Corporate phishing crosses an unprecedented transformation phase. The arrival of generative artificial intelligence (Genai) has allowed cybercounts to multiply the speed and precision of their campaigns. This is revealed by the last analysis of UNIT 42, the threats of intelligence of Palo Alto Networks, which warns of the growing use of these platforms to clone brands, produce persuasive messages and launch massive attacks in a matter of minutes.
Boom in the use of Genai and increased risk surface
The data collected by UNIT 42 show that between April 2024 and April 2025, traffic towards generative AI platforms grew in a sustained way, with outstanding peaks in September 2024 and March 2025. This phenomenon coincides with an increase in websites that integrate artificial intelligence services, which also expands the possible ways of attack.
“We are seeing how AI is not only used to improve corporate processes, but also as a more sophisticated and fast cyber -cyber -cyber threats,” they warn from the company.
What sectors and uses concentrate adoption
The study reflects that the technological sector leads the adoption of Genai with 74%, although penetration begins to extend to areas less exposed so far, such as education (9.1%), telecommunications (5.6%) or legal and professional services (3.1%). This change opens the door to a much broader spectrum of directed attacks.
Corporate phishing is going through an unprecedented transformation phase: the arrival of generative artificial intelligence (Genai) has allowed cybercriminals to multiply the speed and precision of their campaigns
As for applications, writing attendees (31.8%) and multimedia generators (24.5%) lead the uses, followed by data automation (15.8%) and chatbots (13.2%). The problem is that these same tools are also the most exploited by the attackers: fraudulent websites generators already represent 40.4% of the cases detected, while the texts generated by the feed almost 30% of Phishing campaigns.
How to arm the corporate phishing
Palo Alto Networks warns that the reinforcement of the defenses must combine technology, processes and awareness. Among the keys, the advanced filtering of URLs and DNS, the monitoring of the use of Genai platforms in corporate environments and the implementation of clear policies that regulate which artificial intelligence tools can be used in the company and with what protocols and with what protocols.
The training of employees, access management under the principle of minimum privilege and periodic security evaluations complete a decalogue of measures that organizations should apply without delay.
