Jun 9, 2023 - Technology

Social-engineering scams get more sophisticated

Data: Verizon's 2023 Data Breach Investigations Report; Chart: Axios Visuals

The number of cyber incidents involving a fake story or other pretext to lure in victims has more than doubled in the last year, according to a report from Verizon this week.

Why it matters: Pretexting typically involves scammers sending emails, texts or social media messages that purport to be from a family member, boss or client — making it much easier for victims to fall for and harder for company IT teams to detect.

By the numbers: Pretexting was involved in 4.1% of the 16,312 security incidents between November 2021 and October 2022 that Verizon studied for its report.

  • That's nearly double the 2.4% share that involved pretext in last year's analysis.

The big picture: Three-fourths of all breaches started with humans, according to Verizon's 2023 report.

  • That included incidents where people fell for socially engineered messages or phishing emails, misused their network access, or continued to use leaked passwords.

The intrigue: Pretext-based attacks were responsible for some of the biggest security headlines in the last year.

  • A breach at Uber in September started when an employee sent their login credentials to someone claiming to be in the company's IT department.
  • And an attack on Twilio involved a similar scheme in which hackers pretended to be the company's IT team and texted employees that their passwords had expired.

Yes, but: Attacks involving pretext still make up a small sliver of all cyber incidents.

What's next: The generative AI boom is handing scammers the tools to customize pretext-based attacks with voice-message impersonations, faked images and other forgeries.

Sign up for Axios’ cybersecurity newsletter Codebook here

Go deeper