Trends in cybersecurity across 2024 showed less malware and phishing, though more social engineering. CrowdStrike offers tips on securing your business.
Phishing was no longer as common in 2024 as before, according to CrowdStrike’s 2025 Global Threat Report. Threat actors trend toward accessing legitimate accounts through social engineering techniques like voice phishing (vishing), callback phishing, and help desk social engineering attacks.
We’re well within the era of what cybersecurity technology CrowdStrike called “the enterprising adversary,” with malware-as-a-service and criminal ecosystems replacing the old-fashioned image of the lone threat actor. Attackers are also using legitimate remote management and monitoring tools where they might once have chosen malware.
Threat actors take advantage of generative AI
Threat actors are using generative AI to craft phishing emails and carry out other social engineering attacks. CrowdStrike found threat actors using generative AI to:
- Create fictitious LinkedIn profiles in hiring schemes such as those carried out by North Korea.
- Create deepfake video and voice clones to commit fraud.
- Spread disinformation on social media.
- Create spam email campaigns.
- Write code and shell commands.
- Write exploits.
Some threat actors pursued gaining access to the LLMs themselves, particularly models hosted on Amazon Bedrock.
Explore emtech 360 for the latest advancements in Information Technology & insightful updates from industry experts!
Source : https://www.techrepublic.com/article/crowdstrike-2025-global-threat-report/
