Here is the rewritten content, retaining the original length, headings, and titles:

The Rise of AI-Powered Social Engineering

Social engineering is advancing at the speed of generative AI, offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. According to the FBI, "As technology continues to evolve, so do cybercriminals’ tactics."

More Realism, Better Pretexting, and Multi-Lingual Attack Scenarios

Traditional social engineering methods involve impersonating someone the target knows, using tactics like email impersonation and psychological triggers to boost the chances of a successful breach. However, these methods often fall apart when the target wants to verify their identity in some way.

GenAI has changed the game, with deepfake videos allowing attackers to analyze and recreate a person’s mannerisms and speech, and voice cloning technology enabling voice phishing attacks. The growing capability of these technologies is reflected in Open AI’s recommendation for banks to phase out voice-based authentication as a security measure.

Text-based communication is also transformed with GenAI, allowing malicious actors to operate at near-native speaker level, with outputs able to be trained on regional dialects for even greater fluency. This opens the door to new markets for social engineering attacks, with language no longer a blocker when selecting targets.

Bringing Order to Unstructured OSINT with GenAI

With GenAI, attackers can now build up profiles to use with social engineering attacks on individuals and organizations they’re connected to, using publicly available data to gather information. AI can also do this at hyperspeed, scouring the internet for unstructured data to retrieve, organize, and classify all possible matches.

Facial recognition systems can be used to upload a photo of someone and let the search engine find all the places they appear online. The information is available publicly, making it possible to access and aggregate this information anonymously, even with paid-for GenAI tools.

Turning Troves of Data into Troves of Treasure

Large-scale data leaks are a fact of modern digital life, with over 533 million Facebook users having details compromised in 2021 and more than 3 billion Yahoo users having sensitive information exposed in 2024. GenAI tools can autonomously sort through high volumes of content, finding any data that could be used maliciously.

The AI maps the creators of the documents, establishing any incriminating connections between different parties, including wire transfers and confidential discussions. Many tools are open source, allowing users to customize with plugins and modules.

The GenAI Genie is Out of the Bottle – Is Your Business Exposed?

Attackers can now use the internet as a database, with GenAI getting to work, running real-time queries to mine, uncover, and process connections and relationships. This democratizes the landscape, with the rise of ‘hacking as a service’ that does much of the hard work for cybercriminals.

Protecting Your Business

We’ve built a threat monitoring tool that tells you what potentially compromising information is available about your organization. It crawls every corner of the internet, letting you know what data is out there and could be exploited to build effective attack pretexts, so you can take action before an attacker gets to it first.

Stay Informed

Follow us on Twitter and LinkedIn to read more exclusive content we post.