Skip to main content
Enterprise AI Analysis: Phishing Attacks in the Age of Generative Artificial Intelligence: A Systematic Review of Human Factors

GENERATIVE AI RESEARCH ANALYSIS

Phishing Attacks in the Age of Generative Artificial Intelligence: A Systematic Review of Human Factors

This systematic review analyzes the growing threat of phishing attacks, particularly with the advent of Generative AI (GenAI). It highlights how cybercriminals exploit human vulnerabilities, such as lack of training, cognitive biases (System 1 thinking, authority bias), and external influences (workplace culture). GenAI significantly escalates these risks by enabling highly personalized, sophisticated attacks (deepfakes, voice mimicry, tailored messages) that bypass traditional defenses. The paper proposes human-centered solutions like advanced interactive training programs and technological countermeasures including AI/ML-driven detection systems and Explainable AI for transparency. The research emphasizes a holistic approach to cybersecurity, combining technological advancements with a deep understanding of human factors to build secure digital interactions against evolving AI-powered threats.

Key Takeaways:

  • GenAI significantly amplifies phishing attack sophistication and personalization.
  • Human factors (bias, neglect, lack of training) are critical vulnerabilities exploited by attackers.
  • Traditional cybersecurity training is often insufficient against GenAI-driven attacks.
  • Holistic solutions require combining advanced AI/ML defense with human-centered strategies.
  • Understanding cognitive biases and external influences is key to effective countermeasures.
Schedule Your Strategy Session

Key Enterprise Impact Metrics

0 Financial Losses (AUD) in Jan 2025

Source: Australian Government's scam watcher

0 Cybercrime Reports (AUD) in 2023-2024

Source: Australian Signals Directorate (ASD)

0 UK Businesses Affected by Phishing

Source: UK Government Cybersecurity Breaches Survey, 2024

Deep Analysis & Enterprise Applications

Select a topic to dive deeper, then explore the specific findings from the research, rebuilt as interactive, enterprise-focused modules.

Human Factors in Phishing

This section delves into the intrinsic human vulnerabilities that attackers exploit, including psychological traits, cognitive biases, and lack of awareness, as identified in Section 4.1.

GenAI's Role in Attacks

Explores how Generative AI transforms phishing, making attacks more sophisticated, personalized, and difficult to detect, as detailed in Section 4.2.

Solutions & Countermeasures

Presents a dual approach of human-centred and technology-driven solutions to combat advanced phishing threats, as discussed in Section 4.3.

472% Increase in Financial Losses 2021-2022 due to Phishing (Australia)

Holistic View of Human Behavior Factors

Character
Personality
Experience
Biological
Organizational Culture
Social Norm
Training
System Design
Unforeseen Incidents

Traditional vs. AI-Driven Phishing Attacks
Aspect Traditional Phishing AI-Driven Phishing
Message Quality
  • Generic
  • Grammatical errors
  • Mimics real-life communication
  • No errors
Personalization
  • Broad targeting
  • No personalization
  • Carefully crafted
  • Personalized messages
Scale
  • Manual
  • Limited scalability
  • High-volume generation
  • Automation
Targeting Approach
  • Indiscriminately large audience
  • Strategic targeting based on AI-driven analysis
Attack Vectors
  • Multi-channel
  • Primary: email
  • Multi-channel
  • Deploying AI technology
Detection Challenges
  • Easier to detect (grammar/typing errors)
  • Harder to detect
  • Overcoming traditional controls

The PEST (Phishing Email Suspicion Test)

The Phishing Email Suspicion Test (PEST) is a lab-based task evaluating cognitive mechanisms of phishing detection (Hakim et al., 2021). It helps identify how individuals react to phishing attempts and provides insights into factors like digital literacy, critical thinking, and emotional reactivity. Its findings are crucial for developing targeted training programs.

Advanced ROI Calculator

Estimate the potential annual time and cost savings by implementing AI-powered cybersecurity solutions within your organization.

Estimated Annual Savings $0
Hours Reclaimed Annually 0

Implementation Roadmap

A phased approach to integrating advanced AI cybersecurity, ensuring a smooth transition and maximum impact.

Phase 1: Current State Assessment & Strategy

Conduct a comprehensive audit of existing cybersecurity measures, identify human factor vulnerabilities, and define an AI-driven security strategy tailored to your organization.

Phase 2: Pilot AI Solution & Training Development

Implement a pilot AI/ML-driven detection system. Develop interactive, GenAI-aware cybersecurity training modules focusing on cognitive biases and advanced phishing recognition.

Phase 3: Full-Scale Deployment & Continuous Improvement

Roll out AI defence systems across the enterprise. Establish a continuous feedback loop for training, threat intelligence, and AI model refinement against evolving GenAI attack vectors.

Ready to Transform Your Cybersecurity Posture?

Book a personalized strategy session with our AI specialists to explore how these insights can be tailored to your organization's unique needs and challenges.

Discuss Your Implementation

Ready to Get Started?

Book Your Free Consultation.

Let's Discuss Your AI Strategy!

Lets Discuss Your Needs


AI Consultation Booking

Big Competitive Advantage With Ai

Learn More

Our Demos

Research Center

Contact Us

1 888 985 3025

Solutions@OwnYourAi.com

Get Your Ai

Own You Ai  –  All Rights Reserved  – Terms Of ServicePrivacy Policy