AI-Powered Phishing Kits Evade Enterprise Defenses

Cybersecurity researchers report that four AI-powered phishing kits—BlackForce, GhostFrame, InboxPrime AI and Spiderman—are increasingly used this year to bypass defenses and scale attacks. The kits employ dynamic phishing pages, real-time code obfuscation, hyper-personalized emails, and MFA relay attacks to target banking, corporate, and consumer accounts. Organizations face urgent need for intent-aware detection, stronger identity controls, and immersive phishing simulations.
Key Points
- 1Identify four AI-driven phishing kits—BlackForce, GhostFrame, InboxPrime AI, Spiderman—targeting major services.
- 2Show enhanced capabilities—dynamic pages, code obfuscation, personalization, MFA relay—escalating attack effectiveness.
- 3Require real-time, intent-aware defenses, robust identity controls, and immersive user training programs.
Scoring Rationale
Timely, industry-wide threat reporting with practical defenses, but based on vendor and media reports rather than peer-reviewed research.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems