A friend of mine is passionate about aviation. Miniature plane models; the kind that sit on a desk or a shelf; are among his great pleasures. One day, an advertisement appeared in his feed. The planes were beautiful. The price was right. He clicked, he paid, and he waited.
The parcel never came. The seller did not exist. The planes were never real.
He is not careless. He is not naive. He is human. And that, precisely, is the problem.
We talk about phishing as though it were a technology problem. A matter of better spam filters, more vigilant users, stronger passwords. But the reason phishing works; the reason it has worked since the first phishing attack on AOL users in 1996, and the reason it continues to work despite three decades of security awareness campaigns; has almost nothing to do with technology. It has everything to do with a hundred thousand years of human evolution that optimised our brains for a world that no longer exists.
The fraudsters did not hack the software. They hacked the operating system underneath it. The one running in every human brain since the Pleistocene.
A Brief History of the *ishings
The word “phishing” first appeared on 2nd January 1996, in a Usenet newsgroup called AOHell. Credit for coining it goes to Khan C. Smith, a hacker and developer whose tool allowed users to generate random credit card numbers to create fake AOL accounts. The “ph” spelling is borrowed from “phreaking”; a term used since the 1960s to describe the community of people who explored and exploited telephone systems for sport and curiosity. Steve Wozniak was, briefly, among them. In 1972, he and Steve Jobs learned about the blue box; a device that generated tones to manipulate long-distance telephone switches; and Wozniak built one. They used it to call the Vatican, pretending to be Henry Kissinger. Jobs sold the rest. The blue box, Jobs later told his biographer, paved the way to Apple.
Phishing has since evolved into a taxonomy of attacks, each exploiting a slightly different channel or target profile. Email phishing; the original; sends undifferentiated messages to large populations hoping someone bites. Spear phishing narrows the target: a message built around personal details gathered from public sources, crafted to feel specific. Whaling targets senior executives, often impersonating authority figures to pressure urgent action. Smishing uses SMS. Vishing uses voice. Quishing uses QR codes that redirect to malicious sites. Angler phishing uses social media, where manufactured engagement; synthetic likes, plausible posts; creates the appearance of social proof before the hook.
Different channels. Different targets. The same underlying mechanism. And understanding that mechanism is the only way to understand why no amount of awareness training has stopped it.
The Brain We Brought to the Digital World
Our brains were not designed for the environment we have built. They were designed for a world where threats were physical, immediate, and resolved by fast action. A predator in the tall grass did not allow time for deliberation. The organism that deliberated died. The one that reacted survived.
This is the origin of what psychologist and Nobel laureate Daniel Kahneman described as System 1 thinking; fast, instinctive, automatic, emotionally driven; as distinct from System 2, which is slow, deliberate, and rational. System 1 was evolution’s gift to the savannah. It is evolution’s liability in the inbox.
At the neurological level, System 1 is largely mediated by the amygdala; a small, almond-shaped structure in the temporal lobe that has been called the brain’s threat detector. When the amygdala identifies a stimulus as threatening or emotionally significant, it triggers an immediate response. Stress hormones release. Heart rate rises. Attention narrows. And critically, the amygdala’s signal travels faster to the body than the frontal lobe; the seat of rational deliberation; can process the same input.
Daniel Goleman, who coined the term amygdala hijacking in his landmark book Emotional Intelligence, described it as a state in which the emotional brain overreacts disproportionately, temporarily impairing the rational brain’s ability to function. The amygdala does not consult the frontal lobe. It acts. And by the time the frontal lobe has assembled a considered response, the action has already been taken.
Phishing is, in its essence, a deliberate engineering of amygdala hijacking. Every design choice in a successful phishing attack; the urgency, the authority, the personalisation, the implied threat or reward; is a tool for triggering a System 1 response and bypassing the System 2 evaluation that would catch the deception.
The Seven Levers of Human Influence
Psychologist Robert Cialdini identified seven principles of influence that describe how human decision-making can be shaped: authority, commitment, liking, perceptual contrast, reciprocation, scarcity, and social proof. Each one maps directly onto a phishing technique.
Authority is the lever of whaling attacks and executive impersonation. An email from the CEO, a call from the tax authority, a message from the fraud department of your bank; the amygdala responds to perceived authority before the frontal lobe has time to verify whether the authority is real.
Scarcity manufactures urgency. Your account will be suspended in 24 hours. This offer expires tonight. The window is closing. Scarcity triggers System 1 because in the environment our brains evolved for, scarce resources genuinely required immediate action. The digital world has no shelf life on most decisions. The amygdala has not been updated to reflect that.
Liking is the lever of spear phishing. When a message references something we genuinely love; an aircraft model, a sports team, a holiday destination scraped from our public posts; the emotional warmth of recognition bypasses scepticism. My friend did not click the plane advertisement because he was careless. He clicked it because the advertisement was about something he loved.
Perceptual contrast explains why we miss misspelled domains. Our brains are pattern-matching systems optimised for speed, not precision. “paypa1.com” and “paypal.com” are cognitively very close. The difference is detectable by slow System 2 attention. It is invisible to fast System 1 recognition.
Reciprocation, social proof, and commitment complete the set; exploited across forum posts, social media engagements, and messages that reference our publicly stated beliefs and affiliations. Together, these seven levers give a skilled attacker a comprehensive toolkit for manufacturing irresistible emotional responses. And until recently, that toolkit required skill, effort, and time to deploy at scale.
Every design choice in a successful phishing attack is a tool for engineering an amygdala hijack. The technology changes. The human vulnerability does not.
When Generative AI Took the Levers
Phishing used to be detectable by its imperfections. The misspelled words, the awkward grammar, the generic salutation, the slightly-off logo. Security training taught people to look for these signals. And for years, those signals were reliable enough that a reasonably alert user could catch the majority of attacks.
Generative AI has removed those signals. Every one of them.
LLMs produce grammatically perfect, contextually fluent, emotionally calibrated text at negligible cost and arbitrary scale. Researchers from the University of Texas demonstrated in a published paper that ChatGPT could generate phishing emails indistinguishable in quality from human-crafted ones. Harvard-led research found that AI-generated phishing emails achieved click-through rates of 30 to 44 percent; comparable to the best human-crafted spear phishing campaigns, delivered in seconds rather than hours.
FBI data shows that direct phishing and spoofing losses tripled in a single year, from 70 million dollars in 2024 to 215.8 million dollars in 2025; the sharpest single-year increase in the FBI’s Internet Crime Complaint Center history. Phishing attacks targeting financial institutions have surged 1,265 percent since 2022. The APWG recorded 3.8 million unique phishing sites in 2025 alone.
And the attack is becoming more deeply personal. Attackers are using AI tools to scrape social media profiles; posts, connections, likes, check-ins, professional history; and feed that data into locally fine-tuned language models. The output is a phishing message that does not just arrive in your inbox. It arrives knowing your name, your interests, your relationships, your recent activities, and the emotional register most likely to bypass your defences. The attack is not generic. It is bespoke. Crafted, in seconds, for you specifically.
The most advanced version of this approach goes one step further. Models can be fine-tuned on content known to trigger neurochemical responses; the kinds of posts and messages that reliably elevate dopamine and oxytocin. A phishing message engineered to make you feel excited, connected, or hopeful is not just harder to resist than a threatening one. It is experienced as genuinely pleasurable right up until the moment it is not.
We are already seeing the consequences. Purchasing scams; fake listings for products people want, delivered through emotionally resonant advertising; are among the fastest-growing fraud categories globally. The victims are not foolish. They are human. And they are being targeted by systems that have been specifically optimised to exploit human neurochemistry.
Why Awareness Training Is Not Enough
The standard response to phishing is education. Train users to recognise the signals. Teach them to pause before they click. Run simulated phishing campaigns and measure who fails them. This approach has been the dominant strategy for thirty years.
And phishing losses have gone up, not down.
The problem is structural. Awareness training is a System 2 intervention for a System 1 problem. It works when users are calm, unhurried, and not under emotional pressure. It fails at exactly the moment it is needed; when the amygdala has been triggered, when the urgency or the desire or the fear has already activated, when System 1 has taken over and System 2 is waiting for a gap that does not come.
Telling people to slow down and think critically is sound advice. It is also advice that the amygdala, by design, does not take. The strength of the hijack is precisely that it bypasses the faculties we are asking people to engage. You cannot train your way out of a hundred thousand years of evolution with a forty-five-minute e-learning module.
This does not mean education is worthless. It shifts the baseline, raises general vigilance, and catches some attacks at the margin. But it cannot be the primary defence. And it cannot scale to meet an adversary whose capabilities are now compounding at the rate of AI development.
The Humanisation of the Solution
Here is the insight that changes the design problem entirely. The goal of every phishing attack; regardless of channel, regardless of technique; is to extract a secret or induce an action. A password. An OTP. A clicked link. A transferred payment. A scanned QR code.
What if there were no secret to extract? What if the action the attacker needs the victim to perform simply did not exist?
This is not a rhetorical question. It is an architectural one. And it has a concrete answer.
If authentication does not require a user to know or enter anything; no password, no OTP, no biometric; then the amygdala hijack becomes irrelevant to the security outcome. The attacker can manufacture all the urgency and authority and emotional resonance they wish. There is nothing for the victim to hand over. The phishing attack has no surface.
SIM-based authentication does exactly this. The cryptographic key that authenticates a mobile user never leaves the hardware. It is never typed. It is never spoken. It cannot be phished from a screen because it never appears on one. The authentication happens between the network and the device, invisibly, without requiring any action from the person holding the phone. There is no moment at which a socially engineered victim can be persuaded to surrender their credential, because the credential is not in their possession in any form they can share.
This is what humanising a security solution means. Not designing a system that assumes users will always be rational, always be alert, always resist emotional manipulation. But designing a system that works even when; especially when; they are not. A system that makes human vulnerability irrelevant to the security outcome, rather than one that treats human vulnerability as a problem to be trained away.
The amygdala cannot be reprogrammed. It was shaped by a hundred thousand years of evolutionary pressure that we cannot undo in a generation. The technology we build around it can be. Until, we have a digital amygdala.
The Scale of What Is at Stake
Phishing is not a nuisance. It is the primary entry point for the majority of the world’s most serious cyber incidents. Sixteen percent of all data breaches now involve AI-powered attacks, with AI-generated phishing the most common type. The average cost of a phishing-initiated breach, according to IBM, is 4.8 million dollars. Business email compromise; a category of phishing that impersonates executives to authorise fraudulent transactions; caused 2.77 billion dollars in losses in 2024 in the United States alone.
And the people most affected are not, in the main, large corporations with security operations centres and incident response teams. They are individuals. Elderly people who receive a call from someone pretending to be their grandchild. Small business owners who receive an email from someone pretending to be their bank. Ordinary people, doing what human beings do, responding to emotional signals that their brains have been shaped over hundreds of thousands of years to respond to.
The fraud is not a failure of intelligence. It is a feature of humanity. And the solution cannot be to ask people to stop being human.
The solution cannot be to ask people to stop being human. It has to be to build systems that protect them precisely because they are.
A Final Word on the Origins of Phishing
It is worth remembering where this all started. A hacker named Khan C. Smith. A tool called AOHell. An email asking AOL users to verify their accounts. The motivation: identity theft and account takeover.
The motivation has not changed in thirty years. The scale has. The sophistication has. The cost of entry has collapsed. The tools available to attackers have expanded beyond anything the security community of 1996 could have imagined.
But the human being on the other end of the phishing attempt is the same human being. With the same amygdala. The same evolutionary inheritance. The same capacity to be moved by urgency, by authority, by desire, by fear.
Our technology has accelerated beyond anything our biology was designed to handle. The fraudsters understood that long before most of us did. They built their attacks around it. The question is whether we will build our defences around it too.
Being human is why we get phished. The solution has to be human enough to account for that.
