What Happens When AI Makes Every Phishing Email Perfect?

For years, phishing detection was a proofreading exercise. Spot the typo. Notice the weird phrasing. Flag the sender domain that does not match. These heuristics worked because attackers were sloppy, or at least enough of them were that training people to look for sloppiness had real value.

That era is over.

The shift

AI-generated phishing is grammatically flawless, contextually appropriate, and cheap to produce at scale. A motivated attacker does not need to speak the target's language fluently. They do not need to understand corporate email conventions. They do not need to proofread. The model handles all of it.

This is not a theoretical concern. The FBI's Internet Crime Complaint Center reported over $12.5 billion in losses from phishing and related social engineering in 2023 alone. That number reflects the pre-AI baseline. We do not have reliable data yet on what AI-assisted phishing is doing to those figures, but the direction is obvious. The barrier to producing convincing phishing at volume has dropped to nearly zero.

The problem is not just that AI makes phishing better. It is that AI makes phishing uniformly better. The gap between a skilled attacker's email and a script kiddie's email used to be enormous. That gap is closing. When the floor rises to meet the ceiling, every phishing email starts to look like a real one.

What training missed

Most security awareness programs are still built around the old model. They teach people to look for the tells: grammar errors, suspicious links, urgency, mismatched sender domains. Some of these are still valid signals. A mismatched reply-to address is a real indicator regardless of how the email was written. But the linguistic tells that formed the backbone of most training programs are gone.

The deeper issue is that those programs never really tested what they claimed to test. They measured whether people could spot bad phishing. They did not measure whether people could spot good phishing. Those are different skills. One is pattern recognition against known flaws. The other is judgment under uncertainty with no obvious signals to rely on.

When the writing quality is always high, detection becomes a harder problem. You cannot fall back on "this reads weird" because nothing reads weird anymore. You have to evaluate the email on its actual content: is this request plausible, is this sender likely to contact me about this, does the context make sense? That requires a different kind of training and a different understanding of where people actually fail.

The technique question

This is the part that interests me most. If grammar and formatting are no longer reliable signals, then what determines whether someone falls for a phishing email? The hypothesis I keep coming back to is technique.

Not all social engineering works the same way. An email that manufactures time pressure operates on a different psychological lever than one that impersonates a trusted authority figure. A credential harvesting email that directs you to a fake login page is asking you to do something different than a pretexting email that builds a plausible backstory over multiple messages. These are distinct mechanisms, and there is no reason to assume people are equally vulnerable to all of them.

But we do not have good data on this. Most phishing studies measure click rates or report rates in aggregate. They tell you what percentage of people clicked the link. They do not tell you whether the technique mattered independently of the writing quality. Was the click rate high because the email was well-crafted, or because authority impersonation is inherently harder to detect than urgency? When linguistic quality varies across the dataset, you cannot separate those variables.

This is the question I am trying to answer with Threat Terminal. The entire dataset is AI-generated at consistent quality, with technique as the only independent variable. Six phishing techniques, four difficulty tiers, 1,000 cards total. Players classify emails and bet confidence on their answers. The goal is to isolate which techniques produce the lowest human detection rates when writing quality is not a factor.

Why this matters for defenders

If the data shows that certain techniques consistently beat people regardless of experience, that changes how you build awareness programs. Instead of teaching generic red flags, you train against the specific mechanisms that people are worst at detecting. Instead of measuring "did they click," you measure "did they recognize the technique."

It also changes how you think about technical controls. If pretexting has a reliably high bypass rate, maybe the answer is not better training but better process: requiring out-of-band verification for certain request types, regardless of how legitimate the email looks. If authority impersonation beats people consistently, maybe the investment goes into sender verification infrastructure rather than awareness posters.

The point is that defenders need to know where the gaps are, not in general terms, but with enough specificity to act on. "People fall for phishing" is not actionable. "People are significantly worse at detecting pretexting than urgency, and security professionals show the same pattern" would be.

What we do not know yet

I want to be honest about where the limits are. The Threat Terminal dataset is AI-generated, which means it operates under constraints that real phishing does not. Players review emails as a neutral third party, not as the intended target. Hyper-personalization and pretexting lose some of their real-world potency in that format. The study measures whether people can recognize the structural signature of a technique, which is a useful and separable question, but not the same as measuring real-world susceptibility.

The sample is also self-selected. People who play a phishing detection game are more security-aware than the general population. That is fine for comparing techniques against each other within the sample, but it means the absolute detection rates will likely be higher than what you would see in a corporate environment.

These are known limitations, not disqualifying ones. The study is designed to answer a specific question: which techniques produce the largest gaps in human detection when language quality is controlled? If the data answers that with any confidence, it tells defenders something they do not currently know.

Where things are headed

Data collection is ongoing. The live findings update at research.scottaltiparmak.com/intel as responses come in. Once the sample is large enough to support meaningful analysis, I will publish the results.

In the meantime, the broader question stands. AI has changed what phishing looks like. Training and detection need to change with it. The organizations that adapt fastest will be the ones that understand the problem has shifted from "can your employees spot bad emails" to "can your employees make good decisions when every email looks real."

That is a harder problem. It is also a more interesting one.