Cybersecurity researchers are warning that scams are no longer being run piece by piece by human attackers, but increasingly executed end-to-end by autonomous AI agents.
In a new report, Malwarebytes says the rise of agentic AI has fundamentally changed how fraud campaigns operate.
The firm explains that AI agents are now capable of handling the entire lifecycle of a scam without constant human involvement.
“Agentic AI is the term used for individualized AI agents designed to carry out tasks autonomously.”
According to Malwarebytes, these agents can independently gather intelligence on victims, identify exploitable data, and initiate highly targeted attacks.
“One such task could be to search for publicly available or stolen information about an individual and use that information to compose a very convincing phishing lure.”
Once contact is established, the agents can sustain long conversations, escalating pressure and credibility as the interaction unfolds.
“These agents could also be used to extort victims by matching stolen data with publicly known email addresses or social media accounts, composing messages and sustaining conversations with people who believe a human attacker has direct access to their Social Security number, physical address, credit card details, and more.”
Malwarebytes warns that agentic automation turns fraud into a scalable operation, allowing criminals to move faster, target more victims and personalize attacks at unprecedented levels.
Beyond agent-driven scams, Malwarebytes notes that AI is also amplifying other forms of cybercrime. Voice cloning has enabled impersonation campaigns targeting not just families but senior US officials.
The firm also highlights AI-assisted malware campaigns, including documented cases where attackers used generative AI to automate everything from initial compromise to ransom note creation. Since early 2024, OpenAI says it has disrupted more than 20 criminal campaigns attempting to abuse its platform.
Malwarebytes concludes that while AI is strengthening defenders as well, the shift toward autonomous, agent-driven fraud marks a major escalation in how cybercrime is executed and scaled.
Disclaimer: Opinions expressed at CapitalAI Daily are not investment advice. Investors should do their own due diligence before making any decisions involving securities, cryptocurrencies, or digital assets. Your transfers and trades are at your own risk, and any losses you may incur are your responsibility. CapitalAI Daily does not recommend the buying or selling of any assets, nor is CapitalAI Daily an investment advisor. See our Editorial Standards and Terms of Use.