How to Build a Phishing Simulation Program That Keeps Pace with AI-Powered Attacks
AI has enabled cybercriminals to mass-produce polished, personalized phishing content at a speed and scale that wasn’t possible a few years ago.
Back then, employees could spot phishing through teachable signals like typos, email formatting errors, and suspicious sender domains. Today, those signals are largely absent from AI-generated attacks, and IBM’s Cost of a Data Breach 2025 Report puts the time to produce a convincing phishing email at just five minutes.
In this blog post, we cover what a redesigned phishing simulation program that keeps pace with the AI era needs to include.
How AI Changed the Way Phishing Attacks Work Today
AI-generated phishing emails are polished and contextually accurate enough to be mistaken for legitimate communications. The phishing detection cues many organizations taught through their annual cybersecurity awareness training are largely gone, and attacks increasingly arrive through multiple channels simultaneously.
AI Uses Public Data to Personalize Attacks for Each Target
Cybercriminals use AI to gather personal data posted on publicly accessible platforms such as LinkedIn and company directories. That data feeds into messages personalized to an individual’s role, their reporting line, or even recent company events. This personalized information makes each phishing lure feel credible to a potential phishing victim.
In fact, Microsoft’s Digital Defense Report 2025 found that employees are 4.5 times more likely to click on AI-crafted emails than traditionally written ones, which shows just how convincing AI-enabled phishing emails can be.
Phishing Attacks Now Includes Phone Calls and SMS
A phishing email landing in someone’s inbox is often just the first step. Cybercriminals now follow up with deepfaked phone calls that impersonate someone they know, adding pressure for the target to act before they have a chance to think.
IBM found that employees are three times more likely to be deceived when a phone call follows the original phishing email. Verizon’s 2026 DBIR researchers also noted they struggled to find companies doing simulations of voice- and text message-based campaigns, which highlights just how underrepresented this attack vector remains in current simulation programs.
AI Has Made Sophisticated Phishing Accessible to a Wider Range of Attackers
Previously, running a convincing phishing campaign required a level of language proficiency and technical expertise that many cybercriminals lacked.
AI has changed that, opening the practice up to a far wider range of threat actors who can now produce professional-quality attacks with minimal effort. Microsoft also shared that AI has made phishing 50 times more profitable, largely because it enables high-quality attacks at a volume that wasn’t achievable before.
Why Compliance-Based Simulated Phishing Programs Don’t Improve Cybersecurity Posture
A compliance-based simulated phishing program measures whether someone clicked on test, but not whether individuals are becoming harder to deceive over time. There are three reasons why, each rooted in how these programs are built:
- They test for signals that AI-generated attacks don’t include: Mismatched sender domains and grammatical errors are mostly absent from modern AI-generated phishing content. Training individuals to catch those signals is basically teaching them to pass a test that cybercriminals stopped writing.
- They run on the wrong schedule: What individuals learn in a quarterly test fades long before the next one arrives. In fact, individuals who received cybersecurity awareness training within the previous 30 days were four times more likely to report a phishing attempt than those without recent training.
- They skip the channels cybercriminals rely on: Individuals who recognize a suspicious mail don’t always apply the same caution to an unexpected phone call. Compliance-based simulated phishing programs rarely include vishing or smishing scenarios, which means a real attack using those channels can catch individuals completely off guard.
How to Structure a Phishing Simulation Program for AI-Era Threats
Building a program for the current threat environment means getting five structural components right. What connects them is a consistent underlying question: does this design decision reflect how cybercriminals operate in real life?
Run Phishing Simulations at Least Twice a Month
Organizations should run simulated phishing campaigns at least twice a month. Quarterly testing doesn’t generate enough behavioral data to identify individual patterns, and the time between tests is long enough for retention to erode significantly before the next one.
Running at that cadence keeps reinforcement within the window where Verizon’s data shows it produces better reporting rates, and generates the data volume needed to build individual behavioral profiles over time.
Cover the attack vectors that AI enables
Email-only simulations leave employees unprepared for how current attacks are actually structured. A more complete simulated phishing program includes:
- Vishing (voice phishing): Deepfaked or scripted phone calls, either following up on a phishing email or standing alone as an impersonation attempt
- Smishing (SMS phishing): Text-based lures targeting individuals on mobile devices, especially those who receive business communications on personal phones
- Multi-stage scenarios: Sequences across multiple channels that build credibility before the final social engineering attempt
- Personalized lures: Simulations referencing someone’s role, team, or manager
Map simulations to emotional triggers
Successful phishing attacks exploit emotional responses before targets have time to think critically. When your phishing simulation tags each test to an emotional trigger, the click data becomes something more actionable.
There are seven core triggers that phishing attacks are built around:
| Trigger | How attackers deploy it |
| Fear | Account suspension threats, breach alerts, disciplinary notices |
| Urgency | Time pressure that compresses the window for rational evaluation |
| Obedience | Requests framed as coming from executives, IT, or regulators |
| Curiosity | Unexpected notifications, unusual alerts, or intriguing content |
| Sociality | Familiar names, known brands, or impersonated colleague communications |
| Greed | Bonus announcements, incentives, or unexpected financial rewards |
| Opportunity | Promotions, exclusive access, or career-related surprises |
Over time, how each individual responds across trigger types builds an emotional susceptibility profile that shows which triggers make them most vulnerable and at what intensity.
Scale difficulty based on individual performance data
Difficulty should progress through stages tied to each person’s performance data:
- Foundational: Common, traditional phishing patterns: generic sender addresses, unusual urgency, out-of-process requests
- Contextually realistic: Spoofed internal domains and scenarios tied to company processes
- Multi-stage: Multiple emotional triggers layered in sequence, reflecting how AI-powered attacks today are constructed
Individuals tested only on basic phishing templates face an educational adjustment phase the first time they encounter a well-constructed business email compromise scenario, or a deepfaked follow-up call that references the email they just received.
How to Use Phishing Simulation Data to Drive Personalized Security Coaching
Organizations can feed each phishing simulation outcome into an individual emotional susceptibility profile, then use that profile to determine how their personalized security coaching is structured. This moves a simulated phishing program from generating click rate reports to driving real behavioral change.
Individuals engage more with lessons that feels directly relevant to their behavioral patterns. When organizations frame it as a targeted learning resource, it keeps individuals receptive to that coaching.
The Metrics That Tell You Whether Your Phishing Simulation Program Is Reducing Cyber Risks
Click rates capture one thing: whether someone engaged with a lure. They don’t show whether the workforce is becoming harder to deceive over time. Three behavioral metrics below give a more complete picture of whether the workforce is becoming harder to deceive.
| Metric | What it measures | Why it matters |
| Report Rate | How often employees correctly flag a suspicious email or simulation | Shows whether individuals are functioning as an active cyber risk detection layer. A clear phish reporting infrastructure is a prerequisite for tracking this meaningfully. |
| Time-to-Report | How quickly employees escalate after receiving a suspicious email | The difference between a 30-second and a 30-minute report in a live attack can determine whether a threat is contained or spreads. |
| Time-to-Lure | How long before an employee engages with a phishing lure | A longer time-to-lure reflects deliberate evaluation rather than instinctive reaction, which is a genuine behavioral shift rather than just familiarity with test formats. |
A rising report rate alongside an improving time-to-lure gives CISOs credible data for executive conversations. It shows human risk is declining because employees are actively detecting threats, not just fewer people clicking on tests.
Download the Full CISO Guide to Phishing in the AI Era
Phishing attacks succeed because they target how people make decisions under pressure. AI has made those attacks faster to produce and harder to detect. The underlying mechanism is unchanged.
A simulation program designed to address the actual threat needs to reflect what attackers are doing: running personalized, multi-channel campaigns that exploit specific emotional vulnerabilities. Each design decision in this guide exists because attackers are already operating at that level.
Download NINJIO’s The CISO’s Guide to Phishing in the AI Era for the full framework.
Frequently Asked Questions
Phishing simulations should run at least twice a month. Quarterly testing doesn’t generate enough behavioral data to identify individual patterns, and the window between sessions is long enough for knowledge retention to erode significantly.
An emotional susceptibility profile maps which triggers each person responds to most strongly, which makes effective personalized security coaching possible instead of sending out generic remediation lessons for everyone.
Programs should include email, vishing (deepfaked or scripted phone calls), and smishing (SMS attacks), as well as multi-stage scenarios that sequence those channels. Email-only programs leave employees unprepared for how current attacks are structured.
Employees who recognize suspicious emails often apply less scrutiny to unexpected phone calls. Vishing training addresses that by building resistance to phone-based social engineering before a cybercriminal has a chance to test it.
Individuals tested only on basic templates face a real adjustment when they first encounter a realistic multi-stage attack. Difficulty that progresses with individual performance keeps simulations challenging without tipping into frustration.
Each simulation is tagged to the emotional trigger it deployed. Patterns in how each person responds build an emotional susceptibility profile that determines which coaching content they receive, based on behavioral data rather than job title.