Social engineering is not a new threat — adversaries have long used psychological manipulation to gain access, money, information and more. But as we learn in this episode from Shelly Giesbrecht, Director of Professional Services at CrowdStrike, it remains a top cybersecurity challenge for all organizations.

Today’s social engineers are more convincing than ever. Gone are the days of clunky phishing emails rife with spelling errors. Modern social engineering attacks arrive as convincing and well-crafted text messages, emails and voice calls. They prey on human emotion and instinct, creating situations where technology can’t always help.

“It really comes down to that human factor,” says Shelly. “We talk a lot about technology, and obviously CrowdStrike is a technology company, but we are fallible still at the human level — and that’s where social engineering is targeted.”

In a conversation that starts with impostor syndrome and quickly pivots to the impostors who are emailing employees and calling help desks, Adam, Cristian and Shelly explore the modern social engineering landscape. Shelly describes what her team is seeing on the front lines of incident response, how social engineering campaigns are evolving with the rise of AI, and guidance for organizations worried about this prolific technique.