As our technical capabilities continue to grow, systems are becoming increasingly interconnected and reliant on one another. While this has simplified the exchange of everything from email to money, it has also opened the door for cybercriminals to exploit these links. They have become incredibly adept at social engineering, to the point where they can manipulate human behavior to gain access to systems once thought to be secure, including those containing sensitive information from a vast number of companies.

At BrainStomp, we have the technical expertise to safeguard your systems against such attacks.

The sophistication of these attacks has grown significantly over the last decade, driven in part by the rise of AI-enhanced threats. Addressing these threats is critical to properly protecting your computer infrastructure and data.

Data Breaches Fuel Phishing

Significant data breaches generate waves of concern, creating fertile ground for phishing attacks. Scammers capitalize on a heightened sense of urgency. Users, rushing to verify their accounts, may inadvertently compromise networks.

Cybercriminals have also become more skilled at making their phishing messages look legitimate, making it increasingly difficult for users to distinguish between genuine communication and threats.

Notable examples:

• Following the 2015 Office of Personnel Management breach, a barrage of phishing attempts exploiting government-related messaging was launched.

• During the COVID-19 relief period, phishing grew by 220% with attackers impersonating official government sites offering stimulus payments.

Phishing Escalation

As phishing attacks grow in volume and complexity, the cost of defending against them has also skyrocketed. 

• The number of phishing attacks has tripled since 2020.

• Since the launch of ChatGPT in 2022, reports of AI-driven phishing campaigns have risen by an astonishing 4,151% according to SlashNext.

• The rising number of phishing incidents has driven breach-related costs to nearly $5 million annually for organizations.

AI Enhancement in Attacks

While AI has made many aspects of life easier, it has also made it easier for cyber attackers to tailor their phishing campaigns. In 2025, an estimated 3.4 billion phishing emails are sent daily, most of them AI-generated. Alarmingly, AI-generated phishing emails boast a 54% click rate, compared to 12% for human-written messages.

As more companies use QR codes to relay information, phishing attempts have risen in that arena, too.

Brand Impersonation

No brand is immune to phishing impersonation. Recent data shows a surge in phishing attacks posing as communications from major companies like Amazon and Microsoft, as well as various government agencies.

News-Driven Phishing Campaigns

Several recent events have highlighted how scammers exploit trending news stories to gain access. 

Gmail Data Breach

When Gmail suffered a massive data breach affecting 2.5 billion email accounts, a huge wave of phishing messages spread across the Internet. Many messages used the US “650” area code and urged users to ‘verify’ their accounts by entering log-in credentials.

Proofpoint and Lovable Website Builder

Investigations revealed that over 5,000 organizations had been hit by messages hosted from Proofpoint’s Lovable website builder program. It resulted in social media impersonations, phishing campaigns, and deepfakes.

How Recent News Improves Phishing Effectiveness

News of data breaches spreads quickly, and as coverage intensifies, individuals become increasingly concerned that their own accounts may be at risk. Cybercriminals exploit this heightened emotional response and human vulnerability to make their attacks more effective.

Emotional Leverage

When a breach is reported at a company a user relies on, emotions run high. Scammers exploit this fear by creating phishing emails featuring company logos, domains, and even personalized details. This manufactured urgency makes people less skeptical and more likely to fall for scams.

Exploiting Trust

It’s easy for users to assume emails associated with a company that has recently been breached are real. They expect the company to contact them to either notify them that their account has been compromised or that their information is safe and secure. This expectation makes it easier for attackers to pass off fake emails as real notifications, prompting victims to click malicious links or provide credentials.

AI-Personalization

With AI modeling, it’s easier than ever for scammers to gain access to personal and organizational information, enabling them to craft highly detailed and realistic communications.

Incident Preparedness

Developing a comprehensive incident response plan is essential for defending against phishing and other cyberattacks. At BrainStomp, we help organizations build robust defenses, including:

• Real-time threat assessment with phishing domain filters and AI-generated content detection.

• A robust incident response plan with clear guidance for containment and communication rules.

Phishing has evolved dramatically over the last decade, from email scams to advanced AI-powered threats. Data breaches and sensationalized news coverage serve as fuel for launching phishing campaigns. 

If your organization is concerned about protecting its digital environment, contact BrainStomp today. We have the expertise, insight, and tools needed to secure your systems against modern threats.