3 Ways AI Powers Service Desk Attacks and How to Prevent Them

Artificial intelligence is becoming a significant tool for attackers targeting service desks, as highlighted by IBM's 2025 Cost of a Data Breach Report, which found AI used in 16% of breaches. These attacks often leverage AI for sophisticated phishing and deepfake impersonation, aiming to bypass technical security controls by manipulating service desk agents. The onboarding process is particularly vulnerable due to the inherent need for new employees to gain rapid access while their identities are not yet fully established within the organization.
Attackers are using AI to make impersonation attempts more convincing. Generative AI can quickly produce polished emails, chat messages, and call scripts that mimic legitimate communications. In more advanced scenarios, AI-generated voice or video can be used to impersonate employees, making it exceedingly difficult for service desk agents to discern real requests from fraudulent ones. This is especially problematic during onboarding, where attackers can pose as new hires and exploit the expected access issues to push through malicious requests.
AI also significantly accelerates the reconnaissance phase, enabling attackers to gather and personalize information more effectively. By scraping public sources like LinkedIn, company websites, and social media, threat actors can gather details about new employees, their roles, departments, and even the internal tools they will use. AI then helps weave this information into believable narratives, making malicious requests appear routine and increasing the likelihood of quick approval.
The scalability of service desk attacks is another area where AI provides a considerable advantage. Attackers can use AI to generate numerous variations of phishing emails and pretexts, allowing them to test and adapt their social engineering campaigns rapidly. This ability to scale and adapt makes it harder for service desks, which are designed for speed, to differentiate genuine tasks from persistent, urgent-sounding malicious requests.
To combat these AI-enabled threats, a shift from relying solely on agent judgment under pressure to implementing specialized security solutions is necessary. Securing the onboarding process, a high-risk period for service desks, is paramount. Solutions that provide robust identity verification tools empower agents to confidently validate users and protect credentials.
One key preventive measure is secure password delivery during onboarding. Instead of sending sensitive credentials via insecure channels like SMS or email, organizations can utilize secure enrollment links. This approach allows new hires to create their own strong passwords, eliminating the risk of interception during transit from the service desk.
Biometric liveness detection offers another layer of defense against impersonation. Traditional identity checks, such as answering security questions, are increasingly vulnerable to information sourced online. Liveness detection ensures that a real person is present during verification, effectively countering static images, recordings, masks, or deepfakes, which is crucial for remote onboarding scenarios.
Finally, verifying identity rigorously before sensitive service desk actions are performed is critical. Actions like resetting privileged account passwords should trigger enhanced checks, including biometric liveness detection, to provide high assurance of the request's legitimacy and its association with the correct account. This ensures agents can make trust decisions with greater confidence, moving away from assumed trust to verified identity.





