Artificial intelligence has transformed how organizations operate—and threat actors are moving just as quickly. In Cofense’s recent webinar, The New Era of Phishing: Threats Built in the Age of AI, Cofense Chief Security Officer Josh Bartolomie joined threat experts Chance Caldwell and Max Gannon to break down the most important phishing trends emerging from real-world attack data.
Phishing isn’t slowing down. It’s evolving—faster, more adaptive, and harder to detect than ever before.
Here are five key takeaways security teams should understand heading into 2026 and beyond.
- Email Remains the #1 Entry Point for Attackers
Despite years of investment in email security, phishing continues to be the dominant initial access vector across industries. - AI Has Made Phishing Faster, Smarter, and Unbearably Scalable
Threat actors are no longer experimenting with AI—they are operationalizing it. - Adaptive Phishing Pages Are Now Built to Evade Analysis
Modern phishing kits can tailor payloads depending on browser type, operating system, geolocation, and more. - Polymorphic Phishing Has Become the Default Delivery Model
AI enables endless variation that breaks static detection models. - Legitimate Tools and Conversational Attacks Are Reshaping Phishing Risk
Attackers are shifting toward conversational BEC attacks and abusing legitimate remote access tools.
Final Thought: Post-Perimeter Defense Is the New Requirement.
Phishing defense must extend beyond the gateway with post-delivery visibility, human validation, and behavioral context.
Watch On-Demand + Download the Report
Watch the webinar on-demand and download the full report: The New Era of Phishing: Threats Built in the Age of AI.