AI Outperformed Elite Red Teams in Creating an Effective Spear Phishing Attack

By March 2025, their AI spear phishing agent (codenamed JKR) achieved a 23.8% higher success rate than human red teams across all user skill levels. Prompt Engineering for Task Execution: For novel attacks, JKR uses instructions like:- “Generate a plausible phishing email targeting a Financial Analyst in Germany. AI-powered spear phishing agents have surpassed elite human red teams in crafting socially engineered attacks as recently revealed. The findings underscore the rapid evolution of generative AI tools, which now produce hyper-personalized phishing campaigns at scale, leveraging contextual data such as a target’s job role, geographic location, and behavioral patterns. While only 0.7–4.7% of phishing emails bypassing email filters in 2024 were AI-generated, Hoxhunt analysts warn that the sophistication of these attacks is accelerating. However, the researchers emphasize that defense must now mirror offense as the security teams should deploy “white-hat” AI agents to simulate advanced threats and identify vulnerable user groups. Hoxhunt researchers noted that AI’s dominance stems from its ability to analyze vast datasets of user interactions and optimize phishing lures in real time. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. This adaptability has rendered traditional compliance-based security awareness training obsolete, forcing organizations to adopt adaptive human risk management platforms. At the core of JKR’s effectiveness is its dual-task architecture, which combines novel phishing creation and human-authored attack enhancement. Avoid technical jargon.” For attack enhancement, it receives human-drafted emails and iteratively improves them:- “Revise the following email to increase perceived legitimacy. Unlike static human-authored templates, AI agents like JKR employ multi-stage reasoning, they first gather contextual clues about a target, then generate persuasive narratives, and finally test variations to maximize click-through rates. The system feeds the AI agent data such as a user’s job title (“HR Manager”), company size, and recent security training history. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. AI-generated phishing emails evade traditional signature-based detection by avoiding malware attachments or suspicious links. For example, JKR exploited Microsoft Teams integration in March 2025 campaigns, urging users to “update credentials via SSO” with 98% grammatical accuracy. The rise of AI-driven phishing coincides with a 4,157% increase in global phishing volume since the advent of ChatGPT in late 2022. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. From 2023 to 2025, AI’s effectiveness relative to humans improved by 55%, marking a paradigm shift in both offensive and defensive cybersecurity strategies. This shift is attributed to advances in large language models (LLMs) that enable dynamic attack customization and iterative refinement through automated feedback loops. The agent operates within Hoxhunt’s proprietary engine, which selects targets and deploys simulations hourly across a global cohort of 2.5 million users.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 07 Apr 2025 16:45:07 +0000


Cyber News related to AI Outperformed Elite Red Teams in Creating an Effective Spear Phishing Attack

Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com
AI Outperformed Elite Red Teams in Creating an Effective Spear Phishing Attack - By March 2025, their AI spear phishing agent (codenamed JKR) achieved a 23.8% higher success rate than human red teams across all user skill levels. Prompt Engineering for Task Execution: For novel attacks, JKR uses instructions like:- ...
1 month ago Cybersecuritynews.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
1 year ago Helpnetsecurity.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com
Splunk: AI isn't making spear phishing more effective - Despite increased concerns, AI tools won't give adversaries an advantage when it comes to sending effective phishing emails, according to new research by Splunk's Surge security research team. In a blog post Thursday, Tamara Chacon, security ...
1 year ago Techtarget.com
AI-Powered Phishing Detection - Does It Actually Work? - Unlike traditional methods that rely on identifying known threats, AI-powered systems analyze patterns and behaviors to detect anomalies indicative of phishing attempts. The rise of artificial intelligence (AI) has brought new hope to combating these ...
1 month ago Cybersecuritynews.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com
One Phish, Two Phish, Red Phish, Blue Phish - I sat down for a chat with George Skouroupathis, our phishing expert at Resonance Security. Phishing is often the first step taken by hackers in a larger scam. There are lots of different kinds of phishing attacks, but one of the most prevalent is ...
1 year ago Hackread.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
1 year ago Cyberdefensemagazine.com
Why Red Teams Can't Answer Defenders' Most Important Questions - Red teaming is useful for plenty of other things, but it's the wrong protocol for answering this specific question about defense efficacy. By their nature, they only test a few specific variants of a few possible attack techniques that an adversary ...
1 year ago Darkreading.com
Phishing kits now vet victims in real-time before stealing credentials - Even if they were allowed to use the real target's address, the analysts comment that some campaigns go a step further, sending a validation code or link to the victim's inbox after they enter a valid email on the phishing page. However, with this ...
1 month ago Bleepingcomputer.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
1 year ago Hackread.com
Survey Surfaces Wasted Efforts Collecting Cybersecurity Data - A survey of 500 full-time security decision-makers and practitioners published today found that security teams are wasting time and resources normalizing data to store and analyze it in a separate platform instead of relying on the same data IT teams ...
1 year ago Securityboulevard.com
Redefining Cybersecurity for a Comprehensive Security Posture - Cybersecurity is the practice of securing businesses' infrastructure and endpoints from unauthorized access. Multiple teams within an organization lead different aspects of cybersecurity. From Web application firewall to application programming ...
1 year ago Darkreading.com
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
1 year ago Darkreading.com
CVE-2021-38691 - A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the ...
3 years ago
CVE-2021-38690 - A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the ...
3 years ago
CVE-2021-38689 - A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the ...
3 years ago
CVE-2021-38682 - A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the ...
3 years ago
CVE-2021-38692 - A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the ...
3 years ago
Trellix Unveils New Phishing Simulator to Proactively Identify & Mitigate Phishing Attacks - The Phishing Simulator serves as a companion to Trellix Email Security – Cloud, offering security administrators a robust toolkit for crafting authentic phishing scenarios, delivering personalized training, and tracking employee progress. ...
4 weeks ago Cybersecuritynews.com
Spotting Phishing Attacks with Image Verification Techniques - Phishing refers to the tactic used by scammers who impersonate reputable brands and lure victims to click on suspicious links so that they can breach the privacy and sensitive data of individuals. You can call image-based phishing a relatively ...
1 month ago Cybersecuritynews.com
Hacker Conversations: Stephanie 'Snow' Carruthers, Chief People Hacker at IBM X-Force Red - Social engineering is effectively hacking human thought processes. Social engineering is a major factor in the overall process but is not directly part of repurposing electronic systems. A social engineer is usually classified as a hacker, and is ...
1 year ago Securityweek.com
How to Integrate Security into Agile Dev Teams - By demonstrating persistent attention to security culture, practices, and outcomes, leaders signal that security integration is not a temporary initiative but a fundamental and permanent aspect of how agile teams operate and deliver value to ...
1 month ago Cybersecuritynews.com
Star Blizzard increases sophistication and evasion in ongoing attacks - Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard. Star Blizzard has improved their detection evasion capabilities since 2022 while remaining ...
1 year ago Microsoft.com