Cybercriminals are increasingly using artificial intelligence to make phishing attacks more convincing and harder to detect.
A new report by Barracuda Networks warns that AI-powered social engineering and phishing-as-a-service platforms are fueling a sharp rise in malicious email campaigns targeting businesses globally.
According to the latest research from Barracuda Networks, attackers are now using AI tools and ready-made phishing kits to scale credential theft operations more effectively than ever before.
The report highlights how cybercriminals are moving away from traditional file-based malware attacks and increasingly relying on URL-based delivery methods to trick victims into revealing sensitive information.
Researchers also observed a growing trend of embedding QR codes inside trusted document formats such as PDFs, allowing attackers to disguise malicious links and bypass security filters.
Billions of emails analysed
The findings are based on global telemetry data collected in January 2026.
Researchers analyzed more than 3.1 billion emails, including spam, phishing attempts, and other malicious messages, to understand the evolving threat landscape.
Among the report’s key findings:
One in three emails was identified as malicious or unwanted spam.
Around 48 percent of malicious email activity involved phishing attacks.
Nearly 90 percent of high-volume phishing campaigns used phishing-as-a-service kits.
Account takeovers continue to rise
The report also revealed growing concerns around account compromise incidents.
According to the analysis, 34 percent of companies experience at least one account takeover attack every month.
Researchers further found that more than 10 percent of HTML attachments were malicious, while 70 percent of harmful PDF files contained QR codes redirecting users to phishing websites.
Commenting on the findings, Merium Khalid, Director of SOC Offensive Security in the Office of the CTO at Barracuda Networks, said email has become a major battleground for identity and business security.
“Email is no longer just a communication channel — it’s the front line of identity, trust and business continuity,” she said.
Khalid warned that cybercriminals are industrializing phishing attacks using AI and subscription-based phishing tools, making it essential for organizations to modernize their defenses.
She emphasized the importance of integrated email security, identity protection, rapid threat detection, and automated incident response systems to reduce risks and limit the impact of account compromise.
The report points to a broader evolution in phishing methods.
Instead of relying heavily on downloadable malware files, attackers are increasingly using deceptive URLs, QR codes, and social engineering techniques designed to exploit human trust.
Security experts say this shift makes phishing attacks more difficult to identify through traditional antivirus systems, especially as AI-generated messages become more realistic and personalized.
