AI-Enabled Phishing, Deepfakes, and Social Engineering: Emerging Threats and Countermeasure Strategies
DOI:
https://doi.org/10.63282/3050-9416.IJAIBDCMS-V7I2P130Keywords:
Artificial Intelligence, Generative AI, Phishing, Deepfakes, Social Engineering, Cybersecurity, Machine Learning, Cyber DefenseAbstract
Generative artificial intelligence has introduced a new phase in the evolution of cyber deception, particularly in phishing, deepfake impersonation, and social engineering attacks. Traditional phishing campaigns often depended on poorly written emails, generic fraudulent messages, and visible technical weaknesses that users and security systems could detect with reasonable accuracy. However, the emergence of advanced language models, synthetic media tools, and automated content generation has changed this pattern. Attackers can now create highly personalized phishing emails, realistic fake identities, cloned voices, manipulated videos, and convin cing social engineering messages that imitate trusted individuals, organizations, and communication styles. This shift has made cyberattacks more scalable, persuasive, and difficult to identify, especially when human trust and organizational routines are exploited. This article reviews emerging AI-enabled cyber threats with specific attention to phishing, deepfakes, and social engineering. It examines how generative AI supports the production of realistic scam messages, fake websites, synthetic profiles, deepfake audio and video, and targeted deception campaigns. Existing studies show that AI-driven social engineering increases the quality, speed, and personalization of attacks, making it harder for users to distinguish between legitimate and fraudulent communication (Schmitt & Flechais, 2024; Jabir et al., 2025). The article also discusses how deepfake technologies create new cybersecurity risks by enabling impersonation, fraud, misinformation, and identity abuse. These risks are particularly serious in organizational environments where attackers may imitate executives, employees, vendors, customers, or public figures to manipulate decision-making and gain unauthorized access (Mirsky & Lee, 2021). In addition, the article evaluates current detection and prevention methods, including machine learning-based phishing detection, deep learning models, transformer-based email analysis, URL classification, multimedia forensics, and deepfake detection techniques. Machine learning and artificial intelligence have become important tools for identifying suspicious patterns in emails, websites, messages, images, audio, and videos. However, these methods still face limitations, including dataset bias, model generalization challenges, adversarial manipulation, and the rapid improvement of AI-generated deceptive content (Gupta et al., 2023; Jaffal et al., 2025). The article therefore argues that technical detection alone is not enough to address AI-enabled deception. The study proposes a multi-layered countermeasure strategy for organizations. This strategy combines automated detection systems, deepfake forensic analysis, identity verification, multi-factor authentication, human-centered cybersecurity awareness, incident reporting procedures, and AI governance policies. It emphasizes that employees remain a critical point of defense because many AI-enabled attacks rely on psychological manipulation rather than purely technical intrusion. Organizations must therefore strengthen both technological and human defenses by improving training, verification culture, access control, and responsible AI management. Overall, the article concludes that AI-enabled phishing, deepfakes, and social engineering represent a growing cybersecurity challenge that requires integrated, adaptive, and governance-driven defense strategies.
References
1. Schmitt, M., & Flechais, I. (2024). Digital deception: Generative artificial intelligence in social engineering and phishing. Artificial Intelligence Review, 57(12), 324.
2. Jabir, R., Le, J., & Nguyen, C. (2025). Phishing attacks in the age of generative artificial intelligence: A systematic review of human factors. AI, 6(8), 174.
3. KOTA, S. K. (2022). A Real-World Deployment of an Enterprise Conversational AI Platform for Demand Generation and Lead Generation Using Guided Workflows with a Rasa-Based Chatbot. Frontiers in Computer Science and Artificial Intelligence, 1(1), 24-30.
4. Safi, A., & Singh, S. (2023). A systematic literature review on phishing website detection techniques. Journal of King Saud University-Computer and Information Sciences, 35(2), 590-611.
5. Kavya, S., & Sumathi, D. (2024). Staying ahead of phishers: a review of recent advances and emerging methodologies in phishing detection. Artificial Intelligence Review, 58(2), 50.
6. Marasani, Y. (2025). Explainable AI Frameworks for Patient-Level Claims Data Analytics. J Artif Intell Mach Learn & Data Sci 2025, 8(1), 3382-3390.
7. Vallemoni, R. K. (2022). Authorization-to-settlement at scale: A reference data architecture for ISO 8583/ISO 20022 coexistence. Journal of Computer Science and Technology Studies, 4(1), 88-98.
8. Kyaw, P. H., Gutierrez, J., & Ghobakhlou, A. (2024). A systematic review of deep learning techniques for phishing email detection. Electronics, 13(19), 3823.
9. Wilk-Jakubowski, J. L., Pawlik, L., Wilk-Jakubowski, G., & Sikora, A. (2025). Machine learning and neural networks for phishing detection: A systematic review (2017–2024). Electronics, 14(18), 3744.
10. Hu, Y., Li, S., Xue, W., Zhao, Y., & Wen, Y. (2024). CarePlus: A general framework for hardware performance counter based malware detection under system resource competition. Computers & Security, 143, 103884.
11. Meléndez, R., Ptaszynski, M., & Masui, F. (2024). Comparative investigation of traditional machine-learning models and transformer models for phishing email detection. Electronics, 13(24), 4877.
12. Alhuzali, A., Alloqmani, A., Aljabri, M., & Alharbi, F. (2025). In-depth analysis of phishing email detection: Evaluating the performance of machine learning and deep learning models across multiple datasets. Applied Sciences, 15(6), 3396.
13. Altwaijry, N., Al-Turaiki, I., Alotaibi, R., & Alakeel, F. (2024). Advancing phishing email detection: A comparative study of deep learning models. Sensors, 24(7), 2077.
14. Haq, Q. E. U., Faheem, M. H., & Ahmad, I. (2024). Detecting phishing URLs based on a deep learning approach to prevent cyber-attacks. Applied Sciences, 14(22), 10086.
15. Mahmud, T., Prince, M. A. H., Ali, M. H., Hossain, M. S., & Andersson, K. (2024). Enhancing cybersecurity: Hybrid deep learning approaches to smishing attack detection. Systems, 12(11), 490.
16. Cavallo, D. M., Chiavola, O., Palmieri, F., Mancaruso, E., & Vaglieco, B. M. (2023). Experimental study on the effect of loading and regeneration for an optimized management of the DPF. Results in Engineering, 18, 101048.
17. ALAMPALLY, J. (2024). Enhancing data quality and trust in AI systems through robust data engineering. Frontiers in Computer Science and Artificial Intelligence, 3(1), 120-130.
18. Gong, Z., Chen, S., Dai, Q., Feng, Y., & Zhang, J. (2024). FLRF: Federated recommendation optimization for long-tail data distribution. Array, 24, 100371.
19. Rehman, H. M. R. U., Liaquat, S., Gul, M. J., Jhandir, M. Z., Gavilanes, D., Vergara, M. M., & Ashraf, I. (2025). A systematic literature study of machine learning techniques based intrusion detection: datasets, models, challenges, and future directions. Journal of Big Data, 12(1), 264.
20. Vallemoni, R. K. (2022). Canonical payment data models for merchant acquiring: Merchants, terminals, transactions, fees, and chargebacks. International Journal of Computer Science and Engineering (ISCSITR-IJCSE), 3(1), 42-66.
21. Mirsky, Y., & Lee, W. (2021). The creation and detection of deepfakes: A survey. ACM computing surveys (CSUR), 54(1), 1-41.
22. Tolosana, R., Vera-Rodriguez, R., Fierrez, J., Morales, A., & Ortega-Garcia, J. (2020). Deepfakes and beyond: A survey of face manipulation and fake detection. Information fusion, 64, 131-148.
23. Nagraj, A. (2022). Modernizing Legacy Banking Systems: Migration Strategies and Cost Optimization in Financial Enterprises. Frontiers in Computer Science and Artificial Intelligence, 1(1), 43-52.
24. Verdoliva, L. (2020). Media forensics and deepfakes: an overview. IEEE journal of selected topics in signal processing, 14(5), 910-932.
25. Wang, T., Liao, X., Chow, K. P., Lin, X., & Wang, Y. (2024). Deepfake detection: A comprehensive survey from the reliability perspective. ACM Computing Surveys, 57(3), 1-35.
26. MARASANI, Y. (2024). Enterprise Readiness for Generative AI: The Critical Role of Data Engineering. Frontiers in Computer Science and Artificial Intelligence, 3(2), 59-71.
27. Khan, A. A., Laghari, A. A., Inam, S. A., Ullah, S., Shahzad, M., & Syed, D. (2025). A survey on multimedia-enabled deepfake detection: state-of-the-art tools and techniques, emerging trends, current challenges & limitations, and future directions. Discover Computing, 28(1), 48.
28. Okenyi, M., Ataguba, G., Henry, K. C., Anukem, S., & Orji, R. (2025). Going vegan with ChatGPT: Towards designing LLMs for personalized lifestyle changes. Machine Learning with Applications, 20, 100659.
29. Monaghan, P. G., VanNostrand, M., Takla, T. N., & Fritz, N. E. (2025). Predicting real-world physical activity in multiple sclerosis: an integrated approach using clinical, sensor-based, and self-reported measures. Sensors, 25(6), 1780.
30. Westerlund, M. (2019). The emergence of deepfake technology: A review. Technology innovation management review, 9(11).
31. Li, Y., Yang, X., Sun, P., Qi, H., & Lyu, S. (2020). Celeb-df: A large-scale challenging dataset for deepfake forensics. In Proceedings of the IEEE/CVF conference on computer vision and pattern recognition (pp. 3207-3216).
32. Dolhansky, B., Bitton, J., Pflaum, B., Lu, J., Howes, R., Wang, M., & Ferrer, C. C. (2020). The deepfake detection challenge (dfdc) dataset. arXiv preprint arXiv:2006.07397.
33. Gupta, M., Akiri, C., Aryal, K., Parker, E., & Praharaj, L. (2023). From chatgpt to threatgpt: Impact of generative ai in cybersecurity and privacy. IEEE access, 11, 80218-80245.
34. Sai, S., Yashvardhan, U., Chamola, V., & Sikdar, B. (2024). Generative AI for cyber security: Analyzing the potential of ChatGPT, DALL-E, and other models for enhancing the security space. IEEE access, 12, 53497-53516.
35. Mothanna, Y., ElMedany, W., Hammad, M., Ksantini, R., & Sharif, M. S. (2024). Adopting security practices in software development process: Security testing framework for sustainable smart cities. Computers & Security, 144, 103985.
36. Jada, I., & Mayayise, T. O. (2024). The impact of artificial intelligence on organisational cyber security: An outcome of a systematic literature review. Data and Information Management, 8(2), 100063.
37. Vallemoni, R. K. (2021). Settlement, Fees, and Interchange: Data Models for Accurate Reconciliation and Exception Handling. AL-KINDI CENTER FOR RESEARCH AND DEVELOPMENT.
38. Nagraj, A. (2024). GraphQL in Wealth Management Platforms: Optimizing Data Access and Performance. British Journal of Multidisciplinary Studies, 2(1), 16-24.
39. ALAMPALLY, J. (2024). Real-Time and Near-Real-Time Analytics in Healthcare Data Ecosystems. Journal of Computer Science and Technology Studies, 6(1), 314-324.
40. MARASANI, Y. (2023). Machine Learning Models for Predicting Patient Treatment Switching Using Claims Data. Frontiers in Computer Science and Artificial Intelligence, 2(1), 59-66.
41. Ofusori, L., Bokaba, T., & Mhlongo, S. (2024). Artificial intelligence in cybersecurity: A comprehensive review and future direction. Applied Artificial Intelligence, 38(1), 2439609.
42. Achuthan, K., Ramanathan, S., Srinivas, S., & Raman, R. (2024). Advancing cybersecurity and privacy with artificial intelligence: current trends and future research directions. Frontiers in big data, 7, 1497535.
43. Yigit, Y., Buchanan, W. J., Tehrani, M. G., & Maglaras, L. (2024). Review of generative ai methods in cybersecurity. arXiv preprint arXiv:2403.08701.
44. Jaffal, N. O., Alkhanafseh, M., & Mohaisen, D. (2025). Large language models in cybersecurity: A survey of applications, vulnerabilities, and defense techniques. AI, 6(9), 216.
45. Radanliev, Petar, Omar Santos, and Uchenna Daniel Ani. "Generative AI cybersecurity and resilience." Frontiers in Artificial Intelligence 8 (2025): 1568360.
46. Apruzzese, G., Laskov, P., Montes de Oca, E., Mallouli, W., Brdalo Rapa, L., Grammatopoulos, A. V., & Di Franco, F. (2023). The role of machine learning in cybersecurity. Digital threats: research and practice, 4(1), 1-38.
