MALICIOUS digital twins will define the cyberthreat landscape in 2025 and artificial intelligence will continue develop more ways of attack. This according to global cybersecurity vendor Trend Micro who sounded the alarm about the evolving digital threats in a virtual press conference early this week.
“The potential for AI-powered attacks to become increasingly sophisticated and personalized,” Ian Felipe, Country Manager at Trend Micro Philippines said. The company’s 2025 predictions report highlights the emergence of malicious “digital twins,” where threat actors leverage AI and deepfakes to create convincing impersonations of individuals, leading to identity theft, fraud, and social engineering attacks.
Trend Labs Senior Security Specialist Raymond Almanon spoke on the extent of the ways artificial intelligence (AI) will add to the difficulty of thwarting attacks without monitoring and detection tools. He said that deepfakes and sophisticated phishing methods will form a big part of how enterprises will be infiltrated. He also spoke about how AI-created deepfakes can be used for ‘pig-butchering’ schemes.
“Pig butchering” is a cruel type of cyber scam where fraudsters build trust with victims over time, often through seemingly innocent online interactions like dating apps or social media. They “fatten up” the victim by feigning romantic interest or friendship, gaining their confidence, and then “slaughtering” them financially by convincing them to invest in fraudulent schemes or platforms or using them for cybercrime or infiltrating corporate accounts and emails.
“The use of romance has been a proven way of social engineering,” Almamon said citing how AI can almost instantly develop a letter, email or a convincing video that may entice someone, for example an employee of a company to divulge information.
Aside from manipulating individuals through “pig butchering” schemes, Trend Micro’s report details how deepfakes and AI can be used to enhance business email compromise scams and improve open-source intelligence gathering for malicious purposes. The report also warns of vulnerabilities in AI agents themselves, including the potential for hijacking, information leakage, and denial-of-service attacks.
Felipe said that “as generative AI makes its way ever deeper into enterprises and the societies they serve, we need to be alert to the threats. Hyper-personalized attacks and agent AI subversion will require industry-wide effort to root out and address.” He emphasizes the connection between cybersecurity and business risk, stating that “All security risk is ultimately business risk, with the potential to impact future strategy profoundly.”
Beyond AI, Trend Micro identifies other areas of concern, such as memory management vulnerabilities, container escapes, and the potential for widespread impact from single vulnerabilities in widely adopted systems. Ransomware remains a significant threat, with attackers adapting their tactics to evade detection and accelerate attacks.
To address these challenges, Trend Micro recommends a multi-faceted approach that encompasses four key strategies. This includes adopting risk-based cybersecurity practices to identify and prioritize valuable assets, leveraging AI for threat intelligence and automated defense mechanisms, and investing in user education to empower individuals to recognize and avoid AI-powered threats. Additionally, Trend Micro emphasizes the importance of securing AI systems themselves from abuse and manipulation, while also fostering collaboration between technology providers, organizations, and policymakers to develop effective cybersecurity solutions.
Trend Micro’s 2025 predictions report serves as a call to action for individuals and organizations to proactively address the changing cybersecurity landscape and adopt a comprehensive approach to protect against increasingly sophisticated and AI-driven attacks.
