Cybersecurity has long focused on zero-days and software exploits. Yet, it is the human element that remains the most consistent point of entry for modern breaches. With AI integration, phishing is no longer defined by poor grammar or generic mass-mailing. It has become hyper-personalised, context-aware, and scalable to an unprecedented degree.
In 2025, India recorded over 265 million cyberthreats across 8 million endpoints. The most insidious threats bypass technical defences entirely by manipulating human trust. We are entering an era of cognitive intrusions, where attackers use AI to automate reconnaissance, construct digital twins of known contacts, and execute scams virtually indistinguishable from legitimate interactions.
AI-driven honey traps and hyper-personalised scams rise
The rise of digital honey traps targeting defence and other sensitive sectors perfectly illustrates this evolution. Attackers are increasingly using AI to generate realistic profiles, build emotional connections over time, and extract information, with no malware required. Hyper-personalised phishing thrives on data exposure. Scams impersonating government services, such as the “NextGen mParivahan” malware or high-security registration plate (HSRP) frauds, succeed because they deploy previously leaked vehicle numbers, addresses, and violation codes.
India’s Digital Personal Data Protection (DPDP) Act must therefore be treated not merely as a compliance mandate, but as a critical security control. Robust data discovery, classification, and access governance directly degrade the quality and effectiveness of AI-driven social engineering.
AI pushes security towards behavioural analytics
As AI lowers the barrier to entry for sophisticated deception, our defensive strategies must shift from reactive scanning to predictive intelligence. Traditional signature-based detection cannot stop a perfectly crafted, AI-generated spear-phishing email. Defence must pivot to behaviour. AI-powered security technologies apply predictive behavioural analytics to surface anomalous patterns in user interactions and correlate seemingly benign actions across endpoints, networks, and identities to flag compromised sessions before damage occurs.
A critical and often overlooked dimension of phishing prevention is understanding which identities are already exposed before an attack is even launched. Digital risk protection services (DRPS) address this gap by continuously monitoring the open web, dark web, and data breach repositories for leaked credentials, exposed email addresses, and compromised employee or executive profiles. In an environment where identity is the new perimeter, knowing which identities are already in the crosshairs is the earliest possible line of defence.
Furthermore, there is an urgent need for organisations to embrace Zero Trust principles. The era of AI-driven social engineering demands a fundamental shift in how we approach security. We can no longer rely solely on user awareness training to spot perfectly synthesised deceptions. There is an urgent need for architect systems that anticipate human error, restrict data exposure through rigorous privacy engineering, and deploy predictive AI defences to outmaneuver the adversaries.
The writer is joint MD, Quick Heal Technologies.
Disclaimer: The views expressed are the author’s own and do not reflect the official policy or position of Financial Express.