Trend Micro experts warn of an era of hyper-personalized cyberattacks and identity theft in 2025. In their security predictions for the new year, the experts warn of highly individualized, AI-powered fraud, phishing and influence campaigns.
The report on 2025 predictions, "The Easy Way In/Out: Securing The Artificial Future," specifically warns of the potential of malicious "digital twins," which use stolen or leaked personal information to train a Large Language Model (LLM) that mimics the victim's knowledge, personality, and writing style. Combined with fake video and audio files and compromised biometric data, such LLMs can be abused to spoof identities and lure the victim's friends, colleagues, or family members into a scam.
AI creates almost perfect deepfakes
Deepfakes and AI can also be used in large-scale, hyper-personalized attacks to:
- To scale fraud schemes such as “business email compromise”, “business process compromise” and the infiltration of fake employees.
- To specifically identify and address victims of “pig butchering” – online relationship and investment fraud – before a human contact deepens the deception.
- to facilitate information gathering using open source intelligence for threat actors.
- to improve the development of skills in preparing for a cyber attack and thus achieve more successful attacks.
- to create authentic-looking social media identities that are used for online fraud and to spread misinformation and disinformation.
How used AI can become a danger
Companies that are increasing their use of AI this year should keep an eye on the following threats:
- Exploiting vulnerabilities and manipulating AI agents to perform malicious or prohibited actions
- Unintentional leakage of information from generative AI (Gen AI) systems
- Waste of resources due to faulty or misused AI agents, which can lead to service interruptions
"As generative AI becomes more widely used in businesses and society, we must prepare for the risks associated with it," said Jon Clay, Vice President of Threat Intelligence at Trend Micro. "Hyper-personalized attacks and the manipulation of AI agents require an industry-wide effort. Business leaders should remember that there is no longer an isolated cyber risk. Every security risk is ultimately a business risk and can have a profound impact on companies' future strategy."
Outside the AI Threat Landscape
The report also highlights other areas that are at risk in 2025. These include:
vulnerability
- Memory management errors, memory corruption bugs, vulnerability chains, and exploits targeting APIs
- Increased container breakouts
- Older vulnerabilities such as cross-site scripting (XSS) and SQL injections
- The possibility that a single vulnerability in a widely used system affects multiple models and manufacturers, for example in connected vehicles
Ransomware
Threat actors are increasingly developing strategies to evade Endpoint Detection & Response (EDR) tools, such as:
- Kill chains that use environments where EDR tools are usually not installed (e.g. cloud systems or mobile, edge and IoT devices)
- Disabling antivirus / EDR systems
- Bring Your Own Vulnerable Driver (BYOVD) techniques
- Hiding shellcodes in inconspicuous loaders
- Redirects in Windows subsystems to bypass EDR/AV detection
As a result, they can carry out faster attacks with fewer steps that are harder to detect.
It's time to act
Trend Micro security experts recommend that companies act proactively and adapt their cybersecurity strategies:
- Risk-based approach: Central identification, prioritization and mitigation of risks across the entire IT environment
- AI as defense: Using AI to analyze threat data, vulnerable systems, attack path prediction, and defenses – ideally through a unified platform.
- Employee training: Raise awareness of the advances and risks of AI.
- Monitoring and securing AI systems: Protection against misuse through strict validation processes for input and output
- protection of LLMs through hardened sandbox environments, strict data validation and multi-layered security measures against prompt injections.
- Supply chain security: Fix vulnerabilities in publicly accessible systems and better protect internal networks through multi-layered security measures.
- Consistent visibility: Comprehensively monitor AI agents.
- implementation of attack path predictionsto combat cloud threats.
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.