This article explains how AI helps cybercriminals steal passwords, MFA codes, session tokens, and account access.
Cybercriminals Do Not Need to Break In If They Can Log In
The easiest way into a system is often not a technical exploit. It is a valid login.
That is why credentials are such a valuable target. A stolen password, session cookie, OAuth token, recovery code, or API key can give an attacker access that looks normal at first glance.
AI has made this worse. It helps cybercriminals write better phishing messages, clone voices, build convincing fake login pages, automate reconnaissance, translate scams into local languages, and scale attacks across thousands of targets. Microsoft’s 2025 Digital Defense Report says threat actors are using AI to scale phishing and automate intrusions, while infostealers and cybercrime-as-a-service continue to expand.
The blunt reality is simple: AI is not replacing cybercrime. It is upgrading it.
Credentials Are More Than Passwords Now
Credential theft used to sound simple: someone stole your username and password.
That is no longer enough to describe the threat.
Modern attackers want anything that proves identity or grants access. That includes login details, MFA codes, browser cookies, OAuth tokens, cloud access keys, API secrets, recovery codes, and device registration flows.
| What Criminals Steal | Why It Matters |
|---|---|
| Passwords | Used for direct login or credential stuffing across other sites. |
| MFA codes | Used in real-time phishing to complete a login. |
| Session cookies | Can let attackers access accounts without re-entering a password. |
| OAuth tokens | Can grant access to email, cloud files, and business apps. |
| API keys | Can expose infrastructure, databases, payment systems, and internal tools. |
| Recovery codes | Can bypass normal account recovery protections. |
| Device login codes | Can authorize an attacker’s session without the victim realizing it. |
Australian government guidance warns that phishing can involve fake emails, texts, QR codes, account registration PINs, and verification codes — not just traditional password theft.
That is why “just use MFA” is no longer a complete answer. Weak MFA can still be tricked, relayed, or socially engineered.
AI Makes Phishing More Personal
Old phishing was clumsy. Bad spelling, strange formatting, and generic greetings made many scams easier to spot.
AI changes that.
A criminal can now feed public information into a model and produce a polished message that looks like it came from a bank, employer, recruiter, delivery company, colleague, vendor, or government agency. The message can match the victim’s language, industry, location, tone, and current situation.
That matters because phishing works by pressure, not magic.
Scamwatch warns that phishing often impersonates trusted people or organizations, uses fake websites, creates urgency, and pushes victims to hand over information or install harmful files. AI makes every part of that process faster and more convincing.
A modern phishing message may reference:
- A real company project
- A recent invoice
- A job application
- A delivery issue
- A password expiry warning
- A shared document
- A tax or payroll deadline
- A fake security alert
The goal is not to impress the victim. The goal is to rush them.
AI Helps Criminals Build Better Fake Login Pages
A phishing email is only the first step.
The real theft often happens on the fake login page.
Cybercriminals use AI and ready-made phishing kits to copy branding, write realistic error messages, generate fake security prompts, rotate page designs, and adjust language based on the target. Some pages even use CAPTCHAs to look legitimate and block automated security scanners.
Microsoft’s takedown of RaccoonO365 showed how professional this market has become. Microsoft said RaccoonO365 stole credentials from more than 5,000 Microsoft customers across 94 countries, used deceptive domains, and operated as a subscription-based phishing-as-a-service business.
That is the industrialization of credential theft.
Attackers no longer need to be elite hackers. They can rent tools, buy templates, load target emails, and run campaigns at scale.
The danger is not only that AI makes scams smarter. The danger is that it makes professional-looking scams available to lower-skilled criminals.
Deepfakes Turn Trust Into an Attack Surface
AI voice cloning and deepfake video are now part of credential theft and social engineering.
The attacker does not always need to steal a password directly. Sometimes they need to pressure an employee into resetting one, approving a login, sharing an MFA code, opening a remote access session, or sending a sensitive file.
A cloned voice can imitate:
- A CEO
- A finance manager
- A colleague
- A recruiter
- A vendor
- A family member
- A technical support worker
The fake request usually carries urgency: “I need this now,” “the account is locked,” “approve the login,” “send the code,” or “do not delay this payment.”
The deepfake does not need to be perfect. It only needs to be believable enough at the wrong moment.
That is why verification matters. For sensitive requests, the safest response is simple: stop, use a separate trusted contact method, and confirm the request outside the original call, message, or meeting.
AI-Powered Reconnaissance Makes Attacks More Convincing
Before criminals steal credentials, they often research the target.
AI makes that research faster.
Attackers can scan public websites, LinkedIn profiles, leaked breach data, social media posts, company pages, job ads, GitHub repositories, and old documents to understand who works where, who approves payments, what software a business uses, and which employees are likely to have valuable access.
Then they turn that research into a believable lure.
| Public Clue | How It Can Be Used |
|---|---|
| Job title | Target finance, HR, IT, or executive accounts. |
| Company software | Create fake Microsoft 365, Google Workspace, DocuSign, or payroll alerts. |
| Recent hiring | Send fake onboarding or recruiter messages. |
| Vendor relationships | Impersonate suppliers or invoice platforms. |
| Conference posts | Send fake event documents or travel updates. |
| GitHub exposure | Hunt for API keys, cloud secrets, and developer credentials. |
This is where AI becomes dangerous: it helps criminals personalize attacks without spending hours manually researching each victim.
Infostealers Are Feeding the Credential Economy
Phishing is not the only problem.
Infostealer malware is one of the biggest drivers of credential theft. These tools infect devices and collect saved passwords, browser cookies, autofill data, crypto wallet information, device details, and session tokens.
Google Cloud’s Mandiant reported that credentials stolen through infostealer operations became the second-highest initial infection vector in its 2025 investigations, making up 16% of cases.
That should concern every business using cloud apps.
A stolen session token from an infected personal or contractor device can give an attacker access without needing to “hack” the company network directly. The attacker may simply reuse what the browser already trusted.
Infostealers often spread through:
- Fake software downloads
- Pirated apps
- Malicious browser extensions
- Fake game cheats
- Phishing attachments
- Cracked productivity tools
- Malvertising
- Fake updates
Once stolen, credentials are often sold in criminal marketplaces. One infected device can expose personal accounts, work accounts, cloud access, and customer data.
MFA Can Be Bypassed When the Attack Targets the Session
Multi-factor authentication is still important. But not all MFA is equal.
Some attacks do not just steal the password. They trick the victim into completing the login process for the attacker.
Adversary-in-the-middle phishing is one example. The victim enters credentials into a fake page, the attacker relays them to the real service, the victim completes MFA, and the attacker captures the resulting session token.
Device code phishing is another. Microsoft recently described an AI-enabled campaign where attackers abused legitimate OAuth device code flows. The victim entered a code on a real Microsoft page, but that action authorized the attacker’s session. Microsoft said this can grant account access without exposing the password itself.
That is the key point: modern credential theft often targets access, not just passwords.
Credential Stuffing Turns One Leak Into Many Break-Ins
Credential stuffing is simple and effective.
Attackers take usernames and passwords leaked from one service and test them across many others. If someone reused the same password on email, banking, shopping, work, and social media accounts, one breach can become many compromises.
AI improves this process by helping attackers:
- Predict likely password variations
- Sort valuable accounts
- Automate login attempts
- Rotate infrastructure
- Avoid basic detection
- Generate realistic follow-up messages after account access
This is why password reuse is so dangerous.
A weak password is bad. A reused password is worse.
The Global Damage Is Already Massive
Credential theft sits behind many forms of cybercrime: fraud, ransomware, business email compromise, identity theft, data theft, extortion, and account takeover.
The FBI’s 2024 Internet Crime Report recorded 859,532 complaints of suspected internet crime and more than $16 billion in reported losses, a 33% increase from 2023. The FBI also listed phishing/spoofing, extortion, and personal data breaches as the top three cybercrime types by complaint volume.
Australia’s ASD Annual Cyber Threat Report 2024–25 also shows the pressure is rising. ASD’s ACSC received more than 42,500 calls to the Australian Cyber Security Hotline, responded to more than 1,200 cyber security incidents, and made more than 1,700 notifications to entities about potentially malicious cyber activity.
This is not a niche technical issue. Credential theft is now a global identity, business, and financial risk.
How an AI-Driven Credential Attack Usually Works
Most attacks follow a predictable chain.
| Stage | What Happens |
|---|---|
| 1. Reconnaissance | The attacker gathers public data about the target. |
| 2. Personalization | AI helps generate a believable message or script. |
| 3. Delivery | The lure arrives by email, text, QR code, call, chat, or social media. |
| 4. Fake trust | The victim sees branding, urgency, CAPTCHAs, or a familiar voice. |
| 5. Credential capture | Passwords, MFA codes, cookies, tokens, or device codes are stolen. |
| 6. Account access | The attacker logs in, creates rules, registers devices, or steals data. |
| 7. Expansion | The account is used for fraud, ransomware, internal phishing, or resale. |
The attack does not always look dramatic. Sometimes it looks like one normal login from one normal user.
That is what makes it dangerous.
The Warning Signs Are Still There
AI makes scams better, but it does not make them invisible.
Look for pressure, mismatch, and unusual behavior.
Common warning signs include:
- Unexpected login prompts
- Urgent requests for passwords or codes
- QR codes asking you to “verify” an account
- Links that do not match the real domain
- Strange sender addresses
- Requests to approve MFA prompts you did not start
- Voice calls asking for account actions
- Login pages reached through email links
- CAPTCHAs before a supposed corporate login
- Requests to install tools, extensions, or updates
The safest habit is blunt: do not log in from links in unexpected messages. Open the real website or app yourself.
What Individuals Should Do Now
Credential theft is preventable, but only if people stop treating passwords like disposable notes.
Use a password manager. Create unique passwords for every account. Turn on MFA everywhere it is available. Use passkeys or hardware security keys for important accounts when possible.
Also check active sessions. Many platforms let you see which devices are logged in. Remove anything you do not recognize.
Practical steps:
- Use unique passwords for every account.
- Store them in a reputable password manager.
- Enable MFA, preferably passkeys or hardware keys.
- Never share one-time codes with someone who contacts you.
- Do not scan QR codes from unexpected emails.
- Verify urgent requests through a separate contact method.
- Revoke unknown sessions and devices.
- Keep browsers, devices, and apps updated.
- Avoid pirated software and suspicious browser extensions.
- Watch for emails saying your account settings changed.
If an account is compromised, change the password, revoke sessions, reset MFA, check forwarding rules, review recovery details, and report the incident to the platform.
What Organizations Should Do Now
Businesses need to stop relying on awareness training alone.
Training matters, but AI-driven credential theft is too fast, too polished, and too scalable for “be careful” to be the main defense.
Organizations need layered controls.
| Defense | Why It Matters |
|---|---|
| Phishing-resistant MFA | Reduces the risk of code theft and session relay attacks. |
| Conditional access | Blocks risky logins based on device, location, and behavior. |
| Session monitoring | Detects unusual access after login. |
| Token revocation | Cuts off stolen sessions after suspicious activity. |
| OAuth app controls | Prevents malicious apps from gaining access. |
| Password manager deployment | Reduces password reuse across staff. |
| Email authentication | SPF, DKIM, and DMARC reduce spoofing abuse. |
| Endpoint detection | Helps catch infostealers before credentials spread. |
| Browser controls | Limits autofill, risky extensions, and unmanaged sync. |
| Callback procedures | Stops voice-clone and executive impersonation attacks. |
ASD’s ACSC lists multi-factor authentication, patching, application control, restricting administrative privileges, user application hardening, and regular backups among its Essential Eight mitigation strategies.
The strongest organizations assume credentials will be targeted and build detection around that assumption.
Phishing-Resistant MFA Is the Standard to Aim For
SMS codes and basic push notifications are better than no MFA, but they are not the finish line.
Attackers can phish codes, fatigue users with repeated prompts, trick people into approving logins, or relay sessions in real time.
Phishing-resistant MFA is stronger because it is designed to resist interception and replay. CISA’s guidance identifies WebAuthn working with FIDO2 as a phishing-resistant authenticator, including physical tokens and built-in device authenticators.
For high-risk accounts, the priority should be:
- Passkeys or hardware security keys
- Strong conditional access
- Privileged account separation
- Session and token monitoring
- Rapid revocation after suspicious activity
Executives, administrators, finance teams, developers, and HR staff should be first in line because their accounts are high-value targets.
The Biggest Mistake Is Thinking This Is Only an IT Problem
Credential theft is a business problem.
A stolen login can expose payroll data, customer records, legal files, source code, inboxes, invoices, payment systems, cloud dashboards, and internal conversations.
Once an attacker controls one inbox, they can impersonate the victim, reset passwords, monitor deals, redirect invoices, steal documents, and phish more people inside the organization.
That is why credential security must involve leadership, finance, HR, legal, IT, security, and every employee with access to sensitive systems.
A password policy alone will not fix this.
A one-hour phishing module will not fix this.
A basic MFA rollout will not fix this.
The defense has to match the attack chain.
The Real Threat Is Speed, Scale, and Believability
AI gives cybercriminals three things they always wanted: speed, scale, and believability. That is the central shift in AI-driven credential attacks.
They can write better lures faster. They can target more people with less effort. They can imitate brands, voices, workflows, and login experiences more convincingly.
But the solution is not panic.
The solution is stronger identity security, better verification habits, phishing-resistant authentication, endpoint protection, session monitoring, and a culture where people are allowed to slow down suspicious requests.
Cybercriminals are using AI to make credential theft feel normal.
Your defense has to make abnormal access impossible to ignore.