AI is supercharging social engineering, raising risks for financial services firms

According to global cyber security technology company CrowdStrike, 81 per cent of interactive intrusions – attacks where adversaries establish an “active presence within a target network, often engaging in hands-on-keyboard activities to achieve their objectives – were malware free over the year to 30 June 2025.

With a 26 per cent increase in intrusions over the past year, the financial services sector continues to be a target of cyber attacks, however this is far from the only motivating factor.

Cyber crime remains the predominant cause of intrusions, however attacks coming from nation-state actors grew 80 per cent year-on-year, while e-crime saw a 10 per cent increase.

Speaking with ifa, CrowdStrike field CTO world wide Fabio Fratucello said financial institutions are a major target for all types of threat actors.

“I'm not going to say e-crime is disappearing, but e-crime was already high in the previous year, and what effectively metrics are telling us is that both nation state and crime have an interest in targeting financial institutions,” Fratucello said.

“If you think about it, usually financial institutions hold a lot of extremely valuable information in terms of both data and IP, as well as they are an amazing target and from an adversary perspective.”

He explained that the rise of malware-free intrusions has come as a result of stronger barriers at the endpoint.

“They were targeting the endpoint … where you have user interaction, people typing on a keyboard, and code execution, so you can exploit the interconnectedness of the human and the machine together,” Fratucello said.

“What threat actors do – they have KPIs and return on investment – is there an easier way to make the same money? And the answer is, let's look at the identity. Identity today is the new perimeter.

“We need to bring a detection and response and a prevention lens into the identity domain.”

He added that these social engineering-type intrusions are utilising generative AI tools to create more convincing versions of standard methods.

“Social engineering is extremely prevalent, and that really leads into an identity based type of attack,” Fratucello said.

“When we look at the effectiveness of a social engineering attack, think of an email or a text or a combination, when generated through a genAI tool, the click through rate, which is that the effectiveness that is measured in cyber security, is significantly higher than human generated.”

According to Fratucello, the main takeaways for advice firms and any other financial services business are largely around securing identities.

“We go back to identities. Have good capabilities at the identities, secure them, have prevention, detection and response capabilities in place. You need to be able to defend your cloud environment,” he said.

“Think of a house: you need to secure the door, you need to secure the window, you need to have cameras outside all of the different components. They're actually technical capabilities that secure a specific element within the cloud.”

One way of doing this, Fratucello explained, is ensuring that you are utilising a modern defensive solution.

“We know they're using AI. Guess what? AI is just a technology,” he said.

“AI works extremely well from a defensive standpoint as well, so embrace AI, embrace the AI security capabilities that are available today, that are getting developed for tomorrow, because that is going to retake the advantage in terms of speed, in terms of consistency, in terms of taking out human error from the adversary.”