AI-powered phishing detection checklist

Fiona Dalton

The email looks perfect. Your CEO’s name, the right tone, a reasonable request. The grammar is flawless – better than most emails your CEO actually sends. So you click the link.

That’s exactly what the attacker designed you to do.

AI-generated phishing emails have fundamentally changed the threat. According to Hoxhunt’s 2026 Phishing Trends Report, AI-powered attacks surged 14 times over the 2025 holiday season alone. And they work: AI phishing succeeds 54% of the time, compared to just 12% for traditional attacks.

The checklist you learned no longer applies. Watch for bad grammar? Any AI email writer now produces cleaner English than most professionals.. Spot urgent language? Attackers now use calm, credible time pressure instead. Look for broken formatting? Today’s phishing emails are polished and pixel-perfect.

The signs of a phishing email have changed entirely. Detecting them now requires a different approach – one built around behavior, context, and verification rather than surface-level red flags.

This guide gives you exactly that: a practical, updated AI phishing detection checklist for 2026. Each item replaces something outdated with something that actually works.

Why AI-Generated Phishing Emails Are So Hard to Spot Now

Not long ago, phishing emails were easy to dismiss. A generic greeting. Broken English. An implausible story about a foreign prince or a frozen bank account. Most people learned to spot them quickly – because most of them were obvious.

That era is over.

Today’s attackers feed AI tools information pulled directly from LinkedIn profiles, company websites, press releases, and social media. The AI analyzes your job title, your colleagues’ names, your recent projects, and your organization’s communication style. Then it generates an email that sounds like it belongs in your inbox.

IBM researchers tested exactly how fast this happens. Using just five prompts, they created convincing spear phishing attack emails in under five minutes. Human experts needed sixteen hours to produce something equally effective. The AI emails performed just as well – and cost a fraction of the effort.

That efficiency creates three advantages attackers didn’t have before.

Hyper-personalization at scale. Instead of one generic message sent to thousands, attackers now send thousands of unique, individually tailored emails. Each one references something real about the recipient. Each one feels written specifically for them.

Multi-channel coordination. Generative AI phishing campaigns don’t stop at email. The same attack might follow up with a text message, then a phone call using AI-cloned voice. Every channel reinforces the others, building pressure from multiple directions simultaneously.

No obvious tells. Old social engineering tactics left fingerprints – urgency screamed in capital letters, mismatched logos, awkward phrasing. AI produces none of these. The grammar is correct. The tone is calibrated. The formatting is clean.

In fact, that polish is now the tell. Writing that seems too structured, too consistent, and too professional for the context is increasingly a signal worth examining – not a sign of legitimacy.

That’s where the updated checklist begins.

The AI Phishing Detection Checklist: 10 Signs to Check Before You Click

The traditional warning signs are no longer enough. Each item below either replaces an outdated rule or extends it for the AI era. Work through this list whenever an email feels even slightly off.

1. The sender address doesn’t fully match

Don’t read the display name – read the actual email address. Attackers register lookalike domains that pass a quick glance: support@amaz0n.com, billing@paypa1.com, hr@yourcompany-secure.com. One substituted character is all it takes. Click the sender name to expand the full address, and compare it character by character against what you’d expect.

2. The email knows too much about you

AI scrapes LinkedIn, company websites, and public social media to build targeting profiles. So when an email references your job title, your current project, or a colleague by name, that detail isn’t proof of legitimacy – it may be proof of reconnaissance. Ask one question: should this specific person realistically have access to this information? If the answer is uncertain, treat the message with suspicion.

3. The writing is unusually polished

Real colleagues write casually. They use contractions. They occasionally start a sentence with “and.” They sometimes ramble. AI does none of this. Every sentence is grammatically correct. Every paragraph has a clear structure. The tone stays perfectly consistent from opening to sign-off. Clinical polish in an informal context is now a genuine phishing email red flag – not a mark of professionalism.

4. The urgency feels professional, not panicked

Old phishing emails screamed. AI phishing emails reason. Instead of “YOUR ACCOUNT WILL BE SUSPENDED,” today’s attacks say “We need your confirmation by 3pm to meet the board deadline.” The pressure is real, the language is calm, and the consequence sounds plausible. As a result, this is one of the hardest AI phishing detection signals to catch. Whenever a deadline appears in an unexpected email, slow down rather than speed up.

5. The request doesn’t match your normal workflow

Every organization has patterns. Finance requests come through specific channels. IT resets follow a defined process. Password changes happen through known systems. When a request arrives outside those patterns – from someone who never contacts you directly, or through an unusual channel – that mismatch deserves a pause. Out-of-workflow requests are one of the clearest suspicious email warning signs, regardless of how well-written the message is.

6. Links don’t go where they claim

Before clicking on the link, place the mouse pointer over the link and check the actual address in the status bar at the bottom of the browser window. Scammers often use redirecting chains of domains and short URLs to make their URLs look innocent. The link might say “Reset your password” but could be redirecting through three domains and finally landing on a fake login page. The technique of URL spoofing is now so sophisticated that even the most discerning reader is not likely to catch it. If the destination is not the same as the sender, do not click on the link.

7. The attachment has an unusual file type

Microsoft recently blocked a phishing campaign using SVG files disguised as PDFs – labeled “23mb – PDF – 6 pages.svg” to fool recipients into opening them. SVG files can execute embedded scripts. Macro-enabled Office files can run malicious code on open. The rule here is simple: if you weren’t expecting an attachment, don’t open it – regardless of how legitimate the email looks. A malicious attachment needs only one click to succeed.

8. The greeting is personalized but contextually hollow

It knows your name. It can find it anywhere and insert it in an opening. What it may not grasp is the context of your relationship implied by your name. A businessperson who has done business with you for three years might mention something you’ve done together, something discussed, or something unique to your history. What an AI program sends is your name and then words that could be used with anyone. Personalization without specificity is something to watch for.

9. Multi-channel follow-up arrives too quickly

AI-orchestrated campaigns don’t stop at email. A message arrives, then within minutes a text references “the email I just sent you,” then a phone call follows up on both. This coordinated pressure across channels is designed to create legitimacy through repetition. However, real multi-channel communication from colleagues and vendors doesn’t happen this fast or this scripted. When channels align too neatly and too quickly, the coordination itself is the warning sign.

10. Something feels slightly off – and you can’t explain why

Trust this instinct. AI is exceptionally good at surface-level accuracy but consistently misses the subtle texture of real human relationships. The wrong nickname. A phrase your colleague would never use. A request that’s technically plausible but somehow out of character. Humans detect these micro-deviations unconsciously, often before conscious analysis catches up. In the context of AI phishing detection, an unexplained feeling of wrongness is not paranoia – it’s pattern recognition. Act on it.

How to Verify a Suspicious Email Before You Click Anything

The checklist tells you what to look for. This section tells you what to do when you find it.

Stop Before You Act

Urgency is engineered. Every AI-generated phishing attack is designed to make you respond faster than you think. The deadline, the consequence, the authority of the sender – all of it exists to compress your decision-making window. Pausing for sixty seconds breaks that trap entirely. The single most effective habit in email phishing prevention costs nothing and requires no tools.

Verify Through a Different Channel

If there is anything suspicious about the email, the best course of action is to get in touch with the person who presumably sent the email, but not using the information contained in the suspicious email. This means not using the phone number contained in the signature, nor replying to the original sender’s email. Instead, use another channel that you know the person uses, such as a phone number in your phonebook, or a private Slack message, or an original email thread that you started. This is called out-of-band verification, and no AI-generated scammer is going to be able to get around this.

Check Links Without Clicking Them

Rather than hovering – which still carries risk on some devices – open a new browser tab and type the website address manually. For suspicious links you want to scan without visiting, free phishing email checker tools like VirusTotal and PhishTank let you paste a URL and check it against known threat databases in seconds. Neither requires an account.

Read the Email Headers

Every email carries a hidden authentication record. In Gmail, click the three-dot menu and select Show original. In Outlook, go to File → Properties → Internet headers. Look for the Authentication-Results line. A result showing spf=pass and dkim=pass means the message came from an authorized server – though it doesn’t guarantee the content is safe. A fail on either tells you the sender address was likely forged. For a full explanation of what these records mean and how they protect your domain, the breakdown of SPF, DKIM, and DMARC covers everything in plain language.

Report It – Don’t Just Delete

While deleting the suspicious email only safeguards you, reporting it safeguards everyone. Reporting the suspicious email to the IT department or security personnel by forwarding it to them, using the email client’s feature to report suspicious emails, or sending it to the Anti-Phishing Working Group at reportphishing@apwg.org is helpful in improving organizational filters and tracking the phishing campaign in real-time. If you have already clicked on the suspicious email, it is imperative to change your password, activate multi-factor authentication on the account, and contact your IT department immediately to prevent credential theft.

Why Traditional Email Filters Struggle With AI Phishing Detection

Most email security tools were built for a different threat. Legacy filters work by matching incoming messages against known bad patterns – suspicious keywords, blacklisted domains, recognized malware signatures. If an email matches a known threat, it gets blocked. If it doesn’t, it passes through.

AI phishing breaks this model completely.

Instead of sending the same message to thousands of recipients, AI generates polymorphic attacks – slightly different versions of every email, each one unique. Different subject lines. Different phrasing. Different link structures. No two messages match closely enough to trigger a pattern-based filter. The threat is real, but the signature never existed before, so nothing catches it.

Phishing-as-a-service has made this worse. Dark web platforms now offer subscription kits that let low-skill attackers spin up convincing, AI-assisted campaigns in under thirty seconds. What once required technical expertise and hours of preparation now costs a monthly fee and a few clicks. The volume of novel attacks has grown faster than signature databases can track.

Modern AI email security takes a fundamentally different approach. Rather than matching patterns, it analyzes behavior – how this sender typically communicates, whether the request fits the established relationship, whether content and context align. Natural language processing models evaluate tone, intent, and anomalies that static rules would never catch. Sender reputation and message content are assessed together, not separately.

That said, no filter catches everything. The most dangerous attacks will always reach a human inbox and require a human decision. Technology narrows the gap – it doesn’t close it.

This is also why your choice of email provider matters beyond features. Providers like Atomic Mail treat security as infrastructure – building authentication, encryption, and threat analysis into the platform itself, with an AI Security Helper that scans outgoing drafts for sensitive data before you hit send. That kind of baseline matters before any message reaches your eyes.

The Bottom Line on AI Phishing Detection

The old checklist is broken. Grammar errors, urgent subject lines, and generic greetings are no longer reliable signals – AI has eliminated all of them. The new approach is behavioral: check the sender address character by character, question hyper-personalized details, pause before acting on any time pressure, and verify through a channel the attacker doesn’t control.

AI works on both sides of this fight. The same technology behind every legitimate ai email writer now lets attackers craft convincing, personalized campaigns at scale. Defenders use it to detect behavioral anomalies that static filters miss. Understanding both dynamics is what makes the difference between a clicked link and a blocked threat.

Fighting AI phishing starts before you open an email. It starts with who handles your email in the first place.

Cookie	Duration	Description
akavpau_ppsd	session	This cookie is provided by Paypal. The cookie is used in context with transactions on the website.
nsid	session	This cookie is set by the provider PayPal. This cookie is used to enable the PayPal payment service in the website.
tsrce	3 days	This cookie is set by the provider PayPal. This cookie is used to enable the PayPal payment service in the website.
x-pp-s	session	This cookie is set by the provider PayPal. This cookie is used to process payments from the site.

Cookie	Duration	Description
ac_enable_tracking	1 month	This cookie is set by the Active Campaign. This cookie is used to keep track of the site usage.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gcl_au	3 months	This cookie is used by Google Analytics to understand user interaction with the website.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_hjFirstSeen	30 minutes	This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
_omappvp	11 years	The cookie is set to identify new vs returning users. The cookie is used in conjunction with _omappvs cookie to determine whether a user is new or returning.
_omappvs	20 minutes	The cookie is used to in conjunction with the _omappvp cookies. If the cookies are set, the user is a returning user. If neither of the cookies are set, the user is a new user.
_uetsid	1 day	This cookies are used to collect analytical information about how visitors use the website. This information is used to compile report and improve site.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.
fr	3 months	The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
MUID	1 year 24 days	Used by Microsoft as a unique identifier. The cookie is set by embedded Microsoft scripts. The purpose of this cookie is to synchronize the ID across many different Microsoft domains to enable user tracking.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
uid		This cookie is used to measure the number and behavior of the visitors to the website anonymously. The data includes the number of visits, average duration of the visit on the website, pages visited, etc. for the purpose of better understanding user preferences for targeted advertisments.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.

Cookie	Duration	Description
_fw_crm_v	1 year	No description
_gat_UA-124464104-1	1 minute	No description
_gat_UA-182261587-1	1 minute	No description
_hjAbsoluteSessionInProgress	30 minutes	No description
_hjid	1 year	This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_hjIncludedInPageviewSample	2 minutes	No description
_hjIncludedInSessionSample	2 minutes	No description
_hjTLDTest	session	No description
_lfa	2 years	This cookie is set by the provider Leadfeeder. This cookie is used for identifying the IP address of devices visiting the website. The cookie collects information such as IP addresses, time spent on website and page requests for the visits.This collected information is used for retargeting of multiple users routing from the same IP address.
_seg_uid	1 year	No description
_seg_uid_3536	1 year	No description
_seg_visitor_3536	1 year	No description
_uetvid	16 days 6 hours	No description
CONSENT	16 years 8 months 2 days 6 hours	No description
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-others	1 year	No description
DO-LB		No description
enforce_policy	1 year	No description
hyperise_session	2 hours	No description
l7_az	30 minutes	No description
LANG	9 hours	No description
prism_799560831	1 month	No description
RUL	1 year	No description
whr_nov	1 year	No description
x-cdn		No description