Knowledge Tree
social engineering
Also known as: social engineering attacks
Facts (19)
Sources
Cybersecurity Trends and Predictions 2025 From Industry Insiders itprotoday.com 16 facts
claimSam Peters, the chief product officer at ISMS.online, warns that stolen biometric data could be utilized for identity theft or forged into digital profiles for social engineering attacks.
claimGenerative AI tools and techniques, such as deepfakes and targeted social engineering, are expected to move down-market and become accessible to ordinary cyber criminals in 2025.
perspectiveSteve Wilson, chief product officer at Exabeam, advises that organizations must implement AI-driven security tools that continuously learn from and adapt to emerging attack patterns to counter advanced social engineering attacks.
claimMobile phishing and social engineering attacks targeting political figures at all levels of government will increase post-election.
claimDeepfake technology is evolving rapidly and serves as a critical vector for social engineering attacks that can bypass traditional detection methods.
claimSelena Larson notes that due to hardened organizational defenses, threat actors are seeing an uptick in targeting individual consumers again through social engineering tactics like pig butchering and sophisticated job scams.
claimArtificial intelligence will increase the threat of social engineering by enabling junior attackers to generate multilingual, credible, and official-sounding text to manipulate people.
claimPersonalized extortion scams, where cybercriminals use publicly available information to research victims, will redefine social engineering attacks.
claimRiaz Lakhani, CISO at Barracuda, expects to see high-quality phishing attacks that utilize layered follow-up social engineering tactics to warm up targets.
claimRiaz Lakhani, CISO at Barracuda, predicts that threat actors will use artificial intelligence to scale content creation, produce more persuasive content, and employ deepfake and voice replication technologies for sophisticated phishing and social engineering attacks.
claimFraudGPT is a tool designed to generate highly convincing scams and social engineering attacks, allowing fraudsters to craft personalized, deceptive messages that exploit human and system-level weaknesses.
claimCybercriminals will use AI to craft personalized phishing and social engineering campaigns by adapting messages on the fly and analyzing media and social media trends.
claimAI-powered attack techniques, including autonomous malware, social engineering, data exfiltration, and credential stuffing, are becoming significantly harder to detect than traditional threats.
claimIn 2025, there will be an increased risk of social engineering and supply chain attacks as digital ecosystems become more connected.
claimAttackers may use AI to craft sophisticated social engineering attacks and review public code for vulnerabilities, complicating cybersecurity in the near future.
claimSocial engineering has evolved significantly over the past year, leading to more sophisticated and evasive mobile phishing attacks that traditional defenses struggle to mitigate.
A Survey of Incorporating Psychological Theories in LLMs - arXiv arxiv.org 1 fact
referenceTharindu Kumarage, Cameron Johnson, Jadie Adams, Lin Ai, Matthias Kirchner, Anthony Hoogs, Joshua Garland, Julia Hirschberg, Arslan Basharat, and Huan Liu published 'Personalized attacks of social engineering in multi-turn conversations–llm agents for simulation and detection' as an arXiv preprint in 2025.
Cyber Insights 2025: Open Source and Software Supply Chain ... securityweek.com Jan 15, 2025 1 fact
claimAttackers will continue to exploit the lack of governance in Open Source Software by using a combination of social engineering, such as the XZ Utils incident, and technical attacks to compromise widely used components.
State of the Software Supply Chain Report | 10 Year Look - Sonatype sonatype.com 1 fact
accountIn 2024, an attempted supply chain attack on the XZ-utils compression library occurred, which utilized a 'benevolent stranger' playbook involving long-term social engineering to gain trust within the project.