Request a demo

Fight AI with AI: Introducing the Spear Phishing Agent

The Spear Phishing Agent uses the same AI models and techniques that beat human red teams to craft phishing simulations for training.

April 11, 2025
Post hero image

Table of contents

See Hoxhunt in action
Drastically improve your security awareness & phishing training metrics while automating the training lifecycle.
Get a Demo
Updated
April 14, 2025
Written by
Fact checked by

For the past few years, we’ve been experimenting with AI’s and LLMs' abilities to create effective phishing emails.

We’ve investigated if AI can be a better social engineer than a professional human red team.

At first, while AI did fairly well, humans remained more effective at phishing.

Now, our new research showed that AI can beat humans at crafting phishing emails that get people to click

AI is here to phish us

Social engineers are already using AI and LLMs to scale their phishing efforts. With AI’s clear status as an elite phishing operator, we need to ramp up phishing training to address this. We must ensure targeted humans stand as a resilient human firewall, reporting all and any suspicious messages.

The best way to learn to become resilient against AI created attacks is to train with AI created attacks.

Spear Phishing Agent is here to train us

Our platform’s first official AI agent, the Spear Phishing Agent, is now available in Hoxhunt phishing training!

The Spear Phishing Agent uses the same AI models and techniques that beat human red teams to craft phishing simulations for training.

We’ve harnessed the evil AI for good, fighting AI with AI.

Users receiving these simulations are made aware of the dangers of AI as a phishing operator, and trained on the threats appearing in the messages.

Phishing messages created by the AI agent are convincing. Stay vigilant!

The agent in Hoxhunt’s adaptive phishing training

The phishing emails created by the Spear Phishing Agent can be quite advanced attacks.

Our training philosophy is heavily based on training users at the right level of difficulty.

If training is too difficult, it’s frustrating.

If training is too easy, it’s boring.

The right amount of challenge helps maintain active participation and engagement in phishing training.

Engagement is crucial for maintaining muscle memory of what to do when encountering suspicious messages: report the messages.

The agent operates in our advanced training mode called “Spicy Mode”.

This mode delivers the most challenging simulations to users, utilizing the most effective social engineering techniques and realistic scenarios.

Get the Spear Phishing Agent now

Already using Adaptive Phishing Training? Activate the Spear Phishing Agent in the admin portal’s new Agents section.

Want to learn more?
Be sure to check out these articles recommended by the author:
Demo now
Get more cybersecurity insights like this

Continue reading

Cut Phishing Alert Volume by 99% with Hoxhunt Respond

News

April 16, 2025

10 Essential Security Awareness Training Topics (And How We Make Them Stick)

Education

April 8, 2025

AI-Powered Phishing Outperforms Elite Cybercriminals in 2025

Research

April 3, 2025