Imagine your phone rings at 1 a.m. It’s your mom, telling you she had an accident and needs you to send money now. In reality, it was an AI model trained on a few seconds of your mom’s voice scraped together from stolen phone conversations in a recent data breach.
As cybercriminals continue to adopt AI, we’ve seen unprecedented losses. In fact, IC3 reporting shows that reported losses have doubled since 2022, much of this growth spurred by AI.
We surveyed 258 cybersecurity professionals and gathered data from various experts to help you understand how to protect yourself from the rising threat of AI-powered attacks.
Key statistics
- Reported cybercriminal losses have doubled between 2022 and 2025, a growth spurred by AI.
- 99% of organizations have sensitive data dangerously exposed to unsanctioned AI tools.
- Among data breaches involving AI attacks (16% of breaches), 37% used phishing and 35% used deepfakes.
- The average household is under constant cyberthreat, with 13.6 billion IoT attacks reported in a 2025 study.
- 82.6% of cybersecurity professionals are concerned about the increasing sophistication of AI-powered phishing attacks.
1. Agentic Shadow AI and Data Risk
Many corporations that handle your personal data are using agentic AI to manage data without human oversight. With the right security steps, this tech can be perfectly safe. But some employees rely on shadow AI.
Employees use Shadow AI tools, or those not approved by their company, to improve productivity. If the company houses your personal data, Shadow AI could expose it. Even worse, the wrong kind of infection can spread to agentic agents. This means that tools without human oversight could harvest your data.
Here’s how this looks in reality:
- 98% of organizations have employees who use unsanctioned applications, including hidden “Shadow AI.” (Veronis)
- 99% of organizations have sensitive data dangerously exposed to AI tools, generative AI copilots and unsanctioned applications. (Veronis)
- A massive 90% of organizations have sensitive files exposed to all employees via Microsoft 365 Copilot due to over-privileged access permissions. (Veronis)
- 20% of organizations have already reported a security breach specifically caused by shadow AI, which adds an average of $670,000 to data breach costs. (IBM)
- 1 in 4 unverified OAuth apps are high-risk AI tools, leaving companies heavily exposed to potential data exfiltration and misuse. (IBM)
2. The AI Arms Race: Defenders vs. Attackers
We’ve entered a new era of cybersecurity, as both defenders and attackers leverage artificial intelligence, creating what experts describe as an “AI arms race.” Hackers can weaponize AI to generate highly personalized messages that mimic the writing style of trusted contacts or organizations.
Our 2024 survey revealed that an overwhelming 82.6% of cybersecurity professionals are either “very concerned” (50.4%) or “moderately concerned” (32.2%) about the increasing sophistication of AI-powered phishing attacks.
![A quote from Nicole Perlroth, a renowned cybersecurity expert, author, and former New York Times Reporter: All these things that cybersecurity experts have told us all to do for years, [such as] looking for software vulnerabilities, using multifactor authentication, suddenly, with AI, there’s no more room for human error. All of these things can be discovered and exploited at scale.](https://www.pandasecurity.com/en/mediacenter/src/uploads/2025/04/stanford-interview-quote.webp)
Here are some stats showing the frontlines of the AI arms race:
- AI is revolutionizing cybersecurity defense, achieving 99% accuracy while saving companies an average of $1.9 million in breach costs. (Panda Security)
- Polymorphic AI malware continuously rewrites and regenerates its code to evade traditional antivirus detection tools. (CardinalOps)
- These polymorphic attacks can continue to evade malware systems unless they receive adversarial training, which can reduce malware evasion by 30% or more. (Science Direct)
- Malicious, dark LLMs such as FraudGPT, WormGPT and PoisonGPT are lowering the barrier to entry for generating phishing scams, automatically deploying keyloggers and engaging in other nefarious activities. (Barracuda)
- One of our most powerful tools against generative AI scams is transforming awareness and cybersecurity training into changed behavior. (sosafe)
- The time it took to identify and contain a data breach in 2025 was 241 days; experts believe companies can mitigate this with automated, AI defenses. (IBM)
3. Post-Quantum Data Collection
One of the most notable emerging cybersecurity technologies is quantum encryption, which scrambles your data in a way that requires an advanced, quantum computer, which isn’t available to companies or regular people.
Since decryption (unscrambling) is currently impossible, criminals are taking a harvest now, a “decrypt later (HNDL) approach. Through HNDL, cybercriminals wait until their computers have the power to access their stolen information, as confirmed during the 2025 Finance and Economics Discussion Series.
While some may have you believe that quantum computing is a pipe dream, companies like IBM, Microsoft and Google say otherwise. Forbes found that IBM plans to run accurate quantum computing by 2029. While this is far from in the hands of a cybercriminal, the growth of AI-driven cybercrime reminds us that technology moves fast.
Experts agree: A KPMG survey of 250 large corporations reveals that 60% of Canadian and 73% of U.S. companies believe it’s only a matter of time before cybercriminals use quantum computing.
Since 95% of respondents believe its potential impact on cybersecurity is high, the time for companies to act is now. Keep an eye on the news to see how your companies are responding to these threats.
4. Smart Devices as Hacker Entry Points
The proliferation of Internet of Things (IoT) devices in our homes, from smart speakers to connected refrigerators, has created new entry points for cybercriminals. An overwhelming 87.2% of cybersecurity professionals expressed concern about security vulnerabilities associated with IoT devices in homes, with 46.5% being “very concerned” and 40.7% “moderately concerned.”
Here’s what you need to know about the risks of IoT in the real world:
- Around 2.7 billion records were exposed in a data breach targeting Mars Hydro, one of the largest IoT device manufacturers in China. (Asimily)
- Over 10 million uncertified devices running Android’s open-source software were used to target people with large-scale ad fraud and other digital crimes (Google)
- Kimwolf, an IoT botnet, has spread to infect more than 2 million devices, which it uses in distributed denial-of-service (DDoS) attacks and other activities. (Krebs on Security)
5. AI Fraud, Deepfakes and Personalized Phishing
Despite 94% of cybersecurity professionals reporting they feel “very confident” (50.8%) or “moderately confident” (43.8%) in their organization’s current methods for protecting user data. This is despite the evolving AI landscape, which is creating personalized phishing attacks and deepfakes that can mimic a friend or family member’s voice in unique vishing attacks.
Here’s how the landscape has evolved to lead to account takeovers and even identity theft:
- Microsoft is easily the top phishing target (42% of attacks), followed by Adobe (18%), DocuSign (15%) and Yahoo (10%). (Netskope)
- Voice-cloning AI can mimic a loved one’s voice with a few seconds of audio (The New Yorker)
- Among data breaches involving AI attacks (16% of breaches), 37% used phishing and 35% used deepfakes. (IBM)
- Creating more robust, scalable, generalizable and explainable deepfake detection methods is one of the most discussed challenges in cybersecurity research (Front Big Data)
6. Accountability for Exposing Customer Data
Despite the U.S. lacking comprehensive data privacy laws, the companies within it must handle certain types of sensitive data with care. If an exposure occurs, the SEC requires prompt, public disclosures; failure to do so risks fines of several million dollars, exposure to lawsuits and further reputational damage.
Here are some data security trends worth noting:
- In 2025, around 97% of breached organizations lacked proper AI access controls. (IBM)
- Less than half (49%) of organizations planned to invest in security following a breach after 2025. (IBM)
- Organizations subject to multiple regulatory compliance regimes experienced 27% higher breach costs due to the complexity of managing different notification requirements and investigations. (IBM)
- Total U.S. HIPAA fines and settlements reached $6.7 million. This is down from $9.1 million during the previous year. (Compliancy Group)
- Examples of this in the news include the South Texas Oncology and Hematology paying $1.1 million to settle a data breach lawsuit stemming from a 2024 cyberattack. (HIPAA Journal)
7. The Profitable Nature of Ransomware
Ransomware, or malware that locks a person’s files until they pay a ransom, emerged as the top concern, with 21.7% of professionals identifying it as the threat their organization faces most often. These attacks on businesses aren’t just abstract corporate problems; they also directly affect consumers because the data stolen is often theirs.
Here’s why you should consider ransomware a viable threat:
- The average ransomware payment dropped by one-third, but it still came in at around $1.3 million. (Sophos)
- The median ransom demand for organizations with $10 to $50 million in annual revenue is just over $100,000, while the median ransom demand for organizations with more than $5 billion in annual revenue is $5.5 million. (Sophos)
- Companies often (53% of the time) pay less than the agreed-upon amount from the initial ransom offer. (Sophos)
- The recovery cost of ransomware is nearly $1.5 million in 2025, down from $2.8 million in 2024. (Sophos)
- Conduent is under investigation for what could be the largest healthcare data breach in U.S. history, stemming from a ransomware attack that affected nearly 200 million individuals. (HIPAA Journal)
- Earlier this year, the Striker Corporation lost services in its global manufacturing network due to a ransomware attack. While it didn’t affect their products, it did affect their supply chain operations, like shipping. (Stryker)
8. Industry Attacks and Supply Chain Fragility
Cyberattacks can affect industries across the board, impacting supply chains and local businesses on a large or small scale. The X-Force Threat Intelligence Index 2026 found these are the most targeted industries:
- Manufacturing (nearly 28%)
- Finance and insurance (27%)
- Professional, business and consumer services (9%)
- Energy (8%)
- Transportation (8%)
- Retail (6%)
- Wholesale (6%)
- Healthcare (4%)
- Government (3%)
Cyberattack trends indicate that companies are most often targeted through public-facing applications (40%), account takeover (11%) and phishing (9%). Phishing is the only group that saw a significant drop (from 25% in 2024). In the future, we could see significant growth in cybercriminals exploiting integrated chatbots in HR systems.
Attacks like these have devastating impacts on the supply chain, as we have seen fourfold increases in major compromises over the last five years. These attacks have cascading effects: if a local shop can’t get a product in, they don’t make money. If you’re a small business owner (or know one), this can have devastating effects on your business.
Prepare for Emerging Cyber Threats
Cybercriminals may increasingly rely on more sophisticated ways to steal your accounts, money and information, but there are some easy ways to make you a harder target:
- Get an antivirus with behavioral detection: It’s a must-have, as it can spot newly generated AI malware before it attacks your device. Consider Panda Dome, a free antivirus program with built-in behavioral detection you can add to any device.
- Use services with clear privacy policies: Review the privacy policies of the services you use to be sure they store your data appropriately. If they don’t have one, consider this a red flag you might want to avoid.
- Turn on MFA: Enable multi-factor authentication via text messages or an authenticator app so cybercriminals can’t easily take over your account. You should also use a strong password to prevent brute-force attacks, but the second layer of verification via MFA is much more important.
- Rely on secure Wi-Fi: Avoid public Wi-Fi networks, which are more likely to expose you to hackers. Instead, stick to secure networks or consider a virtual private network (VPN) to protect your data.
- Regular backups: Protect your data from ransomware attacks by backing it up on a cloud storage service like Google Drive or iCloud. You can also keep a physical backup, but keep it in a secure location.
Block Emerging Threats with Panda Security
Agentic Shadow AI, post-quantum computing, dark web data leaks and similar next-generation cyberattacks aren’t slowing down, but understanding these technologies prepares you for what’s to come. The most important step is protecting your devices before an attack, not after.
Panda Dome protects you in a simple, easy-to-use package that includes real-time threat detection, safe browsing tools, and dark web monitoring to alert you if your data surfaces somewhere it shouldn’t.
Download Panda Dome today to be ready for anything in the emerging threat landscape.
Cyber Threat FAQs
What is Panda Security doing to fight against emerging cyber threats?
Panda Security continuously updates its threat intelligence to keep pace with new attack methods, including AI-powered malware and adaptive phishing campaigns. Its products use behavioral detection technology that looks beyond known virus signatures to catch threats as they happen.
What’s the most common kind of cyberattack targeting regular people?
Phishing remains the most common threat, typically arriving as convincing emails, texts, or pop-ups that trick you into clicking a link or entering personal information. With AI now being used to craft more personalized and believable messages, even tech-savvy users can be fooled.
Can regular people be targeted by ransomware?
Yes, individual users are frequent targets because they’re often less protected. Ransomware encrypts your files and demands payment to restore access, and it typically arrives through a phishing email, a malicious download, or an unsecured network connection.
What is a zero-trust security model?
Zero trust is a security approach built on one core idea: Don’t automatically trust anyone or anything, even inside your own network. It requires continuous verification at every step. While specific to business users, the concept translates into at-home habits such as using MFA, limiting which apps can access your devices, and not assuming your home network is inherently secure.
