AI-driven phishing scams exploded last year. The trend continues in 2025

A new report from Menlo Security (PDF) shows a 140 percent increase in browser-based phishing attacks over the past year, as well as a 130 percent increase in zero-hour phishing attacks (i.e., novel attacks that are undetectable to existing detection tools). There are several reasons for this explosive growth: our reliance on the browser in the workplace, zero-day vulnerabilities, advanced phishing tools, and increasing adoption of generative AI. Criminals are now using AI to create credible phishing websites, trick users with fake AI services, and automate targeted attacks. According to security strategist Andrew Harding, advanced social engineering is being combined with "Phishing-as-a-Service" kits and zero-day vulnerabilities. All signs point to this trend accelerating in 2025.