New research has identified PromptSpy, the first Android threat to actively leverage generative AI techniques to enhance phishing and fraud on mobile devices. Rather than simply harvesting credentials, the malware uses AI-driven prompts to craft convincing social-engineering messages, refine phishing lures, and automate deceptive interactions that coax users into revealing sensitive data or installing additional malicious components. By combining traditional mobile malware with on-device AI automation, attackers can more effectively mimic trusted communications and bypass static defenses. As mobile devices remain primary gateways for financial services and corporate access, the findings highlight the need for behavior-based monitoring, strict app controls, and ongoing mobile-security awareness.
Read the full report here.
