26th February 2026 – TrendAI, a business unit of Trend Micro, has released new research demonstrating how artificial intelligence (AI) can automate open-source intelligence collection and transform public LinkedIn activity into highly actionable targeting material.
The proof of concept shows how posts, images and metadata from public professional profiles can be collected, analysed and operationalised into personalised spear-phishing content at machine speed.

Why it matters:

For years, highly targeted attacks required skilled human operators and significant manual research. This research shows that AI dramatically reduces the time, cost and expertise required to profile individuals and leadership teams.

Reconnaissance is no longer a bottleneck.

Attackers can now automate what was once a manual process and scale personalisation across entire organisations.

Public professional activity, long considered low risk, now functions as machine-readable intelligence.

Key findings:

• AI has turned OSINT from a manual craft into an automated pipeline
• LinkedIn posts and images can be enriched into structured organisational intelligence
• Leadership teams can be profiled in under 30 minutes using widely available tools
• Personalised emails and convincing phishing sites can be generated automatically
• An organisation’s attack surface now includes employee digital footprint

What the proof of concept demonstrated:

• Collection of public LinkedIn data without login or privileged access
• Automated image and contextual post analysis
• Creation of company-level and employee-level intelligence profiles
• Identification of high-resonance themes for targeted messaging
• Automated generation of realistic marketing-style content that could be repurposed for phishing

No private data was accessed. No systems were breached. The research relied solely on publicly available information.

Implications for organisations:

This research challenges the assumption that attackers operate at the human scale.

If reconnaissance can be automated, exposure expands. Digital footprint becomes a strategic risk. Security models that focus only on infrastructure overlook a growing external intelligence layer built from employee activity.

Defensive posture must evolve from awareness training alone to include structured exposure management, digital hygiene policies and threat modelling that assumes deep external visibility.

Quote for press:

“The most worrying part isn’t how sophisticated the system is, but how achievable it is”, said Numaan Huq, senior threat researcher at TrendAI. “If one researcher can build this in just over a day using accessible tools, we should assume motivated attackers are already doing the same. The question is whether organisations adjust their assumptions before it’s exploited at scale.”