## A new generation of social engineering
The phishing email used to be easy to spot. Bad grammar, generic greeting, suspicious link. In 2026 those signals are gone. Generative tools produce flawless prose in any language, mimic a colleague\u2019s tone after reading a few public posts and craft pretexts that match real internal context. Voice and video deepfakes are now realistic enough to fool a casual observer in a short call.
User awareness training alone cannot carry the load anymore. The defence has to be layered, technical and assumption-friendly: assume some users will be fooled, and design controls so that being fooled is not catastrophic.
## Identity is the new perimeter
Most successful AI-powered attacks end with a stolen session or a fraudulent transaction. Both fall back to identity. The strongest single investment a business can make right now is phishing-resistant authentication.
- **Passkeys** for users wherever possible. They cannot be phished because the credential is bound to the legitimate site.
- **FIDO2 hardware keys** for administrators and other high-risk roles.
- **Conditional access** that evaluates device posture, location and risk every time, not just at login.
- **Token binding** so a stolen session cookie cannot be replayed from a different device.
If you only do one thing this year, push passkeys across the workforce. The reduction in account takeover is dramatic.
## Email defences that go beyond keywords
Legacy mail filters look for known bad URLs and suspicious words. AI-generated phishing breezes past both. Modern defences add:
- **Display name and lookalike domain detection** to flag messages from chief.financial.officer at a domain that is one character off your real one.
- **Behavioural baselines** that learn how a sender normally writes and flags abrupt tone changes.
- **Attachment detonation** in a sandbox before delivery.
- **Banner injection** for first-time external senders, replies to spoofed threads or messages that ask for unusual actions.
None of these is perfect on its own. Combined, they cut delivery of the most dangerous campaigns by an order of magnitude.
## Defending against deepfake voice and video
Vishing with a cloned voice is no longer rare. The CFO calls finance and asks for a wire transfer to a new vendor. The voice is right. The pretext is right. The pressure is right.
The answer is process, not technology heroics:
- **Out-of-band verification** for any monetary movement above a threshold. The recipient must call back on a known number or confirm in a known channel.
- **Code words** for high-trust requests, refreshed regularly.
- **No same-day exceptions** to payment workflows. If urgency is the only justification, that is the red flag.
- **Watermarking and provenance checks** for sensitive media, where supported.
For video calls, train staff to ask the caller to perform a simple action that current deepfakes still struggle with, such as covering part of the face with a hand or turning their head sharply.
## Detection and response
Assume some campaigns will land. Make sure you can see and react quickly:
- Centralised reporting from inside the mail client with a single click.
- Auto-clawback of identical messages from other mailboxes once one user reports.
- Session revocation triggered by suspicious sign-in or impossible-travel signals.
- Playbooks for confirmed BEC that include bank and law enforcement contacts.
## Training that matches the new reality
Annual click-the-link training is no longer enough. Run frequent, realistic simulations that include voice and chat-based pretexts. Reward reporting, not just non-clicking. Share anonymised examples of recent attempts so staff see what current campaigns actually look like.
AI-powered social engineering is not going away. Layered defences, phishing-resistant identity and disciplined process turn it from a likely breach into a manageable risk.