The Agència de Ciberseguretat de Catalunya (Catalan Cybersecurity Agency) has issued a stark warning in its Informe de Prospectives 2026 (2026 Cybersecurity Outlook Report), revealing that 82.6% of emails containing malicious links now utilize generative artificial intelligence to craft their content. This surge in AI adoption among cybercriminals means that fraudulent messages, videos, and voice notes are now virtually indistinguishable from legitimate communication.
Director Laura Caballero emphasized that this “almost perfect” generation of content has rendered traditional detection methods obsolete for the average user. By deploying AI to eliminate grammatical errors and mimic professional tones, attackers are successfully bypassing the natural skepticism of their targets. The report highlights that this technology is not just being used for text, but also for increasingly sophisticated deepfake videos and voice cloning to authorize fraudulent transactions and steal credentials.
To combat this “perfect fraud”, the agency is advocating for a “technology to fight technology” strategy. This includes an €18.6 million investment into 27 separate initiatives aimed at protecting public institutions and small-to-medium enterprises. In the meantime, the agency urges the public to move beyond visual spotting and rely on structural security measures, such as two-factor authentication (2FA) and the use of specialized AI-driven tools designed to identify hidden malicious patterns that the human eye can no longer see.
