Threat Actors take Centre Stage with Social Engineering


As people get better at identifying potential threats in their inboxes, threat actors must evolve their methods. Their new M.O? Social engineering. And if recent news has taught us anything, it’s that this is working.

Over the past few months, the Singapore Police Force has issued a number of advisories around social engineering scams, ranging from false advertisements for cleaning services — where victims were asked to download an application to their mobile devices which contained malware to steal personal credentials — to scammers impersonating business partners or employees to get victims to help with payment requests, with losses amounting to at least $70.8 million.

In a bid to better understand just how cybercriminals are exploiting the human element, cybersecurity researchers at Proofpoint have released their  2022 Social Engineering Report, which analyses key trends and techniques of socially engineered cyber threats observed over the past year.

The report also reveals how popular and trusted services such as Google Drive and Discord are frequently abused by threat actors to convince victims, and highlights the 5 ways that victims fall prey to these scams because:

  • Threat actors spend time building trust with intended victims by holding extended conversations
  • Threat actors expand abuse of effective tactics such as using trusted companies’ services
  • Threat actors leverage orthogonal technologies, such as the telephone, in their attack chain
  • Threat actors know of and make use of existing conversation threads between colleagues
  • Threat actors regularly leverage topical, timely, and socially relevant themes

“Despite defenders’ best efforts, cybercriminals continue to defraud, extort, and ransom companies for billions of dollars annually. The struggle with threat actors evolves constantly, as they change tactics to earn clicks from end users.” said Sherrod DeGrippo, Vice President of Threat Research and Detection at Proofpoint.

“Security-focused decision makers have prioritized bolstering defenses around physical and cloud-based infrastructure which has led to human beings becoming the most relied upon entry point for compromise. As a result, a wide array of content and techniques continue to be developed to exploit human behaviors and interests.” added DeGrippo.

“In this new report, Proofpoint researchers analyze frequently used social engineering techniques and look to debunk faulty assumptions made by organizations and security teams, which should be taken into account to better protect their employees against cybercrime.” DeGrippo concluded.

You can read the full report here.