Social Engineering 2.0: When artificial intelligence becomes the ultimate manipulator
Once the domain of elite spies and con artists, social engineering is now in the hands of anyone with an internet connection – and AI is the accomplice. Supercharged by generative tools and deepfake technology, today's social engineering attacks are no longer sloppy phishing attempts. They're targeted, psychologically precise, and frighteningly scalable.
Welcome to Social Engineering 2.0, where the manipulators don't need to know you personally. Their AI already does.
Deception at machine levels
Social engineering works because it bypasses firewalls and technical defences. It attacks human trust. From fake bank alerts to long-lost Nigerian princes, these scams have traditionally relied on generic hooks and low-effort deceit. But that's changed, and continues to.
'AI is augmenting and automating the way social engineering is carried out,' says Anna Collard, SVP of Content Strategy&Evangelist at KnowBe4 Africa. 'Traditional phishing markers like spelling errors or bad grammar are a thing of the past. AI can mimic writing styles, generate emotionally resonant messages, and even recreate voices or faces (https://apo-opa.co/409nwPV) – all within minutes.'
The result? Cybercriminals now wield the capabilities of psychological profilers. By scraping publicly available data – from social media to company bios – AI can construct detailed personal dossiers. 'Instead of one-size-fits-all lures, AI enables criminals to create bespoke attacks,' Collard explains. 'It's like giving every scammer access to their own digital intelligence agency.'
The new face of manipulation: Deepfakes
One of the most chilling evolutions of AI-powered deception is the rise of deepfakes – synthetic video and audio designed to impersonate real people. 'There are documented cases where AI-generated voices have been used to impersonate CEOs and trick staff into wiring millions (https://apo-opa.co/4e4JBVv),' notes Collard.
In South Africa, a recent deepfake video circulating on WhatsApp featured a convincingly faked endorsement by FSCA Commissioner Unathi Kamlana promoting a fraudulent trading platform. Nedbank had to publicly distance itself from the scam (https://apo-opa.co/4e4JCJ3).
'We've seen deepfakes used in romance scams, political manipulation, even extortion,' says Collard. One emerging tactic involves simulating a child's voice to convince a parent they've been kidnapped (https://apo-opa.co/3HY5WrR) – complete with background noise, sobs, and a fake abductor demanding money.
'It's not just deception anymore,' Collard warns. 'It's psychological manipulation at scale.'
The Scattered Spider effect
One cybercrime group exemplifying this threat is Scattered Spider. Known for its fluency in English and deep understanding of Western corporate culture, this group specialises in highly convincing social engineering campaigns. 'What makes them so effective,' notes Collard, 'is their ability to sound legitimate, form quick rapport, and exploit internal processes – often tricking IT staff or help-desk agents.' Their human-centric approach, amplified by AI tools, such as using audio deepfakes to spoof victims' voices for obtaining initial access, shows how the combination of cultural familiarity, psychological insight, and automation is redefining what cyber threats look like. It's not just about technical access – it's about trust, timing, and manipulation.
Social engineering at scale
What once required skilled con artists days or weeks of interaction – establishing trust, crafting believable pretexts, and subtly nudging behaviour – can now be done by AI in the blink of an eye. 'AI has industrialised the tactics of social engineering,' says Collard. 'It can perform psychological profiling, identify emotional triggers, and deliver personalised manipulation with unprecedented speed.'
The classic stages – reconnaissance, pretexting, rapport-building – are now automated, scalable, and tireless. Unlike human attackers, AI doesn't get sloppy or fatigued; it learns, adapts, and improves with every interaction.
The biggest shift? 'No one has to be a high-value target anymore,' Collard explains. 'A receptionist, an HR intern, or a help-desk agent; all may hold the keys to the kingdom. It's not about who you are – it's about what access you have.'
Building cognitive resilience
In this new terrain, technical solutions alone won't cut it. 'Awareness has to go beyond ' don't click the link,'' says Collard. She advocates for building 'digital mindfulness' and 'cognitive resilience' – the ability to pause, interrogate context, and resist emotional triggers (https://apo-opa.co/3FF6Zwn).
This means:
Training staff to recognise emotional manipulation, not just suspicious URLs.
Running simulations using AI-generated lures, not outdated phishing templates.
Rehearsing calm, deliberate decision-making under pressure, to counter panic-based manipulation.
Collard recommends unconventional tactics, too. 'Ask HR interviewees to place their hand in front of their face during video calls – it can help spot deepfakes in hiring scams,' she says. Families and teams should also consider pre-agreed code words or secrets for emergency communications, in case AI-generated voices impersonate loved ones.
Defence in depth – human and machine
While attackers now have AI tools, so too do defenders. Behavioural analytics, real-time content scanning, and anomaly detection systems are evolving rapidly. But Collard warns: 'Technology will never replace critical thinking. The organisations that win will be the ones combining human insight with machine precision.'
And with AI lures growing more persuasive, the question is no longer whether you'll be targeted – but whether you'll be prepared. 'This is a race,' Collard concludes. 'But I remain hopeful. If we invest in education, in critical thinking and digital mindfulness, in the discipline of questioning what we see and hear – we'll have a fighting chance.'
Distributed by APO Group on behalf of KnowBe4.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Zawya
20 minutes ago
- Zawya
Senegal's tech ecosystem thrives as tech hub evolves
OPTIC, Senegal's leading organization for tech professionals, has worked for three years with the Netherlands Trust Fund (NTF) V project at ITC to improve its services. Together we've improved Senegal's entire digital ecosystem by investing in new skills and opportunities. Positive spin-offs for Senegal's digital ecosystem OPTIC, the Organisation des Professionnels des Technologies de l'Information et de la Communication, has a long-standing and fruitful collaboration with ITC. They've worked with the current NTF V project, which is now winding down, as well as the previous NTF IV project. The project supports Senegal's efforts to grow its economy with digital technology. That includes both information technology (IT) companies, and business process outsourcing (BPO) firms that offer back-office services to international businesses. 'NTF's support has enabled us to establish our legitimacy and intensify our efforts in the Senegalese tech ecosystem,' said Antoine Ngom, President of OPTIC. 'Dozens of IT and BPO start-ups have benefited from this initiative, not to mention the indirect spin-offs that have benefited the entire tech economy.' OPTIC has set itself several goals: to create a regulatory environment conducive to growth and innovation; to improve the skills and competitiveness of players on international markets; and to foster partnerships. 'Our members have been able to seize international development opportunities thanks to personalized coaching sessions, as well as work on their pitch and sharpen their fund-raising skills through specialized training courses. Participation in leading B2B events, both national (SIPEN) and international (VivaTech, Africarena, GITEX International), considerably increased their visibility and expanded their professional network. A 360° diagnosis helped them to identify levers for improving their company's performance, while certification support opened doors to national and international public procurement markets, synonymous with new growth prospects. The agritech community also benefited from a number of thematic meetings and a mapping of solutions.' Strengthen achievements and maintain regional influence OPTIC also received comprehensive, structuring support from the NTF V Project. After a performance diagnosis, OPTIC restructured its governance, revised its fundamental texts, and defined its recruitment needs for the permanent secretariat. 'Cooperation between OPTIC and the NTF V project has also helped to make the SIPEN trade show a major focal point for players in the African digital economy. And that's not counting the technical support we've provided for workshops, digital mornings and other ThémaTIC breakfasts that benefit Senegal's Tech community,' said Ngom. All these initiatives have contributed to the emergence of the Digital Senegal consortium and to the realization of promising partnerships with players such as Sen Startup. 'There's no doubt that the NTF V project has helped OPTIC to strengthen its leadership capabilities and increase its regional influence. We've seen a significant increase in membership over the past few years,' added Ngom, who hopes to build on this positive impact over the long term. Now that the trade organization has secured a plot of land on which to build its future head office, achieving financial autonomy is a new challenge. 'We want OPTIC to reinforce its position as a key digital player in Senegal and more widely in West Africa. To achieve this, we plan to boost our regional cooperation and support dialogue with public authorities more than ever. To continue our work, diversify our best practices and develop profitable activities, we are launching an appeal to national and international partners,' he said. Ngom hopes a future NTF VI project will be part of that. About the project The Netherlands Trust Fund V (NTF) programme (July 2021 – June 2025) is based on a partnership between the Netherlands Ministry of Foreign Affairs and the International Trade Centre. NTF V supports SMEs in the digital technology and agribusiness sectors in Benin,Côte d'Ivoire, Ethiopia, Ghana, Mali, Senegal and Uganda. Its ambition is to contribute to an inclusive and sustainable transformation of agri-food systems partly through digital solutions, to improve the international competitiveness of local tech start-ups and to support the implementation of the export strategy of IT&BPO companies. Distributed by APO Group on behalf of International Trade Centre.
Zawya
20 minutes ago
- Zawya
Kaspersky uncovers Dero crypto miner spreading via exposed container environments
Kaspersky Security Services experts have identified a sophisticated cyberattack campaign targeting containerized environments to deploy a miner for the Dero cryptocurrency. The attackers abuse exposed Docker APIs — parts of Docker, an open-source container development platform. In 2025, there are a significant number of Docker API default ports that are insecurely published, accounting for almost 500 occurrences worldwide on average each month. In the discovered campaign, cybercriminals inject two types of malwares into the compromised systems: one is the miner itself and the other is a propagation malware that can spread the campaign to other insecure container networks. Kaspersky experts discovered this malicious campaign as part of a compromise assessment project. According to expert estimates, any organization that operates containerized infrastructure — while exposing Docker APIs without robust security controls — can be a potential target. These may include technology companies, software development firms, hosting providers, cloud service providers and more enterprises. According to Shodan, in 2025, there are 485 published Docker API default ports [1] worldwide each month on average. This figure illustrates the campaign's potential attack surface by tallying the 'entry points' — or insecurely exposed ports that attackers might target. Once attackers identify an insecurely published Docker API, they either compromise existing containers or create new malicious ones based on a legitimate standard Ubuntu image. They then inject two malware types into the compromised containers: 'nginx' and 'cloud'. The latter is a Dero cryptocurrency miner, while 'nginx' is a malicious software that maintains persistence, ensures execution of the miner and scans for other exposed environments. This malware allows attackers to operate without traditional Command-and-Control (C2) servers; instead, each infected container independently scans the internet and can spread the miner to new targets. An infection chain scheme 'The campaign has the potential for exponential growth of infections, with each compromised container acting as a new source of attack, if security measures are not immediately put in place in the potentially targeted networks,' explains Amged Wageh, an incident response and a compromise assessment expert at Kaspersky Security Services. 'Сontainers are foundational to software development, deployment, and scalability. Their widespread use across cloud-native environments, DevOps, and microservices architectures makes them an attractive target for cyber attackers. This growing reliance demands organizations adopt a 360-degree approach to security — combining robust security solutions with proactive threat hunting and regular compromise assessments'. The attackers embedded the names 'nginx' and 'cloud' directly in the binary — an inflexible executable file composed of instructions and data for the processor, not for humans. This is a classic masquerading tactic that lets the payload pose as a legitimate tool, trying to deceive both analysts and automated defenses. To mitigate against container-related threats, Kaspersky recommends: Companies that use Docker APIs should immediately review the security of any potentially exposed infrastructure — specifically, refrain from publishing the Docker APIs unless there is an operational need and consider securing the published Docker APIs via TLS. Uncover active cyberattacks and previous unknown attacks that flew under the radar with Kaspersky Compromise Assessment. Containerization is the most popular application development method at the moment. But risks can emerge in each component of a container's infrastructure and may heavily impact business processes. The protection of containerized environments is crucial and requires specialized security solutions. Kaspersky Container Security provides security for all stages of containerized application development. Besides the development process, the solution protects runtime, for example, it controls the launch of only trusted containers, the operation of the applications and services inside the containers and monitors the traffic. Adopt managed security services by Kaspersky such as C ompromise Assessment, Managed Detection and Response (MDR) and / or Incident Response, covering the entire incident management cycle – from threat identification to continuous protection and remediation. They help to protect against evasive cyberattacks, investigate incidents and get additional expertise even if a company lacks cybersecurity workers. The full technical analysis is available on Securelist. Kaspersky products detect these malicious implants with the following verdicts: and About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company's comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and over 200,000 corporate clients protect what matters most to them.
Zawya
20 minutes ago
- Zawya
Angola, United States (U.S.) Set Course for Expanded Energy Cooperation During Meeting in Washington
Angola has taken a decisive step in advancing its strategic partnership with the U.S., following a high-level meeting between Angolan Minister of Mineral Resources, Oil and Gas Diamantino Azevedo and U.S. Secretary of Energy Chris Wright in Washington, D.C. on June 11. The meeting – also attended by Angola's Ambassador to the U.S., Agostinho Van-Dúnem – underscored the shared commitment of both nations to deepen cooperation across oil and gas, critical minerals and renewable energy development. American companies have long played a leading role in Angola's oil and gas industry, from offshore exploration to production and infrastructure. Minister Azevedo and Secretary Wright explored opportunities to build on this foundation through new upstream projects, gas monetization, refining and critical mineral development which is vital for clean technology supply chains. They also highlighted Angola's efforts to attract U.S. capital for renewable energy initiatives, particularly in solar and green hydrogen, as part of the country's diversification and modernization drive. 'This meeting reflects the robust and evolving partnership between Angola and the United States. We are committed to working together to achieve a balanced energy transition – one that leverages Angola's natural resources, advances technological cooperation and contributes meaningfully to our economic transformation and development goals,' stated Minister Azevedo. With more than nine billion barrels of proven oil reserves and 11 trillion cubic feet of natural gas, Angola has unveiled over $60 billion in oil and gas investment prospects through its National Oil, Gas and Biofuels Agency (ANPG). These span exploration, development, gas processing, refining and midstream infrastructure. A licensing round set to launch this year will offer ten new blocks in the Kwanza and Benguela basins, while 11 additional blocks are open for direct negotiation, alongside five marginal field opportunities. U.S. firms continue to play a foundational role in Angola's energy landscape. Earlier this month, ExxonMobil, as a joint venture partner alongside operator TotalEnergies, secured an extension of the PSC for Block 17, enabling continued deepwater exploration and development in this prolific basin and underscoring its long-term commitment to Angola's offshore sector. Meanwhile, ExxonMobil is advancing the redevelopment of Block 15 – where over 2.6 billion barrels have already been produced – with an 18-well program extending the block's life by more than two decades and yielding two new discoveries. The company is also undertaking prospective studies on Blocks 17/06 and 32/21, in collaboration with TotalEnergies and ANPG, aiming to identify future drilling targets. Chevron, through its affiliate Cabinda Gulf Oil Company, is leading Angola's gas development efforts. The company has ramped up gas supply to 600 million cubic feet per day to the Angola LNG plant and achieved first gas earlier this year from its Sanha Lean Gas Connection Project, which will supply both the Soyo power plants and Angola LNG. Angola LNG – one of sub-Saharan Africa's few operational LNG export terminals – offers a strategic entry point for U.S. firms into global LNG supply chains. As part of the New Gas Consortium, Chevron is also developing Angola's first non-associated gas project, set to come online in late 2025 or early 2026. Downstream and midstream projects are another key pillar of Angola's energy transformation. Construction is advancing on the $920-million Cabinda Refinery, with U.S. firms engaged in engineering and procurement roles. The U.S.-backed Lobito Corridor – a major infrastructure initiative connecting Angola's Lobito port to Zambia and the DRC – is poised to boost regional energy transport and industrialization, offering additional opportunities for American companies in logistics, storage and rail-linked energy infrastructure. Complementary investments in storage terminals, fuel distribution and domestic refining capacity are helping Angola reduce its reliance on imports and increase energy self-sufficiency. The engagement marks a renewed commitment to aligning U.S.-Angola energy collaboration with the goals of sustainable development, energy security and economic modernization. Distributed by APO Group on behalf of African Energy Chamber.
