Avoiding Low-Tech, Human-Centric Cyber Attacks

Uploaded on 2025-05-28 in FREE TO VIEW

Latest research highlights that cybercriminals are finding more success in low-tech, high-impact, human-centric tactics. Callback scams – a social engineering attack where victims are tricked into calling a seemingly legitimate phone number through emails or texts to reveal sensitive information or download malware – is an example.

In the first quarter of 2025, callbacks accounted for nearly one in five phishing attempts. For cybercriminals, callbacks are the low-hanging fruit – rather than making the effort to make the phishing call, the victims themselves initiate the phishing phone call. Likewise, cybercriminals find phishing wins with links, attachments, and QR codes.  

Human-centric Attacks Bypass Defences

This kind of human deception is enabling cybercriminals to bypass conventional defences more effectively. Social engineering scams like these are a significant weak spot as they don’t rely on malware and are easily able to bypass email security.

Take malicious phishing attachments. These are increasing because criminals are finding it easy to slide infected files past mechanical email scans, which now have become proficient at spotting compromised links. And possibly also because emails that leave no trace at all, like callback scams, are the safest bet of all.

Another example is SVG file images. Cybercriminals are favouring these files as attachments over PDF attachments. SVG file attachments accounted for 34% of phishing attacks in Q1 of this year. Criminals bypass anti-phishing defences by embedding the <script> tag of an SVG file with a malicious URL. Attackers execute JavaScript when the link is opened in a web browser, redirecting the user to a compromised website.

So, what can organisations do? Give them a taste of their own medicine, perhaps?

Weaponise Cybercriminals’ Own Actions Against Them

This shift in cybercriminals’ preference towards low-tech, high-impact tactics, a rethink of email security is needed, taking into consideration the human element as well as technological prowess.

With email being the primary vehicle of such low-tech scams, email security demands an approach that weaponises cybercriminals’ own actions and uses their patterns to create a unique, future-proofed response.

Cyberthreats are not static. They continually evolve, adapting, innovating, and refining their methods to slip past traditional email security defences. To stay ahead, defenders must do more than react; they must understand the enemy. This means closely analysing attacker behaviour, tactics, techniques, and procedures (TTPs). For example, tracking the rise of SVG-based phishing reveals the need for targeted detection of embedded malicious scripts within these types of files.

These insights offer critical, real-time intelligence that informs not just current defences but also anticipates future threats.

Effective defence begins with recognising and decoding the digital footprints attackers leave behind. If callback phishing is on the rise, systems can be trained to flag emails containing suspicious callback requests. If SVGs are being exploited, scanning tools can be tuned to detect hidden payloads. Every malicious campaign offers clues, digital breadcrumbs left behind by the attackers that, if analysed correctly, can be turned against them.

This intelligence-driven approach transforms email security from a static filter into a dynamic, context-aware defence system. One-size-fits-all solutions no longer suffice. Instead, defences must be tailored to the specific threats that an organisation faces and the vulnerabilities most likely to be targeted.

Relying solely on traditional email security approaches (for example, file type filtering alone, heuristic scanning) is no longer enough.

Attackers know how to bypass them. Staying ahead means being proactive, predicting attacker moves, not just responding to them. When we weaponise our understanding of attacker behaviour, we build adaptable, resilient defences that adapt as quickly as the cyberthreats do.

In today’s fast-moving threat landscape, the only way to stay secure is to evolve faster than the attackers. Security must be as agile and creative as the threats it faces. Only then can we turn the tide from reactive defence to intelligent, anticipatory protection.

Oliver Paterson is Director of Product Management at VIPRE Security Group

Image: Ideogram

You Might Also Read:

Understanding Social Engineering Attack Methods:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Financial Services Institutions Must Protect Themselves From Downtime
Lockbit Ransomware Group Hacked »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Team Cymru Research NFP

Team Cymru Research NFP

Team Cymru Research is a group of technologists passionate about making the Internet more secure and dedicated to that goal.

Xcitium

Xcitium

Xcitium (formerly Comodo) is and industry leading provider of state-of-the-art endpoint protection solutions. Our Zero threat platform isolates and removes all ransomware & malware infectictions.

Cyberkov

Cyberkov

Cyberkov services include Pentesting, Vulnerability Assessments, Digital Forensics, Incident Response, Source Code Analysis and Security Training.

iosiro

iosiro

iosiro was created to guide companies through securely using blockchain technologies. We help teams launch and manage ICOs, deploy secure dApps, and integrate private networks into business practices.

VIBE Cybersecurity International

VIBE Cybersecurity International

VIBE’s certificate-less authenticated encryption enables scalable, flexible key exchange, and other advanced cryptographic functions using identity-based elliptic curve cryptosystems (ECC).

Lexsynergy

Lexsynergy

Lexsynergy is a global domain name management and online brand protection company.

Navixia

Navixia

As a leading Swiss IT security specialist, Navixia offers a global and pragmatic approach to information security.

Seknox

Seknox

Seknox TRASA™ protects your business from insider threats.

Vumetric Cybersecurity

Vumetric Cybersecurity

Vumetric is an ISO9001 certified company offering penetration testing, IT security audits and specialized cybersecurity services.

Risk Strategies

Risk Strategies

Risk Strategies is a leading specialty risk management consultancy and insurance broker offering smarter, practical approaches to risk mitigation including Cyber Liability insurance.

Ministry of Electronics & Information Technology (MeitY) - India

Ministry of Electronics & Information Technology (MeitY) - India

The Ministry of Electronics & Information Technology is an executive agency responsible for IT policy, strategy and development of the electronics industry.

Moonsense

Moonsense

Moonsense is on a mission to level the playing field in the fight against online fraud.

Dexian

Dexian

Dexian is a leading provider of staffing, IT, and workforce solutions with nearly 12,000 employees and 70 locations worldwide.

DIGISOC

DIGISOC

DIGISOC, a leader in Latin America in Cybersecurity solutions, combines machine learning with human intelligence to be effective in detecting cyber threats.

Aztek

Aztek

Aztek is one of the UK’s leading Managed Service Providers, providing customer-focused IT, Communication and Cyber Security solutions to help transform and grow your business.

SYTECH

SYTECH

SYTECH is a leading digital forensics and consultancy provider. We empower decision making through subject-matter expertise.