Systemic defence framework FIGURE 23 Prevention Protection MitigationSystemic defence AI-enabled cybercrime Recent developments in genAI are lowering the barriers to executing phishing attacks while simultaneously increasing their sophistication and credibility. Criminal actors are exploiting genAI to automate and scale social engineering efforts, producing realistic phishing emails, deepfake audio and video, and falsified documentation capable of evading conventional detection systems and human scrutiny. Furthermore, AI models trained on compromised or breached datasets are being weaponized to enhance targeting precision, replicate authentic communication styles and manipulate human trust with greater effectiveness. These capabilities represent a substantial evolution in the threat landscape, requiring more advanced and adaptive defence mechanisms. As such, this also amplifies digital safety risks for vulnerable groups, including children and women, who are increasingly targeted through impersonation, grooming and synthetic intimate-image abuse. By enabling the translation and localization of social engineering tactics, these tools make impersonations more culturally authentic and convincing – helping attackers gain initial access to victims’ systems or earn their trust. As a result, criminal networks that once focused primarily on speakers of widely used languages can now effectively target new populations in regions that were previously less vulnerable to such scams. This expansion also accelerates the spread of AI-assisted mis/disinformation, complicating efforts by platforms and regulators to maintain information integrity and safeguard users from coordinated manipulation. The rapid rise of deepfake technology is creating new challenges for organizations, governments and societies. In Indonesia, a wave of deepfake scams, featuring fabricated videos of President Prabowo Subianto promising financial aid, has swindled Indonesians across 20 provinces.20 In Ireland, a malicious deepfake video falsely depicting presidential candidate Catherine Connolly announcing her withdrawal from the race sparked outrage and an official complaint to the Electoral Commission.21 As AI accelerates the scale and sophistication of cyber-enabled harm, increasing the cybersecurity and safety of users becomes a core pillar of resilience, requiring stronger verification standards, cross-platform coordination, safeguards for vulnerable groups and tools that help users navigate an increasingly challenging information environment.22 While genAI is currently used primarily to enhance social engineering and reconnaissance, the emergence of autonomous AI agents capable of executing full-scale attacks signals a potential turning point. In November 2025, Anthropic disclosed a cyber espionage operation that demonstrated the unprecedented use of AI across the entire attack life cycle – from reconnaissance and exploitation to data exfiltration. The incident showed how AI-enabled threat campaigns are rapidly evolving towards greater automation and independence. It also represented the first confirmed case of agentic AI gaining access to high-value targets, including major technology companies and government agencies.23 While genAI is currently used primarily to enhance social engineering and reconnaissance, the emergence of autonomous AI agents capable of executing full-scale attacks signals a potential turning point.Source: Fighting Cyber-Enabled Fraud: A Systemic Defence Approach. (2025). World Economic Forum Global Cybersecurity Outlook 2026 32