• Microsoft Threat Intelligence flagged a rise in social engineering campaigns that use popular AI brands as lures, spanning phishing, malvertising, and SEO-driven attacks that can lead to credential theft, financial fraud, or malware infection.
• It cited a May 5, 2026 ChatGPT-themed phishing wave that sent 4,500 emails to South Africa, with related activity reaching 100,000 emails in a single day across Switzerland, Austria, and South Africa.
• Microsoft also tracked an April 20-22, 2026 Claude-themed campaign targeting users at more than 2,000 organizations, with indicators pointing to adversary-in-the-middle tactics aimed at capturing Microsoft sign-in tokens.
• Separately, it attributed large-scale AI-themed malvertising to Storm-3075, including a March 13, 2026 run that targeted more than 66,000 devices and delivered Vidar infostealer via code-signed malware.
• Microsoft said the activity reflected brand abuse rather than compromises of the AI vendors being impersonated.

Disclaimer: This news brief was created by Public Technologies (PUBT) using generative artificial intelligence. While PUBT strives to provide accurate and timely information, this AI-generated content is for informational purposes only and should not be interpreted as financial, investment, or legal advice. Microsoft Corporation published the original content used to generate this news brief on June 08, 2026, and is solely responsible for the information contained therein.