Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Report: Cybercriminals are Hiring Social Engineering Talent

    KnowBe4 Team | Aug 28, 2025

    Cybercriminal Uses Direct Social EngineeringReliaQuest has published a report on the cybercriminal recruitment ecosystem, finding that fluent English speakers with social engineering skills are highly sought-after.

    “Among the most in-demand skills is English-speaking social engineering, with job posts more than doubling from 2024 to 2025,” the researchers write. “Recruiters account for 87% of these postings, indicating strong demand, likely fueled by the success of groups like ‘Scattered Spider’ in leveraging this skill for initial access attacks.”

    The researchers note that deepfake technology can add another layer of sophistication to social engineering attacks. Accordingly, crooks are also looking to hire individuals with AI expertise

    “Looking ahead, once deepfake technology enables adversaries to remove language barriers in real time, it will present an even greater threat,” ReliaQuest says. “Attackers could target organizations across multiple languages, significantly expanding their reach. What’s more, with recruitment for English-speaking social engineers already at an all-time high, real-time deepfake technology offers an alternative to traditional methods. As such, social engineering attacks will almost certainly become more prevalent.”

    ReliaQuest also notes a surge of activity related to the newly popular ClickFix social engineering tactic, which tricks victims into running malicious commands on their computers.

    “The cybercriminal job market is a key driver in accelerating the adoption of emerging attack techniques, as demonstrated by the rise of ClickFix malware execution. Between late 2024 and early 2025, ClickFix activity surged by an alarming 850%, with a 200% spike occurring within just one month of targeted recruitment posts appearing. This rapid escalation highlights how demand for specific expertise directly fuels the deployment of new methods, making it essential for organizations to monitor these shifts and proactively strengthen defenses.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    ReliaQuest has the story.

    Topics: Social Engineering Cybercrime Human Risk Management

    Discover Your Organization’s Phish-prone™ Percentage

    Ninety-one percent of data breaches begin with spear phishing. Launch our Free Phishing Security Test for up to 100 users to uncover your team's vulnerability and see how your security posture stacks up against industry benchmarks.

    Get Your Free Phishing Security Test

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk and agent security best practices, compliance strategies and industry research to help organizations strengthen their digital defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog

    Posts By Topic

    View All