Axel Segebrecht

AI-Powered Cyber Threats: Why Your Small Business Needs to Wake Up Now

Axel Segebrecht #Resillience and Protection #AI Threats #Credential Theft #Cyber Awareness #Deepfakes #Employee Training #Incident Response #Multi-Factor Authentication #Phishing #Ransomware #Small Business Security #Social Engineering
AI-Powered Cyber Threats: Why Your Small Business Needs to Wake Up Now

AI-powered cyber threats are targeting small businesses. Learn how deepfake scams, AI phishing, and credential theft work—and how to protect your company.

Look, I’m not trying to scare you, but we need to talk about something that’s fundamentally changed the cybersecurity landscape in the past couple of years. AI tools like ChatGPT and Claude? They’re brilliant for legitimate work. But they’ve also handed criminals a massive upgrade. 

KEY FACTS AT A GLANCE 

The Scale of the Threat: 

  • Deepfake fraud incidents surged by 3,000% in 2024 [4] 
  • 84% increase in phishing emails delivering credential-stealing malware [2] 
  • Deepfake creation services now available for $60-$500 per video [1] 
  • Face-swapping tools range from free to $249/month subscriptions [1] 

Real-World Impact: 

  • Hong Kong company lost $25 million to a deepfake video call scam [1] 
  • 30% of all cyberattacks in 2024 used stolen credentials as entry point [2] 
  • 70% of cyberattacks targeted critical infrastructure organisations [2] 

The Barrier to Entry Just Collapsed 

Here’s the thing: you used to need serious technical skills to create convincing malware or phishing campaigns. Not anymore. There are literally prompts floating around the dark web that let anyone describe what they want in plain English, and boom—you’ve got semi-targeted malware. IBM’s X-Force report confirms that attackers are now using AI to craft grammatically flawless phishing emails, clone websites for credential harvesting, and even assist with malware code generation [2]. The floodgates haven’t just opened; they’ve been blown off their hinges. 

Phishing Gets Frighteningly Good 

Phishing and ransomware? Still the number one threats, and LLMs have made them exponentially more dangerous. According to IBM’s 2025 Threat Intelligence Index, there was an 84% year-on-year increase in phishing emails delivering infostealer malware—a spike researchers attribute to attackers leveraging AI to scale their operations [2]. Criminals can now generate hundreds of convincing phishing emails in minutes—emails that look legitimate, sound right, and target you specifically. And when someone clicks that link? Ransomware. Business crippled. It’s still a hugely successful “business model” for enterprising criminals. 

But Wait, It Gets Worse: Deep Fake Impersonation-as-a-Service 

Here’s something relatively new that should genuinely worry you. Security researchers at Palo Alto Networks’ Unit 42 uncovered an entire criminal ecosystem selling deepfake creation services through messaging platforms, complete with customer support channels and straightforward payment options [1]. We’re talking deep fake video calls on Zoom or Teams available as a service. 

The pricing? Disturbingly accessible. According to Unit 42’s research, deepfake videos can be commissioned for $60 to $500 depending on complexity and quality. Face-swapping tools that operate in real-time during video calls are available on subscription plans ranging from free to over $249 per month [1]. These aren’t theoretical threats—they’re commercial products with customer bases. 

All they need is a bit of your voice (maybe your voicemail greeting) and an image or two from LinkedIn or social media. Suddenly, “you” are on a video call with your finance team, authorising a wire transfer. Or a competitor is inserting themselves into your deals, pretending to be someone from your company. 

The Hong Kong case that made headlines? A finance employee was duped into transferring $25 million during a video conference call where deepfake technology was used to impersonate the company’s CFO and other executives [1]. This wasn’t science fiction—it happened. 

Small Businesses: You’re in the Crosshairs 

Why am I telling you this? Because small businesses are disproportionately impacted. You don’t have the multi-layered defences that enterprises deploy. You don’t have in-house security teams. And that makes you vulnerable. 

IBM’s research shows that in 2024, 70% of all cyberattacks targeted organisations within critical infrastructure sectors, many leveraging vulnerabilities in internet-facing systems—unpatched web applications, remote access gateways, and outdated cloud infrastructure [2]. The attack surface keeps expanding, and threat actors are getting better at exploiting it. 

What You Actually Need to Do 

The reality is that it’s now so much easier for someone—anyone on your team—to inadvertently click something they shouldn’t or give away credentials they wouldn’t normally share. IBM reports that 30% of all intrusions in 2024 began with the use of valid account credentials [2]—hackers don’t break in, they log in. So here’s what matters: 

Multi-layered defence isn’t optional anymore. You need proper email filtering, endpoint protection, regular backups (tested ones), and network segmentation where it makes sense. 

User training is critical. Your team needs to understand these risks exist. They need to know that even video calls can be faked. They need to verify unusual requests through separate channels—if your CFO emails asking for an urgent wire transfer, pick up the phone and call them directly using a number you already have saved. 

Disaster recovery planning isn’t about “if” anymore—it’s “when.” What happens when ransomware hits? What’s your plan when someone compromises credentials? How do you respond to a brand incident where someone pretended to be you? 

Monitor for your credentials on the dark web. IBM’s analysis found an 8 million+ advertisements for stolen credentials on the dark web in 2024 from just the top five infostealer malware families—with each listing potentially containing hundreds of credentials [2]. You need to know if your team’s credentials are out there. 

The Bottom Line 

I’m not trying to be doom and gloom here. But the tools that make our work easier are also making adversaries more capable. The freelance journalist who might impersonate someone for a scoop, the competitor inserting themselves into your deals, the random criminal who can now craft convincing attacks without any technical background—they all have access to the same powerful AI tools we use every day. 

Unit 42’s research shows these deepfake scam campaigns have reached hundreds of domains, with each being accessed an average of 114,000 times globally [1]. This isn’t a niche threat—it’s happening at scale. 

Have your wits about you. Take a good, hard look at your defensive posture. And for the love of all that’s holy, have a plan for when—not if—something goes wrong. 

Because in 2026, cybersecurity isn’t just an IT problem. It’s a business survival issue. 

Want to discuss your business’s security posture? Let’s talk about practical, cost-effective defences that actually work for small businesses. No enterprise bloat, just sensible protection. 

REFERENCES 

[1] Palo Alto Networks Unit 42, “The Emerging Dynamics of Deepfake Scam Campaigns on the Web,” August 2024. https://unit42.paloaltonetworks.com/dynamics-of-deepfake-scams/ 

[2] IBM Security, “X-Force Threat Intelligence Index 2025,” 2025. https://www.ibm.com/reports/threat-intelligence 

[3] IBM Security, “X-Force Threat Intelligence Index 2025 highlights attackers steal, and sell, user identities at scale,” November 2025. https://www.ibm.com/think/x-force/x-force-threat-intelligence-index-2025-attackers-steal-sell-user-identities 

[4] McAfee, “A Guide to Deepfake Scams and AI Voice Spoofing,” September 2025.   https://www.mcafee.com/learn/a-guide-to-deepfake-scams-and-ai-voice-spoofing

Discussion