Artificial intelligence is helping businesses work faster, but it is also giving cybercriminals powerful new tools. Across the UAE, companies are being warned about a growing rise in AI-powered scams that are becoming harder to detect and more expensive to stop. Experts warned that these attacks now look so realistic that employees often mistake them for normal business communication.
According to a recent study by insurer QBE, 21 per cent of UAE organizations experienced an AI-linked cyber incident over the past year. While that figure remains below the global average, cybersecurity experts say the sophistication of these scams is increasing rapidly.
According to Sam Tayan, Regional Vice President for META at cybersecurity firm Illumio, "AI-powered scams are getting harder for businesses in the region to spot because they no longer look like scams. They look like business as usual."
One of the biggest concerns is AI-powered phishing. Unlike older scam emails filled with spelling mistakes and awkward language, today’s AI-generated messages are polished, personalised, and designed to mimic trusted colleagues, suppliers, or business partners. Cybersecurity firm Illumio estimates that AI-driven phishing now contributes to more than 90 per cent of digital breaches in the UAE.
"Things like poor grammar, awkward phrasing and generic wording used to give these attacks away," Tayan said. "Now messages are well written, localised and timed to fit real business activity."
Businesses are also facing a surge in business email compromise attacks. Criminals are using AI to create realistic invoices, contracts, and supplier communications to trick finance teams into transferring funds or sharing sensitive information.
Deepfake technology is creating an even bigger challenge. Fraudsters can now clone executive voices and send convincing voice messages requesting urgent payments, confidential files, or security credentials. In many cases, the audio sounds authentic enough to bypass suspicion.
Also Read: OpenAI Takes on Anthropic with AI-Driven Cybersecurity Platform ‘Daybreak’
Experts said businesses should assume some attacks will succeed and focus on reducing damage. Strong verification processes, multi-factor authentication, employee training, and stricter access controls are becoming essential. Many firms are also reviewing incident response plans as AI-powered cyber threats continue to evolve. With AI adoption accelerating across industries, cybersecurity has become a core business risk that requires constant attention for UAE businesses.