By InnoSec August 26, 2025
For years, phishing emails were a very popular and effective tool for cybercriminals. They contained messages pretending to be from the recipient’s bank or a familiar company, designed to steal the victim’s login details. While phishing is still common, social engineering has evolved far beyond those emails. Contemporary scammers are using more sophisticated techniques, blending psychology with technology to manipulate people into giving up information, money, or access.
One of the biggest shifts is the rise of deepfakes, that is highly realistic fake videos, audio clips, or images generated by artificial intelligence. Cybercriminals now use AI-powered voice cloning to impersonate CEOs in phone calls, tricking employees into transferring funds. Others create fake video messages that look like they came from trusted colleagues or even family members. These scams prey on trust, making it harder for people to tell what’s real and what’s fake.
At the same time, old methods haven’t disappeared; instead, they’ve just been upgraded. Phishing emails are now polished, error-free, and often personalised using information scraped from social media. Fake “tech support” calls are powered by AI chatbots that can hold natural conversations. Even simple text message scams have become more believable, often spoofing real numbers and mimicking the tone of actual companies. The tools may be new, but the goal is the same: to trick the victim into clicking, sharing, or paying.
For everyday users, the evolution of social engineering is both a warning and a reminder. While technology has made scams harder to spot, the best defense is still human awareness. Pausing before clicking, verifying requests through a second channel, and staying cautious with what is being shared online. Cybercriminals are more creative than ever, but with the right habits, one can still stay ahead of their tricks.