2024 State of Vishing Report

Social Engineering News: Impersonation

Share This Post

Social engineering attacks that employ impersonation tactics continue to plague companies. According to the FBI’s 2020 Internet Crime Report, the top 3 crimes reported in 2020 were phishing scams, non-payment/non-delivery scams, and extortion. Notably, victims lost the most money to business email compromise scams, romance and confidence schemes, and investment fraud.

What is Impersonation?

At Social-Engineer, we define impersonation as the “practice of pretexting as another person with the goal of obtaining information or access to a person, company, or computer system.”

Impersonation scams can be carried out in several ways, such as through social media platforms, phone, and email. Bad actors may also employ physical impersonation attacks with the intent to gain physical entry. Let’s look at some notable examples from 2021.

Social Engineering News ImpersonationImage: https://www.greeleyweldcountycriminallawyer.com/home/fraud-and-forgery-defense-attorney-in-weld-county/criminal-impersonation-greeley-lawyer

The following social engineering news stories show how cybercriminals are using impersonation.

  • A United Arab Emirates bank lost $35 million to an impersonation scam that used AI-enhanced voice simulation combined with phishing emails. According to court documents, investigators say the bank manager received a phone call that sounded like the director of the company. At the same time, the bank manager also received emails, impersonating the director, related to the phone call. This sophisticated impersonation scam is surely a warning of the dangers of deepfakes.
  • As reported by HackerNews, Israeli IT and communication companies were at the center of a supply chain attack campaign. The campaign involved impersonating the firms and their Human Resources personnel to target victims with fake job offers. The goal of the impersonation and fake job offer was to penetrate the companies’ computers and gain access to their clients.

Social-Engineer Teaming Service —Test, Educate and Protect

Impersonation scams in all their forms will continue to be a threat to companies. Social-Engineer Teaming Service can help your company identify employee vulnerability to this attack vector. We conduct these tests using research-driven and scientifically-proven social engineering tactics, such as deception and influence. Performance of these tests includes using on-site impersonation, phone vishing, email phishing, and other communication means when necessary. Please contact our team for a quote.

More To Explore

Learning from the MGM Security Breach
Protect Yourself

Learning from the MGM Security Breach 

In the rapidly evolving digital landscape, no entity is immune to the pervasive threat of cyberattacks. The security breach at MGM Resorts highlights the vulnerability of even massive organizations. As

Smishing attacks in the news

SMiShing Attacks in the News 

SMiShing Attacks in the News In February 2024, 19.2 billion spam texts bombarded U.S citizens according to a recent report. As annoying as spam texts are, they are not always