As attackers weaponize generative AI to launch sophisticated scams in minutes, enterprise security teams are discovering their defenses were built for a different era.
A troubling pattern has emerged in enterprise security operations: the average time to detect fraud now stretches to nine hours or more. In that window, AI-powered attackers can register lookalike domains, build convincing phishing sites, deploy fake social media profiles, and harvest credentials from thousands of victims—all before the first alert fires.
This isn’t a theoretical concern. It’s the daily reality for security teams still relying on legacy tools designed for a slower, less sophisticated threat landscape.
The rise of AI-driven social engineering
Generative AI has fundamentally changed the economics of cybercrime. What once required teams of specialists can now be accomplished by a single operator armed with the right prompts: fluent phishing copy, professional web design, and patient social engineering sequences all generated on demand.
The impact shows up in the data. Account takeover and new account fraud cost U.S. businesses $22 billion in 2024 alone. The FBI reports that business email compromise drove nearly $3 billion in losses last year, making it the single most expensive category of cybercrime they track. Deloitte projects that AI-enabled fraud could push U.S. losses to $40 billion by 2027.
“It’s a perfect storm,” Aaron Painter, CEO of fraud prevention firm Nametag, told Cybersecurity Dive. “AI technologies have given new superpowers to bad actors, and they’re taking advantage of those tools.“
The attacks themselves have evolved. Today’s threats span multiple channels simultaneously: phishing emails, spoofed domains, fraudulent social media profiles, fake mobile apps, and deepfake video calls, often coordinated as part of unified campaigns rather than isolated incidents. Security professionals increasingly describe this as “social engineering at scale.”
Why legacy tools fall short
Traditional digital risk protection (DRP) and brand protection solutions were built for a different era. Their detection models rely heavily on known patterns: blocklists of malicious domains, signature-based detection, and manual analyst review. These approaches worked reasonably well when attackers moved at human speed.
Against AI-powered threats, the mismatch is stark. By the time a legacy system flags suspicious activity, the damage is often done. Credentials have been harvested. Wire transfers have been initiated. Customer trust has been eroded.
The problem compounds at scale. Modern attackers can generate thousands of unique phishing variants with a single prompt, each one slightly different, each one evading pattern-based detection. Training employees to “look for red flags” becomes increasingly futile when AI-generated content contains no spelling errors, no grammatical mistakes, and no obvious inconsistencies.
As one Fast Company analysis noted: “The world’s pre-AI reactive model of security will not work in an AI-first attacker world. Simply adding AI to these legacy tools will give a false sense of comfort.”
The emergence of disinformation security
Gartner has identified “disinformation security” as a Top 10 Strategic Technology Trend for 2025: a category encompassing the technologies and practices organizations need to protect themselves from synthetic media, brand impersonation, and coordinated deception campaigns.
The numbers suggest rapid adoption ahead. According to Gartner, 50% of enterprises will invest in disinformation security solutions by 2028, up from less than 5% today. Spending in the category is projected to exceed $30 billion, drawing budget from both marketing and traditional security functions..
What distinguishes this emerging category from legacy DRP? Three core capabilities define the difference.
Speed of detection. AI-native platforms can analyze billions of URLs daily, using machine learning classifiers and computer vision to identify brand impersonation in real time, not hours or days later.
Automated response. Rather than generating alerts for human review, modern platforms can initiate takedowns automatically through direct API integrations with registrars, hosting providers, and social platforms. Leading vendors report median takedown times measured in hours rather than days.
Proactive countermeasures. Some platforms deploy decoy credentials and honeypot infrastructure that waste attacker resources, generate threat intelligence, and make stolen data less valuable on secondary markets.
What security leaders should consider
For organizations evaluating their exposure to AI-powered fraud, several questions warrant attention.
How quickly can you detect a brand impersonation attack? If the answer is measured in days rather than minutes, the gap likely exceeds what current threats will tolerate.
Are your defenses reactive or preemptive? Pattern-based detection struggles against novel, AI-generated content. Solutions that analyze intent and context (rather than matching known signatures) tend to perform better against emerging threats.
Do your tools cover the full attack surface? Modern campaigns span web, social, mobile app stores, dark web forums, and messaging platforms. Point solutions that monitor only one channel leave significant blind spots.
Can you measure actual outcomes? Detection rates matter less than time-to-takedown and customer impact. The best metrics focus on threat dwell time and the speed of remediation.
The Bottom Line
The 9-hour detection gap isn’t a technology problem that incremental improvements will solve. It reflects a fundamental mismatch between how attacks now operate and how most defenses were designed.
Organizations that recognize this shift are investing in AI-native security platforms capable of matching attacker speed and sophistication. Those that don’t may find themselves explaining to customers, regulators, and boards why their defenses couldn’t keep pace with threats that were entirely predictable.
As Gartner’s research makes clear, disinformation security is no longer an emerging concern—it’s an enterprise imperative. The only question is whether organizations will invest proactively or reactively.
Key Takeaways
A category of cybersecurity solutions focused on protecting organizations from synthetic media, brand impersonation, deepfakes, and coordinated deception campaigns, identified by Gartner as a Top 10 Strategic Technology Trend for 2025.
Legacy digital risk protection (DRP) tools rely on pattern matching and manual review, creating detection delays of 9+ hours. AI-powered attackers can launch sophisticated, multi-channel campaigns in minutes, exploiting this gap before defenses respond.
Account takeover and related fraud cost U.S. businesses $22 billion in 2024. The FBI reports $3 billion in business email compromise losses annually. Deloitte projects AI-enabled fraud could reach $40 billion by 2027.
Real-time detection using AI and computer vision; automated takedowns via direct API integrations; proactive countermeasures like decoy credentials; and unified visibility across web, social, mobile, and dark web channels.
Currently less than 5%, but Gartner predicts 50% adoption by 2028, with category spending exceeding $30 billion.
