Targeted individuals — most likely victims of social engineering attacks in 2023

Social engineering refers to a wide variety of operations that aim to exploit a human error or behavior in order to get access to information or services. It employs different sorts of deception — such as phishing or baiting tactics — to dupe people into handing up sensitive information.

According to data presented by the Atlas VPN team, targeted individuals were the most common victims of social engineering attacks throughout the latter part of 2022 and the initial half of 2023. 

During the observed period, around 31% of all social engineering attacks were aimed at targeted individuals, with the public administration sector following second at 18% of incidents.

The numbers are based on the European Union Agency for Cybersecurity (ENISA) Threat Landscape report, October 2023 edition. ENISA observed approximately 2,800 cybersecurity incidents in the European Union and beyond throughout the study period.

The “all” category encompasses cybersecurity events that have a global effect across markets was the third-most (7.97%) targeted sector in social engineering attacks. It reinforces the notion that cyber threats transcend the boundaries of specific industries or sectors.

The banking and finance sector (5.49%) follows closely, while the postal and courier sector (5.22%) rounds out the top five social engineering victims. The disparage in share percentages between first place and others is a testament to how threat actors view targetting individuals as the most profitable attack vector.

Digital infrastructure (4.4%), digital service providers (4.12%), as well as media and entertainment (3.3%), were also some of the most-targeted sectors in social engineering attacks, among others.

Affordability and AI drive phishing campaigns

A plethora of tactics employed by cybercriminals fall under the term of social engineering, with phishing emails and conversation hijacking being some of the most notorious. However, as technology evolves, so do the threats. 

Throughout the study period, five factors were seen as the most influential in social engineering strategies this past year:

1. Phishing and Phishing-as-a-Service (PhaaS): Phishing remains a prevalent and influential tactic due to its time efficiency, with the emergence of PhaaS amplifying its reach.
2. Availability and Affordability of Services: The availability and affordability — with prices reported as low as 15 USD — of PhaaS and similar services contribute to the proliferation of social engineering attacks.
3. AI-Driven Innovations: The use of AI for crafting convincing phishing emails, deepfakes, and AI-driven data mining, is driving innovation in social engineering tactics.
4. Changes in Threat Actor Behavior: Threat actors are adapting to overcome increased security measures, including multi-factor authentication, employing novel approaches like MFA fatigue attacks, adversary in the middle (AitM), and SIM swapping.
5. Personal and Intimidating Approaches: Threat actors are using more personal and intimidating approaches, targeting individuals with personal threats and even involving their family members, marking a progression in the scope of social engineering attacks.

Social engineering is still a powerful and adaptive threat in the cybersecurity arena. Its simplicity, cost-effectiveness, and profitability make it a favorite approach among threat actors. The primary defenses against these developing approaches are vigilance, updated security measures, and knowledge.