---
title: "3 emerging AI-powered cyber threats and how to stay protected from them in 2025 | DuoCircle"
description: "3 emerging AI-powered cyber threats and how to stay protected from them in 2025."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/email-security/3-ai-powered-cyber-threats-2025-and-how-to-stay-safe/"
---

Quick Answer

Three AI-powered threats stand out in 2025: fake e-commerce sites generated in minutes from prompts, job scams using AI-written listings and AI-driven video interviews to harvest personal data, and tech support scams that combine fake virus pop-ups with bogus support calls. One in 10 adults has fallen for an AI voice-cloning scam, and 77% lost money.

3 emerging AI-powered cyber threats and how to stay protected from them in 2025

Your browser does not support the audio element.

[ Download episode](https://media.mailhop.org/duocircle/images/2025/06/3-emerging-AI-powered-cyber-threats-and-how-to-stay-protected-from-them-in-2025.mp3) 

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Femail-security%2F3-ai-powered-cyber-threats-2025-and-how-to-stay-safe%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=3%20emerging%20AI-powered%20cyber%20threats%20and%20how%20to%20stay%20protected%20from%20them%20in%202025&url=undefined%2Fblog%2Femail-security%2F3-ai-powered-cyber-threats-2025-and-how-to-stay-safe%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Femail-security%2F3-ai-powered-cyber-threats-2025-and-how-to-stay-safe%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Femail-security%2F3-ai-powered-cyber-threats-2025-and-how-to-stay-safe%2F&title=3%20emerging%20AI-powered%20cyber%20threats%20and%20how%20to%20stay%20protected%20from%20them%20in%202025 "Share on Reddit") [ ](mailto:?subject=3%20emerging%20AI-powered%20cyber%20threats%20and%20how%20to%20stay%20protected%20from%20them%20in%202025&body=Check out this article: undefined%2Fblog%2Femail-security%2F3-ai-powered-cyber-threats-2025-and-how-to-stay-safe%2F "Share via Email") 

![emerging AI-powered](https://media.mailhop.org/duocircle/images/2025/06/spf-record-tester-4331.jpg) 

AI has penetrated deep into our lives, both maliciously and benevolently. The situation has worsened to a point where now [one in 10 adults worldwide](https://tech-adv.com/blog/ai-cyber-attack-statistics/#:~:text=There%20were%2019%25%20more%20deepfake,a%202%2C137%25%20increase%20from%202022.) has fallen victim to an [AI-voice cloning scam](https://www.cbsnews.com/news/elder-scams-family-safe-word/), and 77% of them have lost money.

Organizations, governments, and individuals are still navigating ways and policies to stay shielded from this new, double-edged sword. It’s difficult to stay protected because threat actors are way ahead of the curve with their malicious intentions, and policymakers and custodians of [cybersecurity](/) are badly falling behind. With **advanced generative AI tools**, deception has become increasingly feasible for attackers. 

As per a report by Fortinet, AI-powered automated scans have gone up by [16.7% year-over-year](https://www.fortinet.com/corporate/about-us/newsroom/press-releases/2025/fortinet-threat-report-reveals-record-surge-in-automated-cyberattacks#:~:text=Active%20scanning%20in%20cyberspace%20reached,information%20on%20exposed%20digital%20infrastructure.), averaging 36,000 scans per second. This has ultimately translated into a **steep rise of 42%** in credential-based attacks and the unleashing of 1.7 billion stolen credentials on the dark web. This scale of automation is enabling bad actors to probe and abuse cyber systems at hyper-speed, which in turn makes it difficult for traditional defenses to counteract the attacks.

As per Microsoft’s Anti-Fraud Team, [AI-backed cyberattacks](https://www.cnbctv18.com/technology/microsoft-blocks-e-commerce-fraud-as-ai-scams-rise-globally-ws-l-19590358.htm) are being reported across the world. **China and Germany** are among the countries most severely affected, as they are notable hubs for e-commerce and online services. These two regions are getting hit badly because the bigger a region’s marketplace is, the more likely it is that fraud will grow with it. When it comes to SaaS businesses, the financial data of SaaS companies is crucial. A [B2B SaaS revenue recognition](https://www.younium.com/blog/revenue-recognition) software, such as Younium, utilizes AI technology to provide advanced and secure financial record-keeping for its SaaS clients.

[![ cyberattacks](https://media.mailhop.org/duocircle/images/2025/06/spf-record-checker-4331.jpg)](https://media.mailhop.org/duocircle/images/2025/06/spf-record-checker-4331.jpg)

This blog specifically talks about the top 3 emerging cyber threats that are backed by AI and how you can thwart them in time.

## E-commerce frauds

Previously, it would take [threat actors](https://www.cybersecuritydive.com/news/threat-actors-uk-retail-attacks-targeting-us/748198/) weeks to design a new website. However, today it’s very easy to set up a new e-commerce website using AI and other tools that require no hardcore technical expertise; **just input a few prompts**, and it’s done. These websites appear legitimate, as they closely mimic the original ones, making it difficult for consumers to distinguish them as fake.

[Malicious actors](https://www.securitymagazine.com/articles/100953-new-research-malicious-actors-are-imitating-tech-companies) create detailed product descriptions, professional-looking graphics, and believable customer reviews that dupe visitors into thinking they are on a genuine platform. They end up paying for products or services that never really existed, jeopardizing their residential and financial information, in addition to losing the money spent on purchasing the **so-called product or service**. To protect against these sophisticated scams, consulting with [development experts](https://blacksmith.agency/services/web-development/) can help ensure your e-commerce platform is secure, trustworthy, and resilient against fraudulent imitation websites.

For example, in April 2025, scammers targeted UK consumers by advertising [fake Bonmarché](https://www.thesun.co.uk/money/34526218/fake-ads-warning-retailer-closing-sales-scam-bonmarche/) ‘shop closing’ sales on Facebook, linking to counterfeit websites. Victims paid and never received any products. 

_These scams are also being fueled by [AI-powered customer service](https://simplycontact.com/services/ai-customer-service/) chatbots, which add another layer of deception by convincing users through chat interactions_. These bots use sophisticated language to deceive people by providing fake yet polite responses, thereby delaying refunds and maintaining the website’s appearance of genuineness and trustworthiness for as long as possible. 

[![AI-powered customer service chatbots ](https://media.mailhop.org/duocircle/images/2025/06/spf-record-4331.jpg)](https://media.mailhop.org/duocircle/images/2025/06/spf-record-4331.jpg)

## Job and employment fraud

In job and deployment fraud, threat actors create fake listings on various job platforms. This scam operates by [phishing job seekers](https://cyberpress.org/phishing-fake-whatsapp-job/), creating fake profiles with stolen credentials, and then posting jobs with AI-generated descriptions. They even utilize AI to launch [email campaigns](https://www.activecampaign.com/glossary/email-campaign) that drive traffic to the fake postings. _The scam goes to the extent where they even arrange AI-powered interviews over calls and video meetings, leaving no room for doubt for job seekers_. 

In this kind of scam, fraudsters ask for personal information, such as resumes or [bank account details](https://www.cybersecuritydive.com/news/santander-employees-database-hack/719394/), under the pretext of **verifying the applicant’s information**. To ensure resumes and cover letters reflect genuine work, some organizations and job seekers use a [plagiarism checker](https://gptzero.me/plagiarism-checker), an extra step to verify originality alongside traditional background and reference checks.

So, if you get a random text or email offering a job that pays a lot but doesn’t require any real skills, it’s probably a scam.

Be careful if the job offer asks you to pay money, seems too good to be true, comes out of nowhere, or doesn’t use **proper emails or company platforms**, as these are all big red flags.

[![ scam](https://media.mailhop.org/duocircle/images/2025/06/spf-record-check-4331.jpg)](https://media.mailhop.org/duocircle/images/2025/06/spf-record-check-4331.jpg)

## Tech support scams

In [tech support scams](https://www.yahoo.com/news/tech-support-scam-takes-280k-164510060.html?guccounter=1&guce%5Freferrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce%5Freferrer%5Fsig=AQAAAM2%5FHlSsWzxwKBl6RKdi09Ve9H3IDi7XGs5QQILO60dsKU8DikUXLlTald%5FbaQhJnarzqNa4rHWuqyopQpmOVJ1573ynCOFS7jDBPyP73YWlsO8ZRYGyAOxezQNQbTU6pDxrNIBn75hhHzYTNOy564x3kNHw0Qhmvqkhtj143s4G), cyber actors trick targets into unnecessary technical support services that claim to **fix a software or device problem** that may not actually exist. All they want is to gain remote access to their device so that they can get their hands on critical data or install malware to conduct malicious activities. 

In fact, in **early June 2025**, two sophisticated call centers were raided and shut down, as they were involved in [impersonating support lines from companies like Microsoft and Apple](https://blogs.microsoft.com/on-the-issues/2025/06/05/microsoft-dismantle-transnational-scam/#:~:text=Through%20close%20collaboration%20with%20the,malicious%20ecosystem%20behind%20these%20scams.). They targeted Japanese citizens with [fake virus pop-ups](https://thehackernews.com/2011/01/fake-antivirus-pop-ups-hacking-into.html) telling them that their devices were compromised, prompting them to call the bogus tech support. The scammers gained remote access to devices, insisted on urgent payment, and coerced victims into transferring money to mule accounts or buying crypto and gift cards. _The total scam amount exceeded USD 144,000_.

[![fake virus pop-ups](https://media.mailhop.org/duocircle/images/2025/06/dkim-selector-8021.jpg)](https://media.mailhop.org/duocircle/images/2025/06/dkim-selector-8021.jpg)

## Cyber hygiene practices against AI-backed cybercrimes

Here’s what you can do to prevent becoming victims of AI-powered deceptions-

### Strengthen employer authentication

Attackers often impersonate or spoof the **domains of reputable companies** to send job offers. So, if you also own a domain, shield it with [SPF](/resources/what-is-spf), [DKIM,](/resources/what-is-dkim) and [DMARC](https://dmarcreport.com/what-is-dmarc/). With these three [email authentication](/resources/email-authentication) protocols in place, no emails sent from unauthorized sources land in the primary inboxes of targets. Such bogus emails are either rejected or marked as spam, saving your brand name from being dragged into [malicious activities](https://www.msspalert.com/news/mssp-market-news-malicious-activity-spikes-after-crowdstrike-outage). 

[![email spam statistics](https://media.mailhop.org/duocircle/images/2025/06/2026-Email-Spam-Statistics.jpg)](https://media.mailhop.org/duocircle/images/2025/06/2026-Email-Spam-Statistics.jpg)

Additionally, as an employer, maintain a single official domain (e.g., careers.yourcompany.com) for all hiring-related communication.

### Monitor for AI-based recruitment scams

When sitting in an online interview call, watch out for these red flags-

- _Zero personalisation, like not referring to your resume or asking follow-ups to your answers_.
- Use of **template-like responses**, such as saying ‘That’s great to hear’ after everything you say.
- Maintained the same enthusiasm and facial expression throughout the meeting.
- Slight delays in response timings, because tiny lags are inevitable when AI generates responses. Tools like [Okara’s Reddit Agent](https://okara.ai/agent/reddit) can summarize and monitor Reddit threads where users flag recruitment scams, helping you spot emerging fraud patterns before you fall for them.

[![emails are either rejected](https://media.mailhop.org/duocircle/images/2025/06/sender-policy-framework-4331.jpg)](https://media.mailhop.org/duocircle/images/2025/06/sender-policy-framework-4331.jpg)

### Be wary of too-good-to-be-true job opportunities

_If a job opportunity is way too lucrative, there is a high possibility of it being bogus_. It’s better to get in touch with the officials through alternative means, such as contacting the support number available on the **official website or sending an email**.

### Avoid sharing personal information with unverified sources

Watch out for warning signs in [job ads](https://www.cnbc.com/2024/07/07/job-scams-surged-118percent-in-2023-aided-by-ai-heres-how-to-stop-them.html), like if they ask you to pay money, chat only on WhatsApp or text messages, **use personal Gmail IDs** instead of official emails, or tell you to contact someone on their personal phone. These are big signs that the job could be fake.

## Topics

cyber securityDKIMDMARCSecurityspf 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  Email Security 12m  DMARC, SPF, and DKIM in 2026: Why Email Authentication Is Now a Regulatory Requirement, Not Just a Best Practice  Apr 29, 2026 ](/blog/dmarc-spf-dkim-2026-email-authentication-regulatory-requirement-best-practice/)[  Email Security 4m  A practical guide on checking your email health  Dec 26, 2025 ](/blog/email-security/a-practical-guide-on-checking-your-email-health/)[  Email Security 8m  Best practices to make Privileged Account and Session Management a breeze  Jan 7, 2025 ](/blog/email-security/best-practices-for-simplifying-privileged-account-and-session-management/)[  Email Security 6m  Building a zero-trust security model for emails  Dec 11, 2024 ](/blog/email-security/building-a-zero-trust-security-model-for-emails/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"3 emerging AI-powered cyber threats and how to stay protected from them in 2025","description":"3 emerging AI-powered cyber threats and how to stay protected from them in 2025.","url":"https://www.duocircle.com/blog/email-security/3-ai-powered-cyber-threats-2025-and-how-to-stay-safe/","datePublished":"2025-06-27T16:31:33.000Z","dateModified":"2026-03-30T14:49:58.000Z","dateCreated":"2025-06-27T16:31:33.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/email-security/3-ai-powered-cyber-threats-2025-and-how-to-stay-safe/"},"articleSection":"email-security","keywords":"cyber security, DKIM, DMARC, Security, spf","wordCount":1184,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2025/06/spf-record-tester-4331.jpg","caption":"emerging AI-powered","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"Email Security"},{"@type":"ListItem","position":3,"name":"3 emerging AI-powered cyber threats and how to stay protected from them in 2025","item":"https://www.duocircle.com/blog/email-security/3-ai-powered-cyber-threats-2025-and-how-to-stay-safe/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"Email Security","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"3 emerging AI-powered cyber threats and how to stay protected from them in 2025","item":"https://www.duocircle.com/blog/email-security/3-ai-powered-cyber-threats-2025-and-how-to-stay-safe/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"3 emerging AI-powered cyber threats and how to stay protected from them in 2025","description":"3 emerging AI-powered cyber threats and how to stay protected from them in 2025.","url":"https://www.duocircle.com/blog/email-security/3-ai-powered-cyber-threats-2025-and-how-to-stay-safe/","datePublished":"2025-06-27T16:31:33.000Z","dateModified":"2026-03-30T14:49:58.000Z","dateCreated":"2025-06-27T16:31:33.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/email-security/3-ai-powered-cyber-threats-2025-and-how-to-stay-safe/"},"articleSection":"email-security","keywords":"cyber security, DKIM, DMARC, Security, spf","wordCount":1184,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2025/06/spf-record-tester-4331.jpg","caption":"emerging AI-powered","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```