For years the advice was simple: look for spelling mistakes and bad grammar. A phishing email riddled with errors was easy to dismiss. That advice is now dangerously outdated. In 2026, attackers are generating phishing emails using the same large language models that power everyday productivity tools and the output is fluent, context-aware, and personalised in ways that were not possible two years ago.
According to security researchers, 87% of security professionals now report their organisation has experienced an AI-driven cyberattack. Phishing remains the entry point for the majority of them. This guide is about what actually gives these emails away because they do still give themselves away, just not in the ways you expect.
If your mental model for spotting phishing is "look for typos and bad English," you are underprepared for 2026. Modern AI-generated phishing is grammatically perfect, professionally toned, and often written in your preferred language variant British or American English, formal or casual based on data scraped about you.
What actually changed in 2026
Phishing has always worked by exploiting trust. What AI changed is the cost and quality of creating that false trust. Previously, a convincing targeted phishing email one that referenced your name, job role, recent activity, and specific organisation required a human attacker to do manual research. That took time, which limited how many people could be targeted precisely.
Now that research can be automated. An attacker feeds a tool your LinkedIn profile, your company website, a few of your public posts, and any data from past breaches and gets back a personalised email in seconds. The tool can write it in any tone, mimic the style of your organisation's internal communications, and generate 10,000 variants for different targets simultaneously.
IBM's X-Force Threat Intelligence Index 2026 found that over the past five years, major supply chain and third-party breaches quadrupled. The entry point in most cases was a single credential stolen through a phishing email. One click, one person, cascading consequences across thousands of organisations.
8 warning signs that still work in 2026
AI makes the text better. It does not fix the structural problems with how phishing emails are delivered or what they ask you to do. These eight signals are still reliable.
No matter how good the email looks, check the actual sending address not just the display name. "PayPal Support" can display over any email address. Look at the domain after the @. Legitimate companies always email from their own domain. Attackers use look-alikes: paypa1.com, paypal-security.net, paypal.support-helpdesk.com.
AI-generated phishing has learned to create urgency without sounding hysterical. Phrases like "your account requires immediate verification," "access will be suspended in 24 hours," or "unusual sign-in detected confirm your identity" are designed to trigger action before thought. Any email that shortcircuits your normal judgement is suspicious by definition.
Hover over any link before clicking on mobile, hold down the link for a second. The URL that appears should match where you would expect to go. Attackers use redirect chains, URL shorteners, and look-alike domains to disguise the real destination. If the link text says "Verify your Microsoft account" but the URL contains a random subdomain or a country you do not deal with, do not click.
The strongest signal of all: did you initiate the process this email is responding to? Password reset emails, invoice notifications, shipping confirmations if you did not trigger the action, treat the email with deep suspicion. Attackers are betting on the chance that you happen to be waiting for something similar.
Banks do not email you asking to confirm your full card number. Apple does not ask for your password by email. Microsoft does not ask you to download a remote access tool to fix a problem. If an email is asking for credentials, payment details, or remote access, it is a phishing email regardless of how legitimate it looks.
AI pulls data from multiple sources and stitches it together. The result is sometimes uncanny your real name, your company, your job title but with a detail that is slightly wrong or out of date. Your old job title, a previous address, a username you stopped using. This off-note personalisation is actually a stronger red flag than a generic email would be.
Attackers monitor the news and time phishing campaigns to piggyback on real events. After a major breach like the Conduent breach affecting 25 million Americans phishing emails impersonating the affected company's "notification team" spike immediately. If you received a breach notification by email, go directly to the company website instead of clicking any links in the email.
Malicious attachments now often come as PDFs, OneNote files, or HTML files rather than the .exe files that filters catch easily. Double extensions like invoice.pdf.exe are a classic sign. If you were not expecting an attachment from this person, do not open it โ even if it looks like a PDF.
What a real AI phishing email looks like
Here is a reconstructed example of the type of AI-generated phishing email being reported in 2026. Notice that the text itself is completely convincing โ the red flags are structural, not linguistic.
Dear [Your Name],
We detected a sign-in attempt to your Microsoft account from an unfamiliar device. For your security, we have temporarily limited access to your account.
Location: Kyiv, Ukraine ยท Device: Windows 11 ยท Time: Today at 03:14 AM
If this was you, no action is needed. If you did not make this sign-in attempt, please verify your identity immediately to restore full access and prevent unauthorised changes.
โ Verify my account
Attackers use your leaked data to personalise phishing emails. See what they already know about you.
If you already clicked a link
Act within the first 10 minutes. The faster you move, the less damage an attacker can do.
- Do not enter any credentials on the page you were taken to. Close the tab immediately if you have not already done so.
- Change the password for the account being impersonated right now, on the real website. Go directly to the URL, do not use any links from the email.
- Enable two-factor authentication on that account if it is not already on. Even if the attacker got your password, they cannot get in without the second factor.
- Check recent login activity on the account in question. Most services show you recent sign-ins with device and location. Revoke any sessions you do not recognise.
- If you entered payment details, call your bank or card provider immediately and report potential fraud. Ask them to issue a replacement card.
- If this happened on a work device, notify your IT or security team now. Do not wait to see if anything bad happens โ they need to assess whether the attacker got further.
- Run a breach check on your email address to understand what data the attacker may already have had about you before sending the email.
Changing your password is more urgent than running antivirus. If you gave up credentials, an attacker can be in your account within seconds. Password first, everything else second.
How to defend yourself going forward
The best defence against AI-generated phishing is not being smarter at reading emails it is building systems that make individual judgement calls less consequential.
- Use a password manager. It will only autofill credentials on the real domain. If you land on a look-alike site, the password manager will not fill in anything a strong signal you are in the wrong place.
- Use hardware security keys or passkeys where available. Phishing-resistant authentication means even if you hand over your password on a fake site, the attacker cannot use it. This is the most effective single defence against credential phishing.
- Enable email authentication on your own domain (SPF, DKIM, DMARC) if you run a business. This makes it much harder for attackers to impersonate your domain when sending to your employees or customers.
- Treat email as an untrusted channel for action. Any request involving money, credentials, or sensitive information should be verified through a second channel a phone call, a message on a platform you initiated, or navigating directly to the relevant website.
- Keep your email address out of breach databases. Attackers use leaked personal data to personalise phishing. The less of your information is in circulation, the less convincing the personalised attacks against you can be.
A passkey is a cryptographic credential that only works on the legitimate website it was created for. Even if you are tricked into visiting a fake site, the passkey simply will not work there. Major platforms including Google, Apple, Microsoft, and GitHub now support passkeys. Enable them wherever you can.
Sources
- IBM X-Force Threat Intelligence Index 2026
- SoSafe 2025 Cybercrime Trends Report: 87% of organisations exposed to AI-driven attacks
- Gartner: Top Cybersecurity Trends for 2026
- Cybersecurity Dive: 5 cybersecurity trends to watch in 2026
- ISACA: The 6 cybersecurity trends that will shape 2026