Messaging threat predictions for 2025

Prediction #1: More deep fakes

Especially in the case of Business Email Compromise (BEC) scams, AI-generated deepfake videos, images, and audio files are gaining popularity. Receiving a live video call that appears to be from your CFO can be highly convincing, as humans remain the most hackable element. These attacks are difficult for users to combat because verifying the authenticity of media files is becoming increasingly challenging.

Signing all images at the source, origin verification services, or AI-based detection tools are not yet reliable - and they may never be. Solutions must analyze the full context instead. Additionally, business processes need to be reviewed to ensure, for example, that millions cannot be transferred with a single click by a junior employee without following a proper authentication chain.

Prediction #2: Indirect prompt injections with agents

The rise of GenAI extension agents has also given rise to new types of attacks, such as indirect prompt injections. We are entering the Agentic AI era, where these new AI agents serve as intelligent, purpose-built tools that integrate into existing services to perform specific tasks - for either users or cybercriminals.

Depending on the system configuration, attackers can now embed hidden prompts in emails, which may be implanted into AI memory or retrieval-augmented generation (RAG) systems. Since AI systems struggle to distinguish between data and instructions, this creates a significant risk of disaster. Such vulnerabilities can lead to data modification or even exfiltration, as demonstrated by recent proof-of-concept attacks targeting Microsoft’s Copilot.

Prediction #3: Automated spear-phishing

Advances in generative AI are enabling the creation of spear-phishing emails that are automatically personalized using information from social media. While techniques like translating phishing messages into different languages and adding tailored content have been used before, generative AI streamlines and enhances this process significantly.

As a result, we anticipate a surge in highly personalized phishing attacks capable of deceiving even experienced users. This increased efficiency will likely accelerate the rise of decision-making AI systems designed to automatically counter new threats -ushering in an era of AI battling AI. However, these systems will depend heavily on visibility, as their effectiveness hinges on access to accurate and comprehensive input data.

Prediction #4: Email bombing

Email bombing has re-emerged as an effective distraction technique. In this type of attack, cybercriminals subscribe the target’s mailbox to thousands of legitimate newsletters and initiate password resets on various services. This floods the mailbox with legitimate, albeit unwanted, emails.

Such attacks are not just an annoyance for the recipient; they are often used to obscure malicious activities, making it harder for the user to notice legitimate password reset requests or purchase confirmations. In some cases, attackers have even contacted the target, impersonating the IT service desk and offering to remotely “help” clean up the mailbox. Read more about it in our recent blog. 

Prediction #5: Automated vulnerability research

AI-driven vulnerability research, showcased by projects like Google’s Big Sleep, DARPA’s AIxCC, and others, has demonstrated significant potential for uncovering new vulnerabilities. While the success rate currently trails behind human-led bug bounty programs, it is steadily improving. This progress is paving the way for automated penetration testing tools, as envisioned by PentestGPT and similar initiatives.

On the positive side, these advancements could underscore the critical importance of efficient patch management. However, they also present a risk, as attackers may exploit AI agents and automated scripts to rapidly scan the internet for vulnerable systems.

The usual suspects

Ransomware attacks, a highly profitable form of cybercrime, are expected to persist. Toward the end of 2024, there was a noticeable shift toward lesser-known groups like Akira and RansomHub—a common trend as cybercriminals and their affiliates evolve and cycle through different players.

Stolen credentials also remain a significant concern, often acquired through infostealers such as StealC, Lumma, or Racoon. This issue further exacerbates attacks targeting APIs, cloud-native services, and trusted backends like GitHub. Authentication and identity management, in particular, continue to be persistent challenges for many organizations.

Meanwhile, nation-state actors are increasingly targeting firewalls, VPNs, switches, and other network devices—likely as part of efforts to expand their own covert network infrastructures.

Conclusion

It is clear that GenAI will once again reshape the threat landscape in 2025, even as the initial hype around the technology has died down a bit. While the underlying attack techniques may not be entirely new, their frequency are increasing, making an efficient and proactive battle plan more critical than ever.

The rapid evolution of AI-driven threats underscores the importance of robust security solutions that can not only react automatically to incidents but also provide comprehensive visibility into your organization’s security posture. In 2025, organizations will need to embrace advanced tools capable of real-time threat detection, contextual analysis, and automated responses to stay ahead of adversaries.

If you like to learn more about how xorlab can help you stay ahead in 2025, contact us for a personalized demo.