New Cyber Attack Techniques Will Not Replace Old-School Social Engineering

Social Engineering Old-School Cyber AttackEven though there are new attack types for cybercriminals, they are still leveraging old-school attack vectors. Why? Because they still work.

I cover new attack methods all the time, with recent examples including a sophisticated phishing campaign impersonating Microsoft and an attack last month targeting the Ukrainian military. Even though cybercriminals have been known to use advanced technologies such as ChatGPT and artificial intelligence (AI), there are still several reported attacks that are very basic and successful.

With old methods, bad actors can implement automation using these new technologies to pull off simple attacks even quicker and easier than before. They are also using AI to implement deepfake cyber attacks. All it takes is user credentials and social engineering to enter your organization's network. 

These attacks take advantage of one common theme - human behavior. By using common social engineering tactics that rely on human error, threat actors will continue to be successful in execution. A hacker may be thinking, "Why would I want to launch a new and complex attack when the old method works all the same?"

The only way to defend against any type of socially engineered attack is through new-school security awareness training. With continual end-user education your users can have all the resources they need to report any malicious activity, no matter how simple or complex the attack method.   

KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Dark Reading has the full story. 

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews