Dubai, UAE: Cybersecurity researchers at Proofpoint, a leading cybersecurity and compliance company, have released “The 2022 Social Engineering Report”, which analyzes key trends and techniques of socially engineered cyber threats observed over the past year. Social engineering is a component of nearly every threat actor’s toolbox who uses email as an initial access vector. From financially motivated cybercrime, to business email compromise (BEC) fraud, to advanced persistent threat (APT) actors, Proofpoint has observed countless tactics, techniques, and procedures relying on humans’ fundamental propensity to open and respond to emails.

As people get better at identifying potential threats in their inbox, threat actors must evolve their methods. And that means leveraging behaviors that may be antithetical to how people expect threat actors to behave. With half of UAE CISOs considering human error to be their organization's biggest cyber vulnerability, security awareness education across the organization should be a priority.

The latest social engineering report highlights some common misconceptions people may have about how criminal or state actors engage with them, including: threat actors may build trust with intended victims by holding extended conversations; they expand abuse of effective tactics such as using trusted companies’ services; leverage orthogonal technologies, such as the telephone, in their attack chain; know of and make use of existing conversation threads between colleagues; and regularly leverage topical, timely, and socially relevant themes.

Sherrod DeGrippo, Vice President, Threat Research and Detection, Proofpoint, said: “Despite defenders’ best efforts, cybercriminals continue to defraud, extort, and ransom companies for billions of dollars annually. The struggle with threat actors evolves constantly, as they change tactics to earn clicks from end users. Security-focused decision makers have prioritized bolstering defenses around physical and cloud-based infrastructure which has led to human beings becoming the most relied upon entry point for compromise. As a result, a wide array of content and techniques continue to be developed to exploit human behaviors and interests. In this new report, Proofpoint researchers analyze frequently used social engineering techniques and look to debunk faulty assumptions made by organizations and security teams, which should be taken into account to better protect their employees against cybercrime.”

The 2022 Social Engineering report looks at what services are frequently abused, such as Google Drive or Discord; how Proofpoint sees millions of messages directing people to make phone calls as part of the attack chain; and why techniques like thread hijacking can be so effective.

The driving force behind the widespread use of social engineering is the fact that it is effective -- despite defenders’ best efforts, cybercriminals continue to be successful at exploiting the human element to recognize financial gain. This is unlikely to change any time soon. The most sophisticated criminal organizations have evolved to mirror legitimate businesses and as a result have scaled to become more resilient while also recognizing greater profits than ever before. Until some factor creates a situation where the path of least resistance to monetization is not a person, threat actors will continue to capitalize by preying on human behaviors, instincts, and emotions.

Organizations must ingrain in their users the idea that malicious activity is regular, even inevitable. As this becomes more widely accepted and reporting/clearing pipelines for threats become more well-established within workflows, threat actors should have a progressively more difficult task in exploiting the human element.


About Proofpoint, Inc.

Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyberattacks. Leading organizations of all sizes, including 75% of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at

Connect with Proofpoint: Twitter | LinkedIn | Facebook | YouTube

Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.