October is Cybersecurity Awareness Month, and it’s a good reminder that we all play a role in keeping the digital space safer. All month long, Sherweb is sharing practical ways to reduce risk, from recognizing threats to building better everyday habits.
Remember when spotting a phishing email was as simple as looking for typos and generic greetings? Those days are over. Thanks to generative AI, cybercriminals can now craft highly convincing, personalized phishing attacks at scale, making human error a bigger risk than ever.
The reality is that over 90% of all cyberattacks still begin with a phishing email. Despite decades of security awareness training, the human element remains the weakest link in most organizations. Traditional email filters and basic user training simply can’t keep up with today’s AI-powered phishing attacks.
But here’s the opportunity: the same technology fueling AI-powered phishing is also powering a new generation of security tools. A modern defense requires a layered, AI-driven approach that protects the inbox and empowers the user.
What changed for attackers: The AI-powered offense
Today’s cybercriminals have access to advanced tools that would have been unimaginable just a few years ago. Here’s what MSPs are up against:
LLM-polished lures at scale
Generative AI has eliminated the classic “tells” of phishing emails. Attackers can now create localized, industry-specific content that looks completely legitimate. No more obvious grammar mistakes or awkward phrasing; these emails read like they came from a colleague or trusted vendor.
A shift to malicious links and QR codes
Attackers are moving away from suspicious attachments to URL-based phishing. Additionally, according to Proofpoint’s latest research, we’re seeing millions of QR code (“quishing”) campaigns designed to trick users into visiting malicious sites on their mobile devices, where security controls are often weaker.
MFA-bypass kits are now mainstream
Adversary-in-the-middle (AiTM) toolkits have become commonplace. These create fake login pages that intercept session tokens to bypass multi-factor authentication, specifically targeting platforms like Microsoft 365 and Google Workspace that your clients rely on daily.
The rise of phishing-as-a-service
Sophisticated phishing toolkits are now sold as services, lowering the barrier to entry for less-skilled attackers to launch effective campaigns. This democratization of cybercrime means more threats from more sources.
Deepfakes enter business email compromise
We’re seeing real-world cases where AI-generated voice and video of executives are used on live calls to authorize fraudulent transactions. These aren’t hypothetical threats; they’re happening now, leading to multi-million dollar scams. Losses from business email compromise reported to the FBI’s Internet Crime Complaint Center topped $2.7 billion in 2024 alone.
Hyper-personalization through data mining
Open-source intelligence and breached information databases fuel increasingly targeted spear phishing attempts. Attackers know where your clients work, who they report to and what projects they’re working on.
This new breed of AI-enhanced threats requires a completely different defensive strategy. MSPs need to fight AI with AI and build defenses that are just as powerful as the attacks they’re designed to stop.
The modern MSP response: Building an AI-powered defense
Fortunately, the same technology that’s making AI-powered phishing attacks more complex is also powering a new generation of security tools. Machine learning algorithms can now analyze email patterns, user behavior and threat indicators in real-time to detect attacks that would slip past traditional filters. These AI-driven solutions adapt and learn from new attack methods, providing the proactive defense that modern MSPs need to stay ahead of cybercriminals.
However, no single tool can stop everything. The most effective approach is a layered defense that combines advanced inbox-level threat detection with adaptive user training that responds to real behavior and current attack methods. By pairing AI-powered email security with ongoing human risk management, MSPs can create a resilient security posture that protects both the technology and the people behind it.
Layer 1: Secure the inbox
This layer focuses on stopping link-based and AiTM-style phishing attempts before they reach the user. Traditional email filters look for known bad actors and obvious red flags, but AI-generated phishing emails don’t have those tells, and they’re often sent from compromised legitimate accounts.
To stop the targeted, industry-specific attacks that cause the most damage, you need specialized solutions that can detect AI-crafted threats in real-time and provide the detailed visibility MSPs require to protect their clients effectively. Sherweb offers two powerful AI-driven options to secure the inbox:
IRONSCALES provides API-based email security that protects Microsoft 365 and Google Workspace with just a few clicks. It excels at post-delivery remediation: its AI engine spots suspicious URLs and QR codes and allows for one-click (or fully automated) removal of malicious emails from all user inboxes.
- Identifies look-alike campaigns and supplier spoofing attempts
- Hunts for threats post-delivery and auto-remediates across tenants
- Provides detailed threat intelligence for your security reviews
Proofpoint adds an essential layer of best-in-class filtering for Microsoft 365 and Hosted Exchange environments. With email being the primary attack vector for malware delivery, Proofpoint’s in-depth filtering catches sophisticated threats that native security might miss, stopping them before they reach the inbox.
- Detects malware and phishing attempts before they reach the inbox
- Defends against malicious links and files with URL and attachment defense
- Offers detailed reporting for proactive threat management
While advanced email security dramatically reduces the number of threats reaching users’ inboxes, it can’t catch everything. That’s where the human element becomes your second line of defense.
Layer 2: Strengthen the human firewall
This layer focuses on training clients to detect the threats that even the best filters might miss. Generic annual training doesn’t prepare users for AI-crafted attacks that mimic their actual vendors, colleagues and business processes. Plus, by the time the next year’s training rolls around, the threat environment can completely change.
Users need regular exposure to current attack methods, not outdated examples. Adaptive training that responds to real user actions and current threats is what actually changes behavior.
HacWare takes an automated, personalized approach to security training. Its AI-powered engine sends phishing simulations tailored to each user’s behavior and risk level, followed by automated micro-lessons that build better security habits over time. The platform handles the heavy lifting while providing client-ready reports that show measurable progress.
- Automated simulations and micro-lessons tuned to individual user behavior
- Adaptive training that adjusts based on user performance
- Compliance reporting that meets industry requirements
usecure offers a complete human risk management (HRM) platform built specifically for MSPs. It consolidates awareness training, phishing simulations, dark web credential monitoring and security policy management into one unified view of human risk across your entire client base.
- Multi-tenant dashboard for managing all clients
- Consolidated reporting that’s perfect for quarterly business reviews
- Risk scoring that helps prioritize your security efforts
How a layered defense helps your MSP grow
While adopting an advanced, AI-driven security stack helps you better protect your clients, it also helps you build a stronger business.
- Reduce client risk and operational noise: A comprehensive defense stops more threats automatically, reducing the number of security alerts and potential breaches your team has to manage.
- Increase your efficiency: These platforms are designed with MSP workflows in mind, allowing you to manage security for all your clients from unified dashboards without juggling multiple point solutions.
- Stand out from competitors: When prospects compare MSPs, being able to explain modern threats and demonstrate advanced defenses immediately sets you apart from competitors still talking about basic email filtering and annual training.
- Strengthen client relationships: Built-in reporting features let you show clients exactly how you’re reducing their risk, providing concrete evidence of your security services’ impact during quarterly business reviews.
The MSPs winning new business today are offering better protection while also demonstrating a deeper understanding of the current threat environment and positioning themselves as strategic security partners, not just technology vendors.
Get ahead of the next wave of AI-powered phishing
AI has raised the stakes in the ongoing battle against phishing attacks. The old approach of hoping users will spot obvious red flags isn’t enough anymore. Today’s successful MSPs are building defenses that are as smart and adaptable as the threats themselves.
A layered strategy that combines AI-powered inbox protection with adaptive human risk management gives you the best chance of protecting clients in this new threat environment, and differentiates your MSP from competitors still relying on outdated tools.
Ready to strengthen your cybersecurity offering?
Explore Sherweb’s portfolio of security solutions and find the right tools to protect your clients against today’s most sophisticated threats.
