Cybercriminals’ Focus: People, Not Machines

Despite increasingly advanced technical defenses such as firewalls and security software, the number of data breaches continues to rise. The reason is clear: attackers are increasingly targeting us humans. Social engineering is all about exploiting human behavior – our stress, lack of attention, and our innate desire to help. These were some of the key conclusions from a webinar where Junglemap invited Kristoffer Skappel, founder of SimpleWeb and Styret.com, and Anders Lindstad, from Institutt for organisasjon, ledelse og kontroll at Handelshøyskolen Innlandet, to discuss the latest trends in social engineering.

September 24, 2025
Author:
Per Lagerström
Director of Communication & Marketing
Reviewer:
Bianca van Dam
Marketing Manager
Spread the word

From Nigerian letters to AI-generated attacks

An important insight is that even “bad” phishing emails can be strategic. By sending out mass emails, fraudsters filter out the most vulnerable recipients. With AI, attacks have become even more sophisticated – language errors are corrected, messages are customized, and social media is used for grooming. The result is more personal and convincing manipulation.

Human factors and organisational culture

The panel emphasized that this is not about individual “mistakes,” but about human mechanisms. We want to help, we want to fit in, and we can all have a bad day. That is why organizational culture is crucial. A strong security culture should be integrated into the overall corporate culture – not isolated as a side initiative. Psychological safety plays a key role here: employees must feel free to ask questions without fear of being judged.

AI – threats and opportunities

AI can strengthen the tools of attackers, but also our defenses. Automated attacks mean more people can be affected more quickly, but awareness and training can reduce the risk. Junglemap is now developing a new course on AI and manipulation to help organizations understand and counter these emerging threats.

Trust vs. healthy skepticism

In Scandinavia, we live in societies characterized by high levels of trust. This is a strength – but also a vulnerability. Too much naivety makes us easy to deceive, while too much distrust hinders collaboration. The balance lies in healthy skepticism: questioning when something feels off, without losing the ability to trust others.

Conclusion: Security starts with us

The panel concluded with the following:

  • Use two-factor authentication – even in your private life.
  • Dare to ask questions – better once too often than falling into a trap.
  • Strengthen the organisational culture – create an environment where security is a natural part of everyday life.

It is not the computer that is the weak point – it is us humans. But with the right knowledge, culture, and vigilance, we can withstand even the most sophisticated attacks.

More blog posts you might be interested in

September 24, 2025
Information Security

Cybercriminals’ Focus: People, Not Machines

Despite increasingly advanced technical defenses such as firewalls and security software, the number of data breaches continues to rise. The reason is clear: attackers are increasingly targeting us humans.
Read more
September 18, 2025
NanoLearning

Focus on your targeted audience and their learning – some thoughts on gamification

What is gamification, really? Is it an effective way to strengthen organisational learning? And perhaps more importantly: can it help us achieve the true purpose of our information security courses – to reinforce our human firewalls?
Read more
June 16, 2025
Privacy

4 security tips when working and travelling

Travelling with work? Keep data safe with four easy tips: limit what you bring, secure your devices, avoid public wifi, and stay aware of your surroundings.
Read more
View all