One Click Is All It Takes: Navigating the Risks of Social Engineering, Palo Alto Networks Report

To protect ourselves, we need to understand how social engineering is evolving, especially since AI has given scammers an upgrade with these three common tactics, as reported by Unit 42 Palo Alto Networks. First, AI generates phishing emails that are perfectly crafted with personalised details, closely mimicking messages from your bank or employer (in 67% of cases). Second, it can create fake voice calls by cloning a family member's voice or anyone from a short audio clip found online (23% incidents). Finally, hackers use AI to make their fake websites appear as top results in Google searches, deceiving users seeking customer service or a good deal. These AI-powered social engineering attacks have made ransomware 100x faster, a trend confirmed by Palo Alto Networks research showing the time to steal data has dropped from nine days in 2021 to just two days in 2023.

"The attack timeline has compressed 100-fold, from days to minutes. We're in a new era of cyberattacks - Attackers are now weaponizing AI to scale up social engineering, the top entry point for attacks, and exploit the ultimate vulnerability: human trust. The reality is that these sophisticated campaigns, from hyper-realistic phishing to techniques such as AI-assisted voice cloning and face swapping, which may add more layers of complexity, are succeeding because of foundational gaps in security hygiene. This means it's time to equip your organisation with technology that works faster than the threats and is specifically designed to shield everyone from these increasingly personal attacks," said Philippa Cogswell, Managing Partner, Unit 42, Asia Pacific and Japan.

Fortunately, Unit 42 Palo Alto has practical steps you can take to dramatically reduce your risk from social engineering attacks.

Use Multi-Factor Authentication (MFA)

This added layer of security is similar to a second lock on your digital door. Even if a hacker steals your password, they still can't get in without the temporary code from your phone or another trusted device. It is one of the most effective ways to secure your accounts, and should be enabled on all important services like email, banking, and social media.

Keep Security Simple

Simplifying cybersecurity is crucial because complex security rules are ineffective if people create workarounds that compromise security. This often happens when security measures impede day-to-day operational tasks. For example, being forced by websites or apps to change your password too often can cause 'password fatigue,' leading you to choose weaker, more predictable passwords. In contrast, when security is made simple, people are more likely to participate. For instance, using a password manager app simplifies your defense. It helps you maintain good password hygiene by storing strong, unique passwords for every account.

Flag Emails from New Sources

Most email systems now include external message indicators, which users should carefully observe. These visual identifiers, typically designed to be highly distinguishable from standard internal communications, serve as consistent prompts to exercise caution before interacting with links or attachments from unverified sources.

Block Suspicious Logins

Modern security systems can automatically block login attempts from unusual locations. For instance, if you're located in one country and someone attempts to access your account from another, the system can block them immediately. This also works for suspicious times of day, preventing a hacker from getting into your account at 3 AM.

Regularly Update your Device

Using an old app or operating system that's no longer supported is a major and unnecessary risk. Developers are in a constant race against hackers to find and fix security holes in their software. When a security hole is discovered in software, the developer releases a software update containing a "patch" to fix the problem and keep you safe. When systems or applications reach end-of-life status, they cease receiving these critical security updates, leaving them exposed to emerging threats. Organisations must ensure all devices operate on supported software versions and apply security patches promptly upon release. Delaying updates or running unsupported systems creates significant vulnerabilities that adversaries can exploit. Establish a regular update schedule and enable automatic updates where feasible to maintain robust security postures across all endpoints.

Ignoring these threats is no longer an option. With ransomware and phishing attacks happening at machine speed, awareness and proactive defenses such as AI-powered detection and automated response are essential to safeguarding individuals and organisations in today's rapidly evolving cyber landscape.

To learn more about staying safe online, download reports by Unit 42 Palo Alto Networks and review these blogs at the following links:

• 2025 Unit 42 Global Incident Response Report: Social Engineering Edition
• The Ransomware Speed Crisis Research
• 42 Tips to Build a Resilient Cybersecurity Program

• ข่าวPalo Alto Networks
• ข่าวo:member
• ข่าวo:loc
• ข่าวen
• ข่าวo:it