Hackers Surge Using Social Engineering Tactics, Target Execs NOW

UPDATE: Cybersecurity experts warn that hackers are increasingly using social engineering tactics to breach corporate IT systems, with dire implications for executives and sensitive data. New data from Palo Alto Networks reveals that social engineering was responsible for a staggering 36% of all incident response cases from May 2024 to May 2025.

As of October 22, 2025, threat actors are leveraging advanced technologies—such as deepfake videos and AI-powered voice cloning—to launch highly personalized attacks against corporate executives, government officials, and other high-profile targets. These attacks aim for impersonation, extortion, and disruptions across major industries.

According to Sam Rubin, senior vice president at Palo Alto Networks, “Executives hold the keys to the corporate kingdom.” In fact, two-thirds of social engineering incidents targeted privileged or executive accounts, underscoring the lucrative nature of these attacks.

In a shocking example, the British retailer Co-op suffered a significant breach this year, resulting in $275 million (£206 million) in lost sales. Hackers impersonated an employee, answered security questions, and reset account credentials, allowing them to exploit the system within just one hour. “That activity happened about an hour before they started to use the account maliciously,” said Rob Elsey, Co-op’s chief digital and information officer, during a July House of Commons hearing.

This attack has reignited focus on Scattered Spider, a notorious cybercrime group comprised of young, English-speaking hackers who operate within a loosely connected underground network. The group has been linked to a series of sophisticated attacks across various sectors, including retail, aviation, and insurance.

In another alarming incident, Workday confirmed a social engineering attack wherein hackers impersonated IT and HR officials to trick employees into resetting passwords, leading to unauthorized access to sensitive customer data.

Experts note that the evolution of social engineering tactics is largely due to advancements in security measures, such as multifactor authentication. Selena Larson from Proofpoint highlighted that attackers are now resorting to more complex methods, including the ClickFix technique for stealing credentials.

“A significant portion of executives fear that digital attacks could escalate to physical harm,” warned Brian Hill from BlackCloak, adding that personal contacts and family members are increasingly being targeted, making the threat more invasive than ever.

In response to these growing threats, cybersecurity professionals advise organizations and individuals to adopt comprehensive security measures. As Sam Lewis from Google Threat Intelligence Group noted, “Executives are increasingly vulnerable to targeting based on information that can easily be aggregated online.”

The urgency of these developments cannot be overstated. As hackers become more sophisticated and focused on high-value targets, the implications for corporate security are profound. Companies must act swiftly to protect sensitive information and safeguard their leaders from these evolving threats.

With attacks on the rise and the potential for severe financial and operational repercussions, organizations must prioritize cybersecurity now more than ever. The stakes are high, and the threat is real.

Stay tuned for further updates as this situation develops.