Cambodia Targets Cybercriminals, Traditional Security Insufficient, AI Against Phishing – Cybersecurity News [March 09, 2026]

Last week’s cyber incidents revolved mainly around stepping up the security setups to combat cyber mishaps. Cambodia has recently approved a draft to tackle cybercrime syndicates. Advanced phishing scams are forcing organizations to amp up their security systems. Smartphone users are relying on AI to keep cyber scams at bay. 

Meanwhile, experts discovered a vulnerability in the corporate-favorite tool Microsoft Copilot. 

Cambodia charting out new laws to nab cybercrooks!

A multi-billion-dollar cyber scam industry has been running in Cambodia. The scammers target innocent users, trapping them in cryptocurrency investments and fake online dating scams.

To curb cyberattacks, the government of Cambodia has approved a draft that allows stringent punishments against cybercrooks.

The cyberscam industry in Cambodia has almost reached “industrial proportions.” Experts at the UN Office on Drugs and Crime believe that the scammers make as much as $64 billion. This crime syndicate also includes those people who have been coerced into carrying out scams. They are the victims of human trafficking and are forced to scam innocent people across the globe. 

The draft was approved by the Cabinet to crack down on transnational cyberscam operations. The draft will soon be sent to the Parliament to “eliminate online scams from Cambodian territory.” The approval of the draft sends a strong message to the cyberscammers that Cambodia has never been a safe haven for threat actors.

Traditional security systems insufficient for tackling sophisticated phishing attacks

Phishing emails are no longer replete with poor English and grammatical mistakes. Today, these malicious emails appear authentic and polished thanks to artificial intelligence. The PhaaS, or Phishing-as-a-Service, industry has evolved over time to offer platforms and phishing kits to cybercriminals. Threat actors with little or no skills can take advantage of these phishing kits and carry out malicious campaigns effortlessly.

These phishing kits come equipped with ready-to-use attack platforms. Even inexperienced cybercrooks can conveniently automate email delivery, harvest sensitive data, and evade security setups with the help of PhaaS. 

The sophistication level has not only made the phishing emails look more credible, but they also enabled the threat actors to bypass conventional security measures. Multi-factor authentication is no longer adequate to prevent threat attempts. Scammers are using different tactics like CAPTCHA abuse, URL obfuscation, and malicious QR codes.

Enterprises with traditional security tools are completely vulnerable to the modern threat environment. That’s why an increasing number of organizations have started embracing a proactive approach. They are adapting to a system that blends persistent monitoring, anti-phishing MFA, high-end email security setups, and detailed behavioral evaluation. Experts also recommend that enterprises conduct regular employee training that focuses on modern, sophisticated tactics.

Can AI safeguard users from smartphone-based phishing scams?

Smartphone users are highly vulnerable to smartphone-oriented phishing attacks. A report by the Omdia Mobile Device Security Consumer Survey states that 27% of smartphone users fall prey to phishing attacks. 

Smartphone manufacturers are heavily relying on AI technology to curb phishing attacks. For example, Google has introduced an on-device scam protection feature that enables users to detect malicious voice calls and text messages in real-time. 

Experts believe that AI-based security features are not foolproof, yet they play a crucial role in preventing scam attacks to a great extent. AI enthusiasts believe that AI security features will improve with time and will safeguard smartphone users from high-end phishing scams.

But experts are also worried that cyberscams are becoming more advanced with the help of AI. 

The scam detection feature by Google is currently available across 27 nations. The feature requires user permission to run in the background all the time. 

Microsoft Copilot flaws make Teams Summaries and Emails vulnerable to phishing attacks!

AI tools like Microsoft Copilot have changed the way corporate employees communicate. Copilot helps users to obtain the gist of long emails, evaluate conversations, and extract key pointers. 

While these security features help boost productivity among employees, they also enable cybercrooks to carry out sophisticated phishing attacks. Cybersecurity experts have recently discovered a Microsoft Copilot vulnerability that allows phishing actors to misuse the message and email summarization features.

The threat actors use a technique called Cross Prompt Injection Attack or XPIA to manipulate AI into following malicious instructions, which otherwise stay invisible to a common user.

Experts recommend enabling Safe Links and strict web filtering policies to restrict connections from unknown or suspicious domains. Advanced email filtering can also help in eliminating any kind of hidden HTML or CSS blocks. Employees should be trained on malicious AI-generated summaries. 

AI integration into workplace communication platforms does make work easier, but they also increase attack surfaces.