liability concerning the information contained herein and the suggestions herein made. Moreover, it cannot be assumed that every acceptable risk transfer procedure is contained herein or that unusual or abnormal circumstances may not warrant or require further or additional risk transfer policies and/or procedures. The use of any of the information or suggestions described herein does not amend, modify, or supplement any insurance policy. Consult the actual policy or your agent for details about your coverage. QBE and the links logo are registered service marks of QBE Insurance Group Limited. © 2025 QBE Holdings, Inc.