AI Tools Exploited for Phishing at Scale

Phishing through the use of AI is returning as the number one challenge to the security of systems. The issue is outlined as Cisco's threat intelligence research organisation, Talos, publishes its Q1 2026 incident response report. It highlights a fundamental shift: away from complex technical exploits and toward human-centered attack methods, now supercharged by AI.

“The numbers from our Cybersecurity Readiness Index paint a concerning picture. Almost nine out of ten organisations in South Africa experienced an AI-related security incident, yet many of those same teams still lack visibility into how threat actors are actually using and weaponising AI,” says Ameera Cassoojee, Cyber Security Sales Specialist at Cisco South Africa. 

“That blind spot is what cybercriminals use as leverage. Traditional defences were built for a pace of attack that no longer exists, and the conversation about AI's role in the social engineering of those offensive cyber operations can no longer stay in the background.”

In one notable incident, adversaries leveraged Softr, an AI-powered web application development platform, to generate a credential-harvesting page targeting government employees' Microsoft Exchange and Outlook Web Access accounts.

The phishing page was created with simple AI prompts and no code, dramatically lowering the barrier to entry for less sophisticated attackers. Harvested credentials were directed to disposable external data stores like Google Sheets, with automated alerts for new captures, all without writing a single line of code.

Dramatic Reversal in Initial Access Vectors

The resurgence of phishing as the leading initial access vector marks a significant reversal. After widespread SharePoint exploitation (ToolShell) in 2025, this attack vector dropped from 62% to just 18% in Q1 2026, thanks to emergency patching and improved security detections. Phishing, which had not topped the list since Q2 2025, has filled the gap, with valid accounts returning as the second most observed initial access method at 24%.

Cassoojee notes: "When organisations improve patching and close technical gaps faster, attackers adapt. We've seen a shift away from targeting unpatched systems toward targeting people instead. In South Africa, 85% of working parents have shared a work device with their children, yet less than a third had MFA enabled. Threat actors no longer need sophisticated entry points when human behaviour creates an easier path in. That’s why South African organisations can’t treat technical controls and security awareness as two separate initiatives. They need to evolve together."

MFA Weaknesses Increasingly Exploited

Thirty-five percent of engagements this quarter involved multi-factor authentication weaknesses, an increase from the previous quarter. Adversaries bypassed MFA by registering new devices to previously compromised accounts and, in one instance, by configuring Outlook clients to connect directly to Exchange servers, circumventing MFA requirements entirely. These findings highlight that simply enabling MFA is no longer sufficient. Organisations must restrict self-service MFA enrollment and enforce strong, centralised authentication policies.

Government and Healthcare Remain Prime Targets

Public administration and healthcare tied as the most targeted sectors, each accounting for 24% of all engagements. This is the third consecutive quarter that public administration has topped the list. These organisations remain attractive targets due to limited budgets, legacy equipment, access to sensitive data, and low tolerance for downtime.

Less Ransomware, Not Less Risk

Pre-ransomware incidents comprised just 18% of engagements, with no ransomware encryption observed due to early and swift mitigation by Talos IR. This represents a significant decrease from 50% of engagements a year ago. However, Talos cautions that major ransomware-as-a-service operations like Qilin and Akira remain active, with consistently busy data leak sites. In one incident, Rhysida ransomware actors deployed an uncommon backdoor, MeowBackConn, alongside exposed management ports and over-privileged service accounts, underscoring the persistent risk of vulnerable infrastructure.

Key Recommendations

Cassoojee stresses that the findings demand urgent action across multiple fronts: “South African organisations, especially within the public sector where budgets are constrained and the impact of downtime is significant, can’t afford to approach security as a checkbox exercise. Phishing-resistant MFA needs to become standard, while developer credentials and cloud tokens should be protected with the same level of scrutiny as privileged administrator accounts. As AI continues to lower the barrier for attackers, relying on a single control layered onto already vulnerable infrastructure is becoming an increasingly risky strategy.”