AI-Powered Attacks and the Rise of Mobile Social Engineering
Source: Verizon Data Breach Investigations Report (DBIR) 2026
Artificial Intelligence is no longer a future cybersecurity concern.
It has already become part of the modern attack lifecycle.
The Verizon 2026 DBIR provides some of the clearest evidence yet that threat actors are actively leveraging AI to improve efficiency, scale, and targeting.
Cybercriminals Are Using AI Today
The report found that threat actors are using Generative AI throughout multiple attack stages, including:
Target research
Initial access
Malware development
Tool creation
Vulnerability discovery
The median malicious actor studied used AI assistance across approximately 15 attack techniques. Some used AI for 40–50 techniques.
This isn't experimental anymore.
It's operational.
AI Is Making Attackers Faster, Not Necessarily Smarter
One important DBIR conclusion stands out.
AI is not yet creating entirely new attack methods.
Instead, it is helping attackers automate techniques they already use successfully.
Think of AI as an efficiency multiplier.
Cybercriminals can now:
Write phishing content faster
Generate malware variations
Research targets more efficiently
Scale operations with fewer resources
The Human Element Remains the Weakest Link
Despite all the discussion around AI, people remain central to breaches.
The report found that:
62% of breaches involved a human element.
That number has remained consistently high.
Mobile Attacks Are More Effective Than Email
One of the most interesting findings involves social engineering.
According to Verizon:
Mobile-centric attacks achieve click rates approximately 40% higher than email-based attacks.
Attackers increasingly use:
Voice calls
SMS messages
Mobile notifications
Impersonation tactics
Pretexting scenarios
The goal is to catch users distracted and away from traditional security controls.
Why Pretexting Is Growing
Pretexting involves creating a believable scenario to convince a victim to take action.
Examples include:
Fake IT support calls
Vendor impersonation
Executive impersonation
MFA reset requests
The DBIR notes that pretexting is increasingly appearing in ransomware attacks and extortion campaigns.
Executive Takeaways
Expand Security Awareness Beyond Email
Train employees on voice, SMS, and mobile-based attacks.
Verify High-Risk Requests
Require validation for credential resets and financial transactions.
Monitor Emerging AI Risks
Expect attackers to become faster and more convincing.
Focus on Human-Centered Security
Technology alone will not solve social engineering.
Final Thought
AI may be changing how attacks happen.
Human trust is still why attacks succeed.
In Part 4, we'll explore Shadow AI, insider risk, and the cybersecurity strategies organizations must adopt moving forward.
Ready to see where your company defenses stand?
👉 Request your customized cyber vulnerability report today and stay ahead of threats.
👉 Gain insights into your unique cybersecurity vulnerabilities with a custom report.
👉 Train your team to be your first line of defense
📞 Schedule a call today or 📧 contact us for a consultation.
