Multichannel attacks are becoming a serious threat for enterprises – and AI is fueling the surge
Multichannel attacks pose a dangerous threat to businesses as attackers can disguise themselves more convincingly
Organizations are seeing a steep rise in multichannel attacks fueled in part by an uptick in AI cyber crime, new research from SoSafe has found.
94% of surveyed organizations reported an increase in multichannel attacks over the last year, referring to attacks in which threat actors utilize multiple platforms such as email and SMS.
This is in part because there are now so many channels for attackers to target, with cyber criminals able to exploit social media accounts and messaging apps to mimic legitimate communications.
AI also plays a part, with the report referring to one incident in which AI was used to generate a deepfake voice clone in tandem with communication via WhatsApp and Teams channels.
“Imagine a vice president receiving a call from the ‘CEO’ asking them to execute an urgent action, followed by a confirming message on another medium like Teams or Slack. The call creates urgency, and the follow-up adds credibility. Who wouldn't do as advised?” Sascha Giese, tech evangelist at SolarWinds, told ITPro.
“A sophisticated multi-channel attack could be the perfect crime, combining technical expertise, social engineering, a narrative, and an AI in a way that few organizations are equipped to defend against,” Giese added.
Respondents expect AI cyber attacks to grow in frequency across the board, the report found, with 91% expecting the threat and intensity of AI-based cyber attacks to increase over the next three years.
Though 96% of respondents recognized the importance of detecting AI-based attacks, only 26% rated their ability to do this as “high.”
Why are multichannel attacks so dangerous?
Businesses must be wary of this upward trend in multichannel attacks as they can be particularly effective ways for attackers to leverage vulnerabilities.
They can be particularly dangerous as they combine multiple prompts directed at a victim using more than one media type to create a sense of credibility, James McGodrick, head of security services at Systal, said.
“Examples of this could be an apparently legitimate voicemail from a CFO to a member of the finance team, immediately followed by a very convincing payment link sent via E-Mail which aligns with the content of the voicemail,” McGodrick told ITPro.
RELATED WHITEPAPER
As much cybersecurity training highlights the importance of double checking with the person who appears to have sent a communication, McGodrick said, multichannel attacks work by attempting to satisfy the victim that further corroboration is not needed.
“For this reason, multi-channel attacks can be particularly dangerous for organizations, even those who have already got user awareness training in place,” McGodrick said.
MORE FROM ITPRO
-
2026 in IoT attacks: the biggest threats so far and what businesses can doIn-depth Internet of Things devices are more useful than ever – but security is still playing catch-up
-
Anthropic is increasing Claude Code usage limits — here’s everything you need to knowNews The new deal will help Anthropic increase Claude Code usage limits, and API rate limits for Claude Opus models
-
UK firms left in the dark over what workers are sharing with AINews Security teams can’t keep track of what workers are sharing with AI applications, regardless of whether they’re approved or unauthorized
-
AI is now a ‘standard part of the attacker toolkit’News Cyber attacks are increasing in scale, intensity, and velocity thanks to AI, and it’s forcing defenders to react faster than ever before
-
AI and Data are reshaping the MSP landscape, but hackers are getting in on the hot AI actionNews AI is no longer just a buzzword; it's a hacker's dream and the channel's biggest opportunity
-
AI is raising the stakes for cyber professionals – Claude Mythos just took things to another levelNews AI efficiency gains work both ways, and threat actors are already capitalizing on powerful new tools
-
Is your new hire an AI clone? Microsoft says North Korean hackers are using AI to impersonate job seekers and steal company secretsNews The groups are increasingly using face-changing or voice-changing software to make their fake identities more plausible
-
CrowdStrike says AI is officially supercharging cyber attacks: Average breakout times hit just 29 minutes in 2025, 65% faster than in 2024 – and some attacks take just secondsNews Cyber criminals are actively exploiting AI systems and injecting malicious prompts into legitimate generative AI tools
-
Using AI to generate passwords is a terrible idea, experts warnNews Researchers have warned the use of AI-generated passwords puts users and businesses at risk
-
Harnessing AI to secure the future of identityIndustry Insights Channel partners must lead on securing AI identities through governance and support
