Skip to content
Register for our free upcoming webinar ≫
HSA TutoringHSA Tutoring
0
Investigating AI in defending against deepfake-based phishing attacks 

Investigating AI in defending against deepfake-based phishing attacks 


By Avaneesh Solapurkar 

 

1. Abstract 

The rise of AI has led to the revolutionization of both daily life and specialized fields like cybersecurity. However, AI can be leveraged for cyberattacks by various methods, such as writing AI-generated code for malware, writing convincing phishing messages, and using deepfakes to give phishing attacks a greater effect. Deepfakes can be used in phishing attacks because humans tend to trust faces and audio, leading to a greater chance for attackers to receive money from victims who likely thought they were sending money to a friend, family member, or coworker. This research paper aims to shed light on deepfake-based phishing attacks because they could become more prominent in the future with further developments in AI, using existing sources as cited in the bibliography. It concludes with claiming that AI should be used to defend against deepfake-based phishing attacks. 

 

2Introduction 

Artificial Intelligence (AI) models are an increasing threat to current cyber-defense systems, with McKinsey & Company stating that "[AI cyberattacks'] breakout times [are] now under an hour" (Lewis et al., 2025). Specifically, deepfakes and phishing attacks have been supercharged thanks to AI. In 2024, a Hong Kong-based employee of the British multinational engineering firm Arup sent 200 million HKD (~25.6 million USD) to fraudsters after joining a video call with deepfaked staff (Magramo, 2024). Cyberattacks can be devastating for businesses; in 2013, Efficient Escrow of California had to shut down after having USD 1.5M stolen from them by hackers (Syscon, n.d.; MIS, 2016; California Department of Justice, 2014). 

Contrary to popular belief, it can be argued that the thinking behind AI has been assisted by ancient philosophical reasoning, with thinkers like Aristotle, Descartes, and Homer contributing to some of the logical frameworks behind it (Ikechukwu, 2025). Buchanan (2005) states that “the beginnings of artificial intelligence are traced to philosophy, fiction, and imagination,” (p. 54) with ancient philosopher Homer writing “of mechanical “tripods” waiting on the gods at dinner” being an early example of fantasies of “mechanical assistants”. The Dartmouth Conference in 1956 is widely considered to be the birth of artificial intelligence, as the term was coined there (Buchanan, 2005; Mijwel, 2015). In recent years, models like ChatGPT and Gemini have brought AI to the masses. Therefore, AI is a longstanding field that has been gaining traction in recent years due to widespread adoption. 

The earliest recorded cyberattack can be attributed to have happened in France in 1834, in which two government bond traders bribed a telegraph operator to add characters to official Government reports being sent over the telegraph to indicate the previous day’s market movement, as they lived in Bordeaux, where information took days to arrive from the exchange in Paris by mail coach (Monroe University, n.d.; Schneier, 2018). In recent years, cybersecurity has become more important, as there are many ways cyberattacks can happen; according to ENISA (European Union Agency for Cybersecurity, 2024), these are the top threats: 

  • Ransomware — “a type of attack where threat actors take control of a target’s assets and demand a ransom in exchange for the return of the asset’s availability or in exchange for publicly exposing the target’s data.” 

  • Malware — “an overarching term used to describe any software or firmware intended to perform an unauthorised process that will have an adverse impact on the confidentiality, integrity or availability of a system.” 

  • Social engineering — “a broad range of activities intended to exploit human error or human behaviour with the objective of gaining access to information or services. 

  • Threats against data — “defined in the GDPR as any breach of security leading to the accidental or unlawful destruction, loss, alteration, or unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed (article 4.12 GDPR).” 

  • Threats against availability: denial of service — “DDoS attacks target systems and data availability.” 

  • Information manipulation — “Foreign Information Manipulation and Interference (FIMI) describes a mostly non-illegal pattern of behaviour that threatens or has the potential to negatively impact values, procedures and political processes 

 

Definitions: 

Topic 

Source 

Definition 

AI 

Sahasra et al. (2023) 

At its core, AI is the simulation of human cognitive functions such as learning, reasoning, problem solving, perception, and language understanding by machines. 

Cybersecurity 

Singh et al. (2024) 

“Cybersecurity is the line of defense against malicious attacks on internet-connected devices and services by hackers, spammers, and cybercriminals” 

Deepfakes 

Singh et al. (2025) 

“Deepfakes are highly manipulated images, audio recordings, and videos that use artificial intelligence to create convincing forgeries of individuals engaging in actions or making statements they never actually performed” 

Phishing 

Alkhalil et al. (2021) 

“The process of tricking the recipient to take the attacker’s desired action is considered the de facto definition of phishing attacks in general.” 

 

The use of AI in cybersecurity systems to detect deepfaked phishing attacks could help organizations save money while improving to keep up with developing threats. 

 

3Literature Review 

3.1. AI 

AI has many important sub-fields which help to understand what it is. 

One such sub-field is ML (Machine Learning). According to Han et al. (2018), ML is a process in which “input and output data is provided, and the machine determines the process by which the given input produces the given output data. This process can then predict the unknown output when new input data is provided.” ML is important for AI as it can improve instead of having to be explicitly programmed. CrowdStrike states these as prominent uses of ML in cybersecurity in these exact words: 

Use Case 

Description 

Vulnerability Management 

Provides recommended vulnerability prioritization based on criticality for IT and security teams 

Static File Analysis 

Enables threat prevention by predicting file maliciousness based on a file’s features 

Behavioral Analysis 

Analyzes adversary behavior at runtime to model and predict attack patterns across the cyber kill chain 

Static & Behavioral Hybrid Analysis 

Composes static file analysis and behavioral analysis to provide advanced threat detection 

Anomaly detection 

Identifies anomalies in data to inform risk scoring and to direct threat investigations 

Forensic Analysis 

Runs counterintelligence to analyze attack progression and identify system vulnerabilities 

Sandbox Malware Analysis 

Runs counterintelligence to analyze attack progression and identify system vulnerabilities 

(Stanham, 2023) 

 

Additionally, according to CrowdStrike, ML in cybersecurity can either be “Automated threat detection and response” or “Analyst-led operations assisted by machine learning” (Stanham, 2023, sec. 4). The prior can replace human cybersecurity workers to improve accuracy and speed while the latter is more suited for more complex cases which ML models may struggle with.  

Artificial Neural Networks (ANNs) are commonly used in ML algorithms because they enable AIs to learn. ANNs are inspired by brains, which have networks of neurons to transmit information, allowing animals with brains to think. ANNs comprise artificial neurons which add multiple numerical inputs, then pass the sum through a function to produce an output (Han et al., 2018) 

 

3.2. Cybersecurity 

(Barbosa et al., 2024) from the IMF notes that “the aggregated direct losses from cyber incidents have amounted to almost $28 billion” from 2020 to April 2024. Although this number includes accidental incidents, it highlights the monetary risks at stake. IBM (2025) puts the global average loss from a data breach at $4.44 million and the US average loss at $10.22 million, emphasizing the importance of data security. Hiscox, 2023, as cited in Fotis, 2024 notes that the median cost of a cyberattack in 2023 was as follows: 

 

Fig. 1. Average cost of cyberattacks by country (USD). Data from Hiscox, 2023, as cited in Fotis, 2024, Figure 2.  

The disparity between IBM and Hiscox’s numbers was likely because IBM used the mean, while Hiscox used the median. Therefore, a few high-profile cases likely increased IBM’s numbers significantly.  

 

3.3. AI in Cybersecurity 

AI can be used in cybersecurity to save human effort when securing systems. According to Mohamed (2025), AI systems in cybersecurity primarily do 8 things:  

  • Detect threats 

  • Classify and analyze threats 

  • Automate security tasks 

  • Enable real-time response and adaptation 

  • Monitor user behavior 

  • Enhance threat intelligence 

  • Strengthen defenses against attacks 

  • Integrate with future technology 

IBM notes that AI-assisted security teams saved on average $1.9 million per data breach compared to non-AI assisted security teams. They also noted that 13% of organizations reported data breaches involving their AI models, suggesting stronger AI guardrails should be in place. Furthermore, IBM notes that 1 in 6 data breaches involved AI-driven tasks, of which 37% was for phishing and 35% was for deepfakes.  

 

3.4. Deepfakes 

Alanazi et al. (2024) states that face-swap deepfakes are made using autoencoders to transform an image or video into code that captures essential features for a face, then a decoder is used to transform that code into another person’s face. For instance, the autoencoder is used to turn person A’s face into code. Then, their face is decoded using person B’s decoder so that person B’s face appears. It is important to note that both person A and B would have both an encoder and a decoder; it’s just that person A’s decoder and person B’s encoder aren’t used in the final face-swap. The paper also mentions another method for deepfakes, known as GANs (Generative Adversarial Networks). These consist of a generator and a discriminator. The generator creates fake content, and the discriminator tries to detect it. When the discriminator can no longer detect that the content is fake, the process is finished. GANs generally produce higher-quality fakes, while face-swap technology is simpler. 

 

3.5. Phishing 

There are 4 stages to a phishing attack: planning, attack preparation, attack conducting, and valuables acquisition. 90% of organizations faced phishing attacks in 2019, suggesting that they are a widespread phenomenon with possibly large implications if ignored (Alkhalil et al., 2021). However, in a 2019 survey by Proofpoint, awareness was much lower.

 

Fig. 2. Percent of respondents to a survey knowing what ‘phishing’ means in different G7 countries. Data from Proofpoint, 2019, as cited by Alkhalil et al., 2024 

 

4Body 

4.1. Financial impact of cyberattacks 

Cyberattacks can have a large, potentially devastating, impact on organizations. In the US, the mean cost of a data breach was USD 10.22M while the median cost of a cyberattack there was USD 20,000. As said in the literature review, the disparity between the mean and the median could mean that there were some extremes. According to Bennett (2025) at Vena, the average small American business earns USD 1,221,884 of revenue annually. The profit margins for business sectors in the US vary, but the database compiled by Damodaran (2025) at NYU states that the average American firm has a net profit margin of 8.67%. Although profits vary from small to large businesses, using this data, the monthly profits of the average small American business are (very) approximately USD 8,828.11. Since the median cost of a cyberattack in the US was USD 20,000, a cyberattack could cost a small business months of profits. Additionally, since the real median personal income in the US was USD 45,120 annually in 2024 (FRED, 2024), a cyberattack on an individual could be catastrophic to their finances. 

 

4.2. How deepfakes amplify phishing threats 

Deepfakes amplify phishing threats by increasing how much victims trust fraudsters. Unlike regular phishing attacks that consist of poorly crafted messages, deepfaked phishing attacks are more sophisticated. By seeing replicas of people they confide in, such as family members or colleagues, the victims are more likely to send money over. This is because, as (Campanella et al., 2007) communicates, humans tend to rely on visual and auditory information. Moreover, familiar faces and voices increase the trust victims place in fraudsters (Stride Creative Group, 2015). This stresses the importance of guardrails to be in place to detect such threats before they lead to monetary loss, but some can bypass facial and audio verification systems. As mentioned in the literature review, GANs (Generative Adversarial Networks) are used to make deepfakes that bypass detection, so they can sneak past systems designed to hold back sensitive data. 

 

4.3. How can AI be used on the defensive frontier 

The statement ‘fight fire with fire’ invokes strong opinions, and may be what cybersecurity needs, where the figurative ‘fire’ is AI. Offensive AI in cybersecurity has wreaked havoc through cyberattacks, and AI is needed to defend against it. Defensive AIs in cybersecurity do many things which standard algorithms do too. However, AI evolves, meaning it can keep up with threats which evolve too.  

AI, as outlined by Singh et al. (2024), can be useful to detect deepfakes, as it can scan individual as well as groups of frames in videos for irregularities. It can also check the audio and cross-check with real data. Moreover, according to (IBM, 2025), security teams using AI thoroughly saved on average USD 1.9M per breach as well. If AI-powered cyberdefense was used in the Arup case, the deepfakes may have been detected and the money may not have been sent over.  

 

4.4. Body P4: Challenges 

Using AI in cybersecurity systems to defend against deepfake-based phishing attacks entails various challenges. 

Firstly, as mentioned in the literature review, GANs (Generative Adversarial Networks) are trained to be undetectable by the cyberattacker’s own systems (Alanazi et al., 2024). Hence, to detect them, the detectors used on the defensive side must outclass those used on the offensive side. This could lead to both sides innovating themselves into a stalemate as they try to outclass each other. 

Additionally, since recognition for phishing in countries like Japan is quite low (Proofpoint, 2019, as cited by Alkhalil et al., 2024), many individuals and possibly organizations may be unable to detect phishing attacks. Despite countries like Japan with higher average ages having less recognition for the term ‘phishing,’ younger people are generally more susceptible to phishing attacks due to greater impulsivity and trust (Williams et al., 2018, as cited by Alkhalil et al., 2024). One study found that engineering and IT students were the hardest to phish (Bailey et al., 2008, as cited by Alkhalil et al., 2024), proving that those acquainted with disciplines related to cybersecurity were able to detect phishing attacks.  

 

5Rebuttals 

There are many rebuttals one can make against the use of AI in defending against deepfake-based phishing attacks.  

Some may argue that the costs of implementing AI in cybersecurity systems are higher than the monetary benefits they bring. However, the various direct and indirect costs can add up to a significant number. An example of this was in 2019, when a Norwegian aluminum maker called Norsk Hydro ASA with ~35,000 employees in 40 countries fell victim to ransomware. Interruption of production alone led to a ~USD 40-50M loss, while getting all software and hardware back to normal cost further millions. In addition to these, there were indirect costs like erosion of confidence in the company and harm to their reputation. After the attack, the company improved their cyberdefense (Fotis, 2024). Furthermore, according to IBM, 2025, the average cost of a data breach is USD 4.44M, while for organizations that didn’t have AI-enhanced cyberdefense and automation it was USD 5.52M and for organizations which used AI-enhanced cyberdefense and automation extensively it was USD 3.62M.  

Others may claim AI is too unreliable to be used in cyberdefense. However, AI has been shown to reduce data breach costs, and IBM recommends the usage of AI in cybersecurity. Moreover, CrowdStrike, an established cybersecurity company, uses AI in their cybersecurity solutions, thus proving that AI is not too unreliable for cyberdefense. 

 

6Conclusion 

This paper aimed to investigate the use of AI in defending against deepfake-based phishing attacks and found that its use is important to combat the growing number of AI-powered deepfakes, but it should be accompanied by humans and traditional algorithms to ensure accuracy. Despite it seeming counterintuive to pit one improving system against another (defensive vs offensive AI), there will be an evolving offense and hence the defense must evolve to be ahead. If more organizations were to adopt AI in their cybersecurity solutions, a decrease in data breaches caused by cyberattacks would likely follow. This paper had no experiment and was consequently limited to using data from external studies. However, these external studies were very reputable, with names like IBM and Hiscox. 

 

7Bibliography 

  1. Lewis, C., Kristensen, I., & Caso, J. (2025, May 15). AI is the greatest threat—and defense—in cybersecurity today. Here’s why. McKinsey & Company. https://www.mckinsey.com/about-us/new-at-mckinsey-blog/ai-is-the-greatest-threat-and-defense-in-cybersecurity-today 

  1. Magramo, K. (2024, May 17). British engineering giant Arup revealed as $25 million deepfake scam victim. CNN Business. https://edition.cnn.com/2024/05/16/tech/arup-deepfake-scam-loss-hong-kong-intl-hnk 

  1. Syscon. (n.d.). Stories from small businesses that were attacked. https://syscon-inc.com/stories-from-small-businesses-that-were-attacked/ 

  1. MIS Solutions. (2016, November 30). $1.5 million cyber heist typifies growing threat. https://www.mis-solutions.com/2016/11/1-5-million-cyber-heist-typifies-growing-threatefficient-escrow-of-california-was-forced-to-close-its-doors-and-lay-off-its-entire-staff-when-cybercriminals-nabbed-1-5-million-from-its-bank-account/ 

  1. California Department of Justice. (2014, February). Cybersecurity in the Golden State: How California businesses can protect against and respond to malware, data breaches and other cyberincidents. https://oag.ca.gov/sites/all/files/agweb/pdfs/cybersecurity/2014_cybersecurity_guide.pdf   

  1. Kanu, I. A. (2025). Philosophical roots of artificial intelligence: Theoretical and practical foundations [Conference poster]. ResearchGate. https://www.researchgate.net/publication/392663741_Philosophical_roots_of_artificial_intelligence_theoretical_and_practical_foundations 

  1. Buchanan, B. G. (2005). A (very) brief history of artificial intelligence. AI Magazine, 26(4), 53. https://doi.org/10.1609/aimag.v26i4.1848 

  1. Maad M. Mijwel. (2015). History of artificial intelligence. ResearchGate. https://www.researchgate.net/profile/Maad-Mijwil/publication/322234922_History_of_Artificial_Intelligence/links/5a4d34e5a6fdcc3e99d15c1c/History-of-Artificial-Intelligence.pdf 

  1. Monroe University. (n.d.). Cybersecurity history: Hacking & data breaches. https://www.monroeu.edu/news/cybersecurity-history-hacking-data-breaches 

  1. Schneier, B. (2018, May 31). 1834: The first cyberattack. Schneier on Security. https://www.schneier.com/blog/archives/2018/05/1834_the_first_.html 

  1. European Union Agency for Cybersecurity. (n.d.). Threat landscape. https://www.enisa.europa.eu/topics/cyber-threats/threat-landscape 

  1. Sahasra, S., Sai Venkat, M., Dinesh, G., & Samidapogu, M. L. (2025). Artificial intelligence: Definition, advantages, and challenges. Journal of Engineering Sciences, 16(7), 188-196. https://www.jespublication.com/uploads/2025-V16I719.pdf 

  1. Singh, A., & Kumar, G. (2024). A research paper on cyber security. International Journal of Research Publication and Reviews, 5(4), 867-871. https://ijrpr.com/uploads/V5ISSUE4/IJRPR24628.pdf 

  1. Singh, L. H., Charanarur, P., & Chaudhary, N. K. (2025). Advancements in detecting deepfakes: AI algorithms and future prospects—A review. Discover Internet of Things, 5(1), Article 53. https://doi.org/10.1007/s43926-025-00154-0 

  1. Alkhalil, Z., Hewage, C., Nawaf, L., & Khan, I. (2021). Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science, 3, Article 563060. https://doi.org/10.3389/fcomp.2021.563060 

  1. Han, S.-H., Kim, K. W., Kim, S., & Youn, Y. C. (2018). Artificial neural network: Understanding the basic concepts without mathematics. Dementia and Neurocognitive Disorders, 17(3), 83-89. https://doi.org/10.12779/dnd.2018.17.3.83 

  1. Stanham, L. (2023, November 2). Machine learning (ML) in cybersecurity: Use cases. CrowdStrike. https://www.crowdstrike.com/en-us/cybersecurity-101/artificial-intelligence/machine-learning/ 

  1. Barbosa, R., Chen, B., Khadarina, O., Okuda, T., Rangachary, R., Shao, E., Suntheim, F., Tsuruga, T., Natalucci, F., Qureshi, M., & Stulz, R. M. (2024). Cyber risk: A growing concern for macrofinancial stability. In Global financial stability report: The last mile: Financial vulnerabilities and risks (April 2024, Chapter 3). International Monetary Fund. https://www.imf.org/-/media/files/publications/gfsr/2024/april/english/ch3.pdf

  1. IBM & Ponemon Institute. (2025). Cost of a data breach report 2025. https://www.ibm.com/downloads/documents/us-en/131cf87b20b31c91 

  1. Hiscox. (2023). Cyber readiness report 2023. https://www.hiscox.co.uk/sites/default/files/documents/2023-10/Cyber-Readiness-Report-2023-UK.pdf   

  1. Fotis, F. (2024). Economic impact of cyber attacks and effective cyber risk management strategies: A light literature review and case study analysis. Procedia Computer Science, 251, 471-478. https://doi.org/10.1016/j.procs.2024.11.135 

  1. Mohamed, N. (2025). Artificial intelligence and machine learning in cybersecurity: A deep dive into state-of-the-art techniques and future paradigms. Knowledge and Information Systems, 67, 6969–7055. https://doi.org/10.1007/s10115-025-02429-y 

  1. Alanazi, S., & Asif, S. (2024). Exploring deepfake technology: Creation, consequences and countermeasures. Human-Intelligent Systems Integration, 6, 49–60. https://doi.org/10.1007/s42454-024-00054-8 

  1. Bennett, N. (2025, November 18). 45 small business revenue statistics + tips to boost yours. Vena Solutions. https://www.venasolutions.com/blog/small-business-revenue-statistics 

  1. Damodaran, A. (2025, January). Operating and net margins. https://pages.stern.nyu.edu/~adamodar/New_Home_Page/datafile/margin.html 

  1. U.S. Census Bureau. (n.d.). Real median personal income in the United States (MEPAINUSA672N) [Data set]. Federal Reserve Bank of St. Louis, FRED Economic Data. https://fred.stlouisfed.org/series/MEPAINUSA672N 

  1. Campanella, S., & Belin, P. (2007). Integrating face and voice in person perception. Trends in Cognitive Sciences, 11(12), 535-543. https://doi.org/10.1016/j.tics.2007.10.001 

  1. Stride Creative Group. (2015, February 18). The science of familiarity. https://stridecreative.com/the-science-of-familiarity/ 

  1. Hong Kong University of Science and Technology Library. (2025, October 9). Cite AI-generated text. https://libguides.hkust.edu.hk/referencing/citing-AI-text 

  1. Perplexity. (2025, December 28) Generate me APA-style citations for this website [Chat with Assistant on Perplexity Comet to cite the sources for the paper in APA style] Perplexity Comet. https://www.perplexity.ai/search/generate-me-apa-style-citation-bFxlbR27RkOi1k6_OKVYMw#16 

Continue reading
What Methods of Seismic Engineering are the Most Effective?
Read more

67 Mt Auburn St, Cambridge, MA 02138

tutoring@hsa.net

(617) 496-1506

© 2026 HSA Tutoring, All rights reserved.

Cart 0

Your cart is currently empty.

Start Shopping
Trending Now