The Rise of Generative Threats: Fighting AI with AI

The advent of Generative AI has caused a 237% increase in advanced cyberattacks that evade traditional defenses, rendering legacy Secure Email Gateways (SEGs) obsolete, reports Abnormal AI. This new paradigm of AI-driven threats demands a fundamental shift toward defensive strategies based on human behavior analysis to protect corporate assets.

“Some individuals have always wanted to be attackers, but now, with AI, they have the means to carry out attacks more easily,” said Fernando Villalobos, Country Manager Mexico and CCA, Abnormal AI, during the Mexico Cybersecurity Summit 2025. 

The attack vector has evolved significantly. Historically, email threats fell into two main categories. The first, known as Spray and Pray, involved the mass sending of non-personalized and unsophisticated emails, hoping a small percentage of recipients would interact with the malicious content. Later, Socially Engineered attacks emerged, which were much more effective due to their personalized and sophisticated nature, but required a considerable investment of time and effort from the attacker.

Generative AI has removed this barrier, merging the massive scale of the first method with the personalization of the second, explains Villalobos. Attackers now use AI tools to create and send highly personalized malicious emails at scale with minimal effort. According to research from Abnormal AI, these attacks are five times more effective than those generated by humans and 50 times more cost-effective for cybercriminals.

The problem is compounded because these modern attacks lack traditional Indicators of Compromise (IOCs), says Villalobos. An AI-generated email may not contain malicious links or attachments and can successfully pass sender authentication tests like SPF, DKIM, and DMARC. Consequently, 96.9% of security professionals acknowledge that traditional defenses are ineffective against these new threats. This scenario has contributed to cybercrime losses of about US$53 billion from Business Email Compromise (BEC) attacks, reports Abnormal AI.

A New Defensive Paradigm

To counter this new category of threats, it is imperative to adopt a defensive approach that is also AI-native. The new strategy is to fight AI with AI, using advanced systems that can discern malicious intent through behavioral analysis rather than relying on predefined signatures or rules.

“Generative AI attacks are faster, more effective, and more profitable. We use good AI to fight bad AI, reducing the margin of error,” says Villalobos.

A modern security architecture must be AI-native and API-based, as opposed to legacy gateway-based architectures. This new model is based on three pillars:

1. Human Behavior Modeling: Instead of looking for known threats, this approach analyzes over 50,000 signals to build a behavioral profile of each identity within an organization, including employees, vendors, and customers. These signals range from communication patterns and tone to sign-in geography, devices used, and vendor billing cadence.

2. AI-Based Anomaly Detection: Once a baseline of normal behavior is established, AI systems, including neural networks and large language models (LLMs), compare each new communication against these profiles. The goal is to identify anomalies that could indicate an attack, even if it has never been seen before. This “AI analyst” emulates a human analyst but with enhanced capabilities, correlating thousands of signals in seconds.

3. Multidimensional Defense: Protection can no longer be limited to reviewing incoming emails at a single checkpoint. A robust defense must be multidimensional, continuously evaluating internal and external communications and adding constant monitoring of account risk to detect potential takeovers.

The implementation of a platform with these features allows for automatic attack remediation, automated triage of user-reported emails and automated employee training. According to data from Abnormal AI, 76% of customers that adopt this type of platform replace their legacy SEG solutions, demonstrating the benefits of this new security architecture. The future of cybersecurity does not lie in building higher walls but in developing smarter, contextual defenses capable of understanding human behavior at scale.

“Abnormal AI can be seen as a “superhuman agent” that collects, organizes, and correlates information to make decisions and remediate threats in seconds, tasks that would be impossible for a human analyst,” says Villalobos.