Infosecurity Europe 2025 Highlights Evolving Threats and Key Cybersecurity Trends
Infosecurity Europe 2025 brought together industry experts to address pressing cybersecurity challenges, with a strong emphasis on foundational defenses amid rapid technological change. Among the most critical trends discussed were the evolution of social engineering tactics, the persistent threat of credential compromise, and the need for frictionless security measures.
Social Engineering Shifts to Phone-Based Attacks
Threat actors are increasingly leveraging phone calls—either alone or alongside phishing emails—to deceive employees into divulging credentials. Erhan Temurkan, Technology & Security Director at Fleet Mortgages, warned of scams impersonating IT departments, urging password resets. These attacks are harder to block than email phishing, as organizations cannot easily filter legitimate calls. Deepfake technology has further amplified the risk, making fraudulent calls nearly indistinguishable from trusted voices. To counter this, experts recommend implementing multi-factor authentication (MFA) with pre-agreed passcodes or phrases as an additional layer of defense.
Credential Theft Remains a Top Threat
Research from Rapid7 revealed that 56% of compromises in Q1 2025 stemmed from stolen credentials, often due to the absence of MFA. Thom Langford, CTO for EMEA at Rapid7, emphasized that attackers frequently exploit basic weaknesses, such as tricking users into surrendering login details. Cloud environments are particularly vulnerable, with SaaS account takeovers serving as a common entry point for privilege escalation. While MFA is essential, SMS-based 2FA is increasingly risky due to SIM-swapping attacks. Temurkan urged organizations to adopt phishing-resistant MFA, such as FIDO2-compliant biometrics or physical security keys, which have become more accessible.
Balancing Security and Usability
Security leaders stressed the importance of minimizing friction in cybersecurity measures to ensure employee compliance. Langford noted that excessive controls can hinder productivity, making user experience a critical consideration. Passwordless authentication, biometrics, and single sign-on (SSO) were highlighted as solutions that enhance security without disrupting workflows. Temurkan underscored the need for the industry to prioritize usability while strengthening defenses, ensuring that security measures remain effective without becoming burdensome.
Source: https://www.infosecurity-magazine.com/news/cyber-trends-cisos-know/
Fleet Mortgages cybersecurity rating report: https://www.rankiteo.com/company/fleet-mortgages
"id": "FLE1766548241",
"linkid": "fleet-mortgages",
"type": "Cyber Attack",
"date": "6/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'attack_vector': ['Phone Calls', 'Email Phishing', 'Deepfake Impersonation'],
'data_breach': {'sensitivity_of_data': 'High (e.g., admin-level SaaS access)',
'type_of_data_compromised': ['Credentials', 'Sensitive Data']},
'description': 'Threat actors are evolving social engineering tactics by '
'using phone calls (alone or combined with emails) to trick '
'employees into revealing credentials, often impersonating IT '
'departments. Deepfake technology exacerbates these scams, '
'making them harder to detect. Organizations struggle to block '
'such attacks due to the difficulty of filtering legitimate '
'phone calls. Additional defenses like pre-agreed passcodes or '
'MFA are recommended. Credential compromise remains a primary '
'attack vector, with 56% of Q1 2025 compromises resulting from '
'stolen valid accounts without MFA. SIM-swapping attacks '
'further undermine SMS-based 2FA, driving the need for '
'phishing-resistant MFA (e.g., FIDO standards). Cybersecurity '
'measures must balance security and usability to ensure '
'employee adherence.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'credential theft or data breaches',
'identity_theft_risk': 'High risk of identity theft due to '
'credential compromise',
'operational_impact': 'Potential unauthorized access to sensitive '
'data and systems',
'systems_affected': ['SaaS Accounts', 'Internal Networks']},
'initial_access_broker': {'entry_point': ['Phone Calls', 'Email Phishing'],
'high_value_targets': ['SaaS Accounts',
'Admin Roles']},
'lessons_learned': '1. Social engineering tactics are evolving beyond email '
'phishing to include phone calls and deepfake '
'impersonation. 2. Credential compromise remains a '
'dominant attack vector, emphasizing the need for MFA. 3. '
'SMS-based 2FA is vulnerable to SIM-swapping attacks, '
'necessitating phishing-resistant MFA. 4. Cybersecurity '
'measures must prioritize usability to ensure employee '
'adherence.',
'motivation': ['Initial Access', 'Credential Theft', 'Privilege Escalation'],
'post_incident_analysis': {'corrective_actions': ['Deploy phishing-resistant '
'MFA',
'Replace SMS-based 2FA',
'Implement passwordless '
'authentication',
'Enhance user training on '
'social engineering'],
'root_causes': ['Lack of MFA',
'Weak authentication (SMS-based '
'2FA)',
'Human error in credential '
'disclosure',
'Insufficient user awareness']},
'recommendations': ['Implement phishing-resistant MFA (e.g., FIDO standards, '
'biometrics, or physical security keys).',
'Replace SMS-based 2FA with more secure alternatives.',
'Adopt passwordless authentication methods (e.g., '
'biometrics, SSO).',
'Establish pre-agreed passcodes or phrases for internal '
'verification.',
'Enhance monitoring for SaaS account compromises and '
'privilege escalation.',
'Balance security controls with user experience to reduce '
'friction.'],
'references': [{'date_accessed': '2025', 'source': 'Infosecurity Magazine'},
{'date_accessed': '2025',
'source': 'Rapid7 Research (Q1 2025)'},
{'date_accessed': '2025',
'source': 'Darktrace (Dr. Beverly McCann)'},
{'date_accessed': '2025',
'source': 'Fleet Mortgages (Erhan Temurkan)'}],
'response': {'containment_measures': ['Implementation of MFA',
'Pre-agreed passcodes/phrases'],
'remediation_measures': ['Adoption of phishing-resistant MFA '
'(FIDO standards)',
'Passwordless authentication '
'(biometrics, SSO)']},
'type': ['Social Engineering', 'Credential Compromise'],
'vulnerability_exploited': ['Lack of MFA',
'Weak Authentication (SMS-based 2FA)',
'Human Error']}