Over the past year, the social engineering tactics used for cyber attacks have evolved significantly as attackers manipulate the inherent trust, biases, and vulnerabilities of individual human behavior to gain unauthorized access to sensitive information or systems.
Our “year in review” Cloud and Threat Report, revealed that in 2023, social engineering was the most common way attackers gained initial access to organizations. Social engineering-led attacks place an organization’s employees in a crucial role, essentially manipulating them into opening the door for the attacker to walk through. Social engineering can come in the form of disguised links (malicious ones posing as a link to a genuine service or system the user accesses every day, such as OneDrive), downloads suggested by trusted search engines (criminals have sophisticated SEO teams), and lately even deep faked phone calls purporting to be from colleagues asking for help accessing something.
The attraction for attackers in this method of access is that it enables access to inherently secure systems that are normally quickly patched against known security vulnerabilities and that provide limited remote access. Our research identified two of the leading categories of social engineering techniques to target employees—phishing and trojans.
Phishing data in the cloud
Phishing is the tactic of disguising emails and online messages to trick users into clicking on malicious links to steal credentials or other sensitive information. Netskope’s data found that employees fell for phishing scams three tim