Skip to content
AI Security Wire

Published

- 3 min read

By

PhantomSynth: The Threat Actor Industrialising AI-Generated Spear Phishing

PhantomSynth spear phishing LLM abuse BEC social engineering
img of PhantomSynth: The Threat Actor Industrialising AI-Generated Spear Phishing

The old phishing playbook assumed economies of scale required cutting corners: generic lures, obvious pretexts, typos that somehow still worked. PhantomSynth has eliminated those constraints.

First observed in Q3 2025, PhantomSynth operates a fully automated pipeline for generating hyper-personalised spear phishing at volume. The group targets financial services, legal firms, and M&A advisors in North America and Western Europe, organisations where a single successful wire transfer fraud pays for a lot of infrastructure.

AttributeDetail
MotivationFinancial: BEC fraud, credential theft, wire transfer fraud
First observedQ3 2025
Primary targetsFinancial services, legal, technology, M&A advisors
GeographyNorth America, Western Europe
AI toolingLLM APIs (jailbroken or uncensored models), voice cloning
Distinguishing traitPer-target personalisation at scale via automated OSINT + LLM pipeline

The Four-Stage Attack Pipeline

Stage 1: OSINT Harvesting

An automated pipeline aggregates target data from LinkedIn, company websites, regulatory filings, press releases, and social media. Each target gets a dossier:

  • Reporting relationships and org structure
  • Recent projects, deals, or announcements
  • Writing style samples from public posts, filings, interviews
  • Known colleagues, clients, and counterparties

This is all publicly available information. The operation is entirely pre-intrusion. Nothing about this stage is illegal, which is part of why it’s hard to stop.

Stage 2: LLM-Powered Content Generation

The dossiers feed an LLM pipeline that generates spear phishing emails mirroring the impersonated sender’s writing style and referencing real recent events. The quality is the problem. These emails don’t look like phishing. They look like emails from people the target actually knows, referencing things that actually happened.

Automated detection tools have no template to match against. Every email is unique. Signature-based filters don’t fire. Anomaly-based tools struggle because the writing style matches known-good contacts.

Stage 3: Voice Cloning

For high-value targets, PhantomSynth adds a verification call. AI-generated audio cloned from earnings calls, conference recordings, or LinkedIn video (whatever’s publicly available) provides a convincing “confirmation” of the fraudulent email request. The call legitimises the email. The email legitimises the call. Each makes the other harder to question.

Stage 4: Cash-Out

Median loss per successful incident is approximately $1.2M, per industry incident response data. The outcomes: wire transfer fraud, credential theft, or sale of harvested credentials on criminal markets.

What PhantomSynth Emails Look Like

Email infrastructure:

  • Lookalike domains registered within 30 days of campaign launch
  • DKIM/DMARC pass on spoofed domains due to fresh domain registration; your filters won’t flag these

Content indicators:

  • Unusually high personalisation for volume
  • References to real recent events the target would recognise
  • Clean prose with no spelling errors (which itself is an indicator, if your users know to look for it)

Voice call indicators:

  • Spoofed caller ID matching known executive numbers
  • Slight audio artefacts at sentence boundaries (subtle, and most people aren’t listening for them)
  • Calls timed immediately before or after email delivery

What Actually Works

  1. Enforce p=reject DMARC on your domain: not just for incoming mail, but to reduce spoofing of your own domain in outbound attack chains
  2. Out-of-band verification for any financial request received by email: this is the control. Phone the requestor on a pre-registered number you found yourself, not the number in the email. It defeats the attack even when the email and the voice call are both convincing.
  3. Reduce executive OSINT exposure: limit publicly available voice recordings; this directly reduces voice cloning fidelity
  4. Monitor for lookalike domains via DomainTools or Recorded Future
  5. Security awareness training specifically covering AI-generated spear phishing: your users need to understand that a well-written, personalised email referencing a real recent event is now a threat indicator, not a sign of legitimacy

References

Frequently Asked Questions

What is PhantomSynth's four-stage attack pipeline?
PhantomSynth operates a four-stage pipeline: automated OSINT harvesting aggregates target dossiers from LinkedIn, regulatory filings, and social media; LLM-powered content generation produces per-target phishing emails mirroring the impersonated sender's style; voice cloning using audio from earnings calls or conference recordings adds a fraudulent verification call for high-value targets; and successful campaigns result in wire transfer fraud (median loss reported at approximately $1.2M per incident, per industry incident response data), credential theft, or credential sale.
Why do PhantomSynth phishing emails bypass automated detection?
Because each email is uniquely generated for its target using real OSINT data, there are no reused templates or signatures for automated filters to match. The content references genuine recent events, contains no spelling errors, and mirrors the impersonated sender's actual writing style, characteristics that defeat both signature-based and anomaly-based email security tools.
What is the most effective single control against AI-generated spear phishing?
Out-of-band verification is the most effective control: any financial request received by email should be confirmed through a separate, pre-established communication channel. This defeats the attack even when the email and voice call are convincing, because it requires the attacker to compromise an additional verified channel the organisation controls.