Cybercriminals are increasingly reshaping familiar social-engineering campaigns around the way employees use AI, with separate advisories from Microsoft and Google documenting how attackers are adapting scams to AI-powered tools, trusted digital services, and changing workplace behavior.
Microsoft Threat Intelligence, in its advisory, said threat actors are “leveraging the wider global interest around AI itself as a social engineering lure,” impersonating platforms such as ChatGPT, Microsoft Copilot, DeepSeek, and Anthropic’s Claude to distribute malware, steal credentials, and commit financial fraud.
Google, in its latest Fraud & Scams Advisory, separately highlighted the evolution of traditional phishing into Adversary-in-the-Middle (AITM) and QR-code phishing attacks while documenting growing abuse of trusted cloud services, AI-driven investment scams, and impersonation campaigns.
While Microsoft’s advisory focuses on AI-branded lures and Google’s examines broader fraud trends, both point to attackers evolving established social-engineering techniques to match the growing role AI plays in everyday enterprise workflows rather than relying solely on technical exploits.
AI lures move into the mainstream
“Threat actors are quick to capitalize on highly anticipated launches or emerging trends, leveraging trusted branding and exploiting user curiosity to improve the success rates of their campaigns,” Microsoft said in the advisory. The company added that despite the AI branding, the campaigns continue to rely on “longstanding tactics” such as urgency-driven messaging, abuse of trusted services, and multi-stage redirection chains.
Microsoft argued that AI-themed campaigns are becoming more than opportunistic attacks. “AI-themed lures reflect a shift in social engineering that is likely to persist as a long-term tactic used by threat actors, from cybercriminal groups to nation states,” the advisory said, citing campaigns that used ChatGPT-themed subscription renewal emails and fake DeepSeek V4 repositories employing stolen branding and search optimization to distribute Vidar Stealer malware.
Google’s advisory reaches a similar conclusion from a different angle.
“Scams continue to be a persistent global challenge, fueled by sophisticated transnational crime groups who seek to exploit people online for financial gain,” the company said, citing estimates that global fraud losses could approach $580 billion in 2025. The advisory describes Calendar Phishing campaigns that abuse trusted cloud productivity suites, AITM attacks that mirror legitimate login experiences, and cryptocurrency scams that persuade victims to execute malicious code under the guise of AI-powered investment guidance.
Rather than introducing entirely new attack techniques, both advisories document cybercriminals adapting familiar phishing, impersonation, and malware campaigns to environments where AI tools and cloud services have become part of everyday work.
Security shifts to the human layer
Security researchers say the findings reflect a broader enterprise challenge as AI becomes embedded across business applications and employee workflows.
“AI-enhanced phishing and impersonation, including deepfakes, voice cloning, and social engineering, ranks as the single most-cited AI-driven threat concerning enterprises today, with 58% of respondents flagging it,” said Sakshi Grover, senior research manager for Cybersecurity Services Research at IDC Asia/Pacific.
“The attack surface has migrated from software stacks to the cognitive and behavioral layer — what employees believe, click on, and act upon when an AI-branded experience tells them to,” Grover said.
Prabhjyot Kaur, senior analyst at Everest Group, said organizations should see the trend as more than another wave of shadow IT.
“Shadow IT was a visibility problem. Shadow AI is a trust exploitation problem,” Kaur said, arguing that AI capabilities increasingly arrive through embedded SaaS features, browser extensions, copilots and productivity platforms that employees adopt as part of routine work.
Building resilience beyond phishing
For enterprise leaders, the challenge increasingly lies in adapting security programs to changing user behavior rather than responding to isolated phishing campaigns, analysts added.
Apeksha Kaushik, senior principal analyst at Gartner, said adversaries are “capitalizing on the credibility of leading AI brands” to make social-engineering campaigns “hyper realistic and convincingly personalized” through deepfakes, impersonation, and disinformation.
“Attackers are adapting to how employees interact with AI, targeting the human layer by manipulating trust and routine behaviors rather than seeking technical exploits,” Kaushik said.
She said organizations should focus on long-term resilience instead of episodic response. “The strategic battle has shifted from blocking individual episodic attacks to managing the environment itself,” Kaushik said, arguing that stopping one deepfake or impersonation attempt offers only a tactical victory if the broader attack ecosystem continues to evolve.