Contact Us

On February 27, NetSPI Director Patrick Sayler was featured in the Dark Reading article called As Social Engineering Attacks Skyrocket, Evaluate Your Security Education Plan. Read the preview below or view it online.

+++

Social engineering-based attacks are a popular form of security manipulation, with cybercriminals using this technique for 98% of attacks in 2022.

Social engineering can take many forms, including vishing (phone), phishing (email), and smishing (text). All have proven effective in infiltrating corporate networks. Social engineering attacks are so effective they’re even outsmarting some of the best cybersecurity experts. Just last month, threat actors targeted security enthusiasts by creating fake Twitter accounts and stores for the Flipper Zero, a penetration testing tool rising in popularity. One Twitter account even responded to users — making it appear legitimate.

One social engineering tactic that’s continued to hamper organizations over time is vishing, a phone-based attack that remains a successful, lucrative avenue for cybercriminals. This method is typically used to gain a foothold in an environment through a less-senior or new employee, often by the attacker posing as a help desk representative or another helpful internal resource.

Defensive Security Options

While many organizations understand the rise in social engineering attacks and the importance of education and awareness to prevent them, recent trends indicate a need for a more strategic approach. To kickstart a new defensive security plan designed specifically for social engineering attacks, give these practices a try.

  • Educate from the top down. Too often, we see organizations focused on educating newer employees. To have a real effect, organizations’ security training programs must start at the top and trickle down to the bottom.

This means including the C-suite, regardless of their tenure, in regular education training and curriculum. It’s not on one individual to stop social engineering attacks from happening. Rather, it requires leadership to recognize there’s an ongoing challenge and put precautions in place to remediate the issue. With senior leaders regularly making security a priority across the entire business, this will help all employees adopt a security-first mindset over time.

Read the full article at Dark Reading!

Explore More News

NetSPI in the News | April 6, 2026

When AI Starts Taking Action, Security Needs to Think Differently

CIO Influence interviewed NetSPI's Field CISO, Nabil Hannan, for an April 6, 2026 article about how AI systems are evolving from generating outputs to taking autonomous actions, amplifying existing vulnerabilities and requiring organizations to adopt proactive security measures and robust governance to mitigate risks.

Learn More
NetSPI in the News | April 1, 2026

Minneapolis Cybersecurity Firm NetSPI Eyes $80M-Plus Acquisitions to Fuel AI Push

Minneapolis/St. Paul Business Jounral interviewed NetSPI's President and CEO, Aaron Shilts, for an April 1, 2026 article about NetSPI pursuing acquisitions to expand its AI capabilities, enhance customer offerings, and maintain sustainable growth among evolving industry demands.

Learn More
NetSPI in the News | March 31, 2026

March 31 is World Backup Day. Here’s How to Protect Your Data Now

Forbes interviewed NetSPI's Field CISO, Nabil Hannan, for a March 31, 2026 article about World Backup Day and the importance of protecting data.

Learn More
Proactive Security News You Actually Want to Read. Sign Up for the NetSPI Newsletter Today.
NetSPI

NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so you can protect what matters most to you.

© 2026 NetSPI LLC.

Privacy Policy

Modern Slavery Statement Trust Center