Artificial intelligence is now a major driver of modern AI cybercrime. Tasks that once required skill and time can be automated through generative AI, allowing attackers to move quickly, appear legitimate and slip past traditional defences. Security teams that still look for obvious errors in emails or messages are at risk, because AI can now produce flawless communication with realistic context. This shift marks a new stage of generative AI security risks.
Across industries, we are seeing a sharp rise in identity-based attacks powered by AI. Criminals are using voice cloning, deepfake videos, automated phishing and convincing synthetic identities to deceive targets. This marks a significant escalation in threat level as AI cybercrime becomes more sophisticated each quarter.
To stay protected, enterprise leaders need to recognise the new warning signs. Based on public reporting and Zentara’s frontline observations of AI-powered identity attacks, here are five red flags to watch for.
The Changing Threat Landscape
Generative AI has made cybercriminals more effective. Group-IB notes widespread adoption of AI to drive phishing, deepfake fraud and identity manipulation at scale, all core components of AI cybercrime.
Fraudsters are now producing:
• convincing corporate emails with bespoke insider references
• synthetic voice and video impersonations of senior executives
• high-fidelity fake credentials designed to pass automated checks
ProDigitalWeb highlights that attackers use AI to eliminate classic phishing red flags, significantly improving success rates and accelerating generative AI security risks for enterprises.
In short: defences that rely on humans spotting clumsy errors are becoming obsolete, and enterprise threat detection must evolve.
What Zentara Is Seeing
Zentara works with organisations across finance, infrastructure, technology and emerging sectors. In recent investigations, we have observed recurring patterns of AI-powered identity attacks:
- Hyper-personalised phishing referencing internal project names or system migrations
- Attempts to onboard synthetic identities where device and behavioural signals expose the fraud
- Voice and video calls that look and sound like senior executives requesting urgent, unusual actions
- Automated credential-testing activity with non-human interaction patterns
AI-powered identity attacks are not emerging. They are here and they demand stronger enterprise threat detection strategies.
The Five Red Flags
1. Too-Perfect Communications with Odd Requests
Phishing emails that are polished, accurate and specific to internal operations should be treated as suspect, a hallmark of AI cybercrime. Attackers now gather public and breached data to build trust rapidly.
Key warning signs:
- sudden urgency
- high-value transactions
- requests to reset credentials or bypass normal flow
2. Suspicious Identity Verification Results
AI makes synthetic identity creation simpler. However, underlying signals often reveal anomalies.
Examples include:
- mismatched metadata in uploaded IDs
- repeated biometric patterns across different applicants
- identical device fingerprints
3. Machine-like Account Behaviour
Even when credentials are valid, usage patterns may not be human.
Indicators:
- repeated or rapid login attempts without context
- activity at times atypical for the role
- high-volume system requests within seconds
Automated reconnaissance leaves traces, an early alert for adaptive enterprise threat detection. These are often early warnings of intrusion attempts.
4. Pressure to Circumvent Normal Controls
Fraudsters exploit authority and urgency. They often ask for exceptional approval paths or immediate compliance.
Examples:
- transfer funds without a second authoriser
- share sensitive data via unsecure channels
- ignore standard escalation processes
Any deviation from established governance should trigger investigation.
5. Audio or Video That Feels Real yet Subtly Wrong
Deepfake technology fuels AI cybercrime social-engineering attempts. However, small cues remain:
- slight pauses or unnatural audio timbre
- lip and speech timing discrepancies
- static background patterns that do not change naturally
Any media-based request for sensitive action requires independent validation.
How Enterprises Should Respond
Recognising red flags is essential, but resilience requires structural adaptation. Zentara recommends the following defensive priorities.
1. Modern Identity Verification
Behavioural analytics and device intelligence are now essential to detect generative AI security risks.
2. Multi-Channel Verification for Sensitive Actions
All high-impact decisions should be confirmed using a second, fully independent method. Known-good verification channels are critical. No executive request should ever rely on a single communication stream.
3. Use AI Defensively
AI is indispensable in defence when applied with governance. Organisations should integrate AI-driven anomaly detection, credential abuse monitoring and behavioural analysis to counter attacker automation. Importantly, human review must remain central to final decisions.
4. Culture Shift Toward Verification by Default
Cyber awareness training must evolve. Staff should expect manipulation attempts and be rewarded for caution. A corporate culture of “stop and verify” counters the psychological pressure attackers rely on.
The Bigger Picture
AI cybercrime is democratising sophisticated fraud. Attackers no longer need to be skilled writers, voice actors or software engineers. Machine-generated fraud is democratising capabilities that were once reserved for highly specialised organised crime.
The organisations that will thrive in this era are those that:
- treat identity as the new security perimeter
- modernise verification to include behavioural analysis
- accept that AI-assisted deception will become routine
Cybersecurity is now a competition of adaptability. The winners will be the ones who challenge old assumptions most quickly.
Zentara is helping enterprises strengthen enterprise threat detection capabilities with identity protection, adversary simulation and risk-aligned defence strategies.
To learn more about how AI-powered identity attacks unfold, and how to counter them, watch our webinar: AI vs. Hackers: The Cyber Battle You Did Not Know Was Happening
