Job postings for English-language social engineering has more than doubled between 2024 and mid-2025.
English-speaking cyber-criminals skilled in social engineering are increasingly sought after in underground forums, signaling a troubling rise in targeted attacks.
According to a report from ReliaQuest, and reported by The Register, job postings for English-language social engineering has more than doubled between 2024 and mid-2025, suggesting such attacks will continue to grow in frequency and sophistication.
Aaron Painter, CEO of Nametag, described the trend as "impersonation-as-a-service," where attackers purchase ready-made toolkits, training, and scripts to conduct infiltration campaigns often paired with ransomware.
Recent breaches highlight this shift: the ShinyHunters gang, collaborating with Scattered Spider, leveraged social engineering techniques to steal Salesforce credentials from major companies, including Dior, Chanel, Pandora, Allianz, Google, and Workday.
Experts warn that AI advancements are making these scams easier to execute, while tactics borrowed from state-backed hackers, such as reconnaissance, lateral movement, and stealth, are becoming commonplace.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
