Email phishing and business email compromise (BEC) attacks surged to historic highs in 2025. Much of this was fueled by generative AI and increasingly sophisticated tactics. MSPs now face a critical inflection point when it comes to fighting AI-powered phishing.
Legacy security is no match for attackers using low-cost, AI-enabled tools to context-rich, highly personalized messages, sometimes for as little as $50 per campaign. Nearly 70% of breaches in 2025 began with email phishing, exposing organizations to massive financial and reputational risk.
The Changing Face of Email Threats
Attackers no longer rely solely on generic, easily detected spam or malware links. With generative AI, they can craft and launch convincing phishing campaigns and BEC attacks in minutes. This allows them to exploit organizational knowledge, recent events, and unique employee behavior.
The World Economic Forum noted that 47% of organizations now view AI-enabled adversarial techniques as their top security concern. In addition, social engineering and BEC tactics have become more complex and frequent.
Multilayered AI: Modern Email Defense
To combat evolving attack vectors, MSPs must deploy multilayered, AI-powered email security frameworks that go beyond signature detection and static rules.
Olesia Klevchuck
Three advances set modern defenses apart:
- Intent Detection: AI analyzes incoming messages for signals of malicious intent. It evaluates changes in subject lines, urgency cues, and payload characteristics to flag attacks — even when no links or attachments are present.
- Contextual Analysis: Machine learning (ML) models assess the relationship between sender and recipient, recent conversation history, and organizational hierarchy to identify anomalies such as impersonations and domain spoofing.
- Behavioral Baselining: By building a baseline profile of user and communications behavior, AI detects deviations. Examples include unusual login times, unexpected file requests, or atypical message content. These can signify account compromise or pretexting attempts.
In Practice: Fighting AI-powered Phishing
Consider a scenario in which an attacker bypasses initial filters and steals a user’s credentials. Behavioral baselining immediately notices that the compromised account is being used to send messages at odd hours and to request sensitive files outside the user’s normal pattern.
Automated incident response then activates, isolating the compromised account and purging malicious emails from all affected inboxes before further damage can occur. By intercepting threats at multiple points — content analysis, behavioral monitoring and automated response — these layers work together to block sophisticated attack chains efficiently.
This reduces the time attackers remain undetected in the system and sharply increases overall security.
Benchmarks: AI’s Impact on Phishing Prevention
Industry benchmarks show the effectiveness of AI-driven, layered email security:
| Metric | Benchmark | Source |
| Percent of breaches from email phishing | 70% (2025) | DMARC Report |
| Organizations worried about AI-driven attacks | 47% | World Economic Forum |
| Cost to launch an AI phishing campaign | $50 | Strongest Layer |
These numbers underscore the urgent need for MSPs to strengthen email security with AI-powered capabilities, especially as generative tools democratize cybercrime.
Actionable Guidance for MSPs
To protect clients against today’s most advanced email threats, MSPs must:
- Evaluate existing email security controls. Identify gaps in contextual analysis, behavioral detection, and automated response.
- Prioritize AI-powered, multilayered solutions. Look for vendors that offer intent-based analysis, behavioral profiling, and integrated response.
- Educate your customers. Highlight the risk escalation tied to genAI and the affordability of attack campaigns. Use current data to demonstrate urgency and value.
- Implement automated remediation. Ensure that solutions can detect and mitigate attacks immediately, including inbox purging and account isolation.
- Leverage real-time threat intelligence. Take advantage of platforms that feed global attack data into local defense without manual updates or tuning.
Email is the single highest-risk attack surface today. MSPs must bring a layered, adaptive, and AI-powered defense posture to their clients. It will help them avoid costly breaches, regulatory penalties, and reputational damage.
The Path Forward
Email security requires intelligent, collaborative defense that anticipates and blocks attacks before they reach users. By adopting adaptive protection with automated response and global intelligence sharing, MSPs will keep their clients ahead of adversaries.
This will help ensure business continuity, even as attack tactics evolve.
Olesia Klevchuk is product marketing director for Barracuda.
Featured image: Jaruwan photo — stock.adobe.com
