Avoiding Low-Tech, Human-Centric Cyber Attacks

Uploaded on 2025-05-28 in FREE TO VIEW

Latest research highlights that cybercriminals are finding more success in low-tech, high-impact, human-centric tactics. Callback scams – a social engineering attack where victims are tricked into calling a seemingly legitimate phone number through emails or texts to reveal sensitive information or download malware – is an example.

In the first quarter of 2025, callbacks accounted for nearly one in five phishing attempts. For cybercriminals, callbacks are the low-hanging fruit – rather than making the effort to make the phishing call, the victims themselves initiate the phishing phone call. Likewise, cybercriminals find phishing wins with links, attachments, and QR codes.  

Human-centric Attacks Bypass Defences

This kind of human deception is enabling cybercriminals to bypass conventional defences more effectively. Social engineering scams like these are a significant weak spot as they don’t rely on malware and are easily able to bypass email security.

Take malicious phishing attachments. These are increasing because criminals are finding it easy to slide infected files past mechanical email scans, which now have become proficient at spotting compromised links. And possibly also because emails that leave no trace at all, like callback scams, are the safest bet of all.

Another example is SVG file images. Cybercriminals are favouring these files as attachments over PDF attachments. SVG file attachments accounted for 34% of phishing attacks in Q1 of this year. Criminals bypass anti-phishing defences by embedding the <script> tag of an SVG file with a malicious URL. Attackers execute JavaScript when the link is opened in a web browser, redirecting the user to a compromised website.

So, what can organisations do? Give them a taste of their own medicine, perhaps?

Weaponise Cybercriminals’ Own Actions Against Them

This shift in cybercriminals’ preference towards low-tech, high-impact tactics, a rethink of email security is needed, taking into consideration the human element as well as technological prowess.

With email being the primary vehicle of such low-tech scams, email security demands an approach that weaponises cybercriminals’ own actions and uses their patterns to create a unique, future-proofed response.

Cyberthreats are not static. They continually evolve, adapting, innovating, and refining their methods to slip past traditional email security defences. To stay ahead, defenders must do more than react; they must understand the enemy. This means closely analysing attacker behaviour, tactics, techniques, and procedures (TTPs). For example, tracking the rise of SVG-based phishing reveals the need for targeted detection of embedded malicious scripts within these types of files.

These insights offer critical, real-time intelligence that informs not just current defences but also anticipates future threats.

Effective defence begins with recognising and decoding the digital footprints attackers leave behind. If callback phishing is on the rise, systems can be trained to flag emails containing suspicious callback requests. If SVGs are being exploited, scanning tools can be tuned to detect hidden payloads. Every malicious campaign offers clues, digital breadcrumbs left behind by the attackers that, if analysed correctly, can be turned against them.

This intelligence-driven approach transforms email security from a static filter into a dynamic, context-aware defence system. One-size-fits-all solutions no longer suffice. Instead, defences must be tailored to the specific threats that an organisation faces and the vulnerabilities most likely to be targeted.

Relying solely on traditional email security approaches (for example, file type filtering alone, heuristic scanning) is no longer enough.

Attackers know how to bypass them. Staying ahead means being proactive, predicting attacker moves, not just responding to them. When we weaponise our understanding of attacker behaviour, we build adaptable, resilient defences that adapt as quickly as the cyberthreats do.

In today’s fast-moving threat landscape, the only way to stay secure is to evolve faster than the attackers. Security must be as agile and creative as the threats it faces. Only then can we turn the tide from reactive defence to intelligent, anticipatory protection.

Oliver Paterson is Director of Product Management at VIPRE Security Group

Image: Ideogram

You Might Also Read:

Understanding Social Engineering Attack Methods:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Financial Services Institutions Must Protect Themselves From Downtime
Lockbit Ransomware Group Hacked »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Red Hat

Red Hat

Red Hat is a leader in open source software development. Our software security team proactively identifies weaknesses before they become problems.

Herjavec Group

Herjavec Group

Herjavec Group's Managed Security Services practice defends your organization from increasingly sophisticated, targeted cybercrime threats.

Cyber Security Research Centre - University of Cardiff

Cyber Security Research Centre - University of Cardiff

Cardiff University's Centre for Cyber Security Research is a leading UK academic research unit for cyber security analytics.

International Federation of Robotics (IFR)

International Federation of Robotics (IFR)

The International Federation of Robotics connects the world of robotics around the globe. Our members come from the robotics industry, industry associations and research & development institutes.

Source Defense

Source Defense

Source Defense provides websites with the first ever prevention technology for attacks of third-party origin.

Trapezoid

Trapezoid

Trapezoid is a cybersecurity company developing Firmware Integrity Management solutions designed to detect unauthorized changes to firmware & BIOS across the entire data center infrastructure.

Kryptus

Kryptus

Kryptus provides a wide array of solutions for hardware, firmware and software ranging from semiconductors to complex digital certificate management systems.

Aspisec

Aspisec

Aspisec is a cybersecurity company specialized in Firmware Security and Critical Infrastructure Protection.

Haechi Audit

Haechi Audit

Haechi Audit is a leading smart contract security audit firm. We provide the most secure smart contract security audit and smart contract development services to our global clients.

ShorePoint

ShorePoint

ShorePoint is an elite cybersecurity firm dedicated to improving the cyber resilience of Federal agencies and their missions.

Aristi Technologies

Aristi Technologies

Aristi provides cybersecurity risk and compliance services to help manage your unique cyber risks, safeguarding your systems and data and complying with government and industry standards.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Great American Insurance Group

Great American Insurance Group

Great American's Cyber Risk Division offers cyber solutions for small and medium-sized businesses.

ThreatView by Turaco Labs

ThreatView by Turaco Labs

ThreatView combines extensive experience in digital forensics with advanced analytics and threat detection capabilities to protect eCommerce websites.

RAH Infotech

RAH Infotech

RAH Infotech is India’s leading value added distributor and solutions provider in the Network and Security domain. We are specialists in Enterprise and App Security and Application Delivery.

Replica

Replica

Replica creates authentic virtual environments that ensure identities and assets are always protected no matter where or what work needs to get done.

CodeShield

CodeShield

CodeShield is a SaaS that helps software developers and security teams secure IAM in the public cloud. With us, you detect IAM privilege escalations easily and achieve least privilege.