AI-driven cyberattacks are surging, with 87% of organizations impacted in the past year. Financial services and fintech firms must strengthen AI governance and cybersecurity awareness to combat evolving threats.
As artificial intelligence continues to reshape industries, it has also become a powerful tool for cybercriminals. According to SoSafe’s newly released Cybercrime Trends 2025 report, AI-driven cyberattacks have surged globally, with 87% of organizations reporting AI-enabled threats in the past year. This alarming trend poses a significant risk to financial services and fintech firms, which remain prime targets for cybercriminals.
The rise of AI-driven cyberattacks
SoSafe’s research highlights an alarming escalation in AI-powered attacks. These sophisticated cyber threats range from deepfake-enabled fraud to AI-generated phishing campaigns that exploit multichannel communication platforms. Notably, 91% of cybersecurity professionals expect AI-related threats to rise significantly over the next three years, yet only 26% feel confident in their ability to detect them.
“AI is dramatically scaling the sophistication and personalization of cyberattacks,” said Andrew Rose, CSO at SoSafe. “While organizations are aware of these threats, our data shows they are not confident in their ability to detect and react to them.”
Multichannel attacks on the rise
Financial institutions are increasingly dealing with multichannel cyberattacks that exploit multiple communication platforms such as email, SMS, social media, and even collaboration tools. The report reveals that 95% of organizations have seen a surge in these tactics, with cybercriminals leveraging AI to craft highly convincing scams.
A striking example includes the cyberattack on WPP’s CEO, where attackers used a combination of WhatsApp, Microsoft Teams, and an AI-generated deepfake voice call to steal sensitive data and funds. These tactics, referred to as ‘3D phishing,’ demonstrate how AI is making social engineering attacks more deceptive and effective.
AI as both an attack vector and a vulnerability
Beyond external threats, the internal use of AI within financial institutions is also expanding the attack surface. Many firms have integrated AI-powered chatbots and automation tools, but these systems can be manipulated by cybercriminals. The report warns of threats such as data poisoning—where AI models are fed misleading data to compromise their outputs—and AI hallucinations that generate false but convincing responses.
“Many firms create AI chatbots to assist employees, but few consider how these tools can be manipulated to aid attackers in collecting sensitive data or bypassing security controls,” the report states. Alarmingly, 55% of businesses have not fully implemented controls to manage the risks associated with their in-house AI solutions.
Key cybersecurity concerns for financial services
Among security leaders, the top concerns related to AI-driven cyberattacks include:
- Obfuscation techniques: AI-generated methods that disguise the origins and intent of attacks (cited by 51% of respondents).
- New attack methods: The creation of entirely novel cyber threats (45%).
- Automated attack speed and scale: AI-driven cyberattacks are faster and more widespread than traditional methods (38%).
Balancing AI adoption with security
Despite these growing threats, AI remains a crucial tool for strengthening cybersecurity in the financial sector. AI-powered defense mechanisms can help institutions detect anomalies, automate responses, and enhance phishing simulations for employee training. However, SoSafe emphasizes that technology alone is not enough—organizations must also foster cybersecurity awareness among employees to mitigate risks.
“While AI presents new challenges, it also remains one of our greatest allies in protecting organizations against ever-evolving threats,” said Niklas Hellemann, CEO of SoSafe. “By combining human expertise, security awareness, and the careful application of AI, we can build stronger, more resilient organizations.”
The financial services and fintech sectors must remain vigilant as AI-driven cybercrime continues to evolve. Proactive AI governance, employee training, and a robust cybersecurity strategy are essential to staying ahead of these threats. As attackers refine their techniques, organizations must enhance their defenses to protect critical assets and maintain trust in the digital economy.
Leave a Reply