The fake Rolex problem: How AI turned amateur attackers into nation-state threats

AI turns phishing into scalable, expert-level attacks

Opinion By Alan LeFort published 27 April 2026

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads
• Email

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter

Have you ever held a really good fake Rolex? Not the forty-dollar beach version. The kind that makes a jeweler pause.

The movement is Swiss. The crystal is sapphire. The bracelet is 904L steel, the same alloy Rolex actually uses. Every component genuine, sourced from real suppliers, assembled with real craftsmanship.

The only thing that's fake is the crown on the dial, and the person selling it to you.

Article continues below

That's the state of phishing in 2026. The emails hitting your inbox right now are built from real parts.

Real SendGrid accounts. Real Cloudflare CAPTCHAs. Real Google redirects. Real Microsoft domains. Your security tools inspect each component and return a clean verdict, because each component is legitimate. The only counterfeit is the intent.

Alan LeFort

Alan LeFort is CEO of StrongestLayer.

What makes this moment different from every prior evolution of the threat is this: AI tools didn’t just make these attacks more convincing. It made the expertise required to build them nearly free.

The research was right. The prediction was wrong.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors