# SoK: Exposing the Generation and Detection Gaps in LLM-Generated Phishing

**Authors:** Fengchao Chen, Tingmin Wu, Van Nguyen, Carsten Rudolph

arXiv: 2508.21457 · 2026-05-14

## TL;DR

This paper provides a comprehensive analysis of how large language models are exploited for phishing, revealing detection challenges and proposing a roadmap for countermeasures.

## Contribution

It offers the first holistic framework for understanding LLM-generated phishing, including a taxonomy of attack stages and defense strategies.

## Key findings

- LLM-generated phishing can evade detection systems.
- Phishing content manipulates human cognition effectively.
- Defense strategies are currently static compared to dynamic attack methods.

## Abstract

Phishing campaigns involve adversaries masquerading as trusted vendors trying to trigger user behavior that enables them to exfiltrate private data. While URLs are an important part of phishing campaigns, communicative elements like text and images are central in triggering the required user behavior. Further, due to advances in phishing detection, attackers react by scaling campaigns to larger numbers and diversifying and personalizing content. In addition to established mechanisms, such as template-based generation, large language models (LLMs) can be used for phishing content generation, enabling attacks to scale in minutes, challenging existing phishing detection paradigms through personalized content, stealthy explicit phishing keywords, and dynamic adaptation to diverse attack scenarios. Countering these dynamically changing attack campaigns requires a comprehensive understanding of the complex LLM-related threat landscape. Existing studies are fragmented and focus on specific areas. In this work, we provide the first holistic examination of LLM-generated phishing content. First, to trace the exploitation pathways of LLMs for phishing content generation, we adopt a modular taxonomy documenting nine stages by which adversaries breach LLM safety guardrails. We then characterize how LLM-generated phishing manifests as threats, revealing that it evades detectors while emphasizing human cognitive manipulation. Third, by taxonomizing defense techniques aligned with generation methods, we expose a critical asymmetry that offensive mechanisms adapt dynamically to attack scenarios, whereas defensive strategies remain static and reactive. Finally, based on a thorough analysis of the existing literature, we highlight insights and gaps and suggest a roadmap for understanding and countering LLM-driven phishing at scale.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/2508.21457/full.md

## Figures

19 figures with captions in the complete paper: https://tomesphere.com/paper/2508.21457/full.md

## References

142 references — full list in the complete paper: https://tomesphere.com/paper/2508.21457/full.md

---
Source: https://tomesphere.com/paper/2508.21457