Published originally on January 16, 2026 by Kevin Townsend on SecurityWeek.
SecurityWeek’s Cyber Insights 2026 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we explore AI-assisted social engineering attacks, with the purpose of evaluating what is happening now and preparing leaders for what lies ahead in 2026 and beyond.
The most successful breaches in 2026 are likely to exploit trust, not vulnerabilities. All courtesy of artificial intelligence (AI).
We’re going to explore how AI-assisted social engineering attacks might evolve from 2026 onward, and how cybersecurity could, and perhaps should, adapt to meet the new challenge. The threat is no longer against individuals, nor even businesses, but entire cultures.
...
Mark St. John, COO and co-founder at Neon Cyber, warns, “The ever-accelerating ability for AI to mimic brands, applications, human voice and video is going to take fraud in 2026 to new, dystopian levels. What we are witnessing with attacks like the video-driven ClickFix phishing attacks, which are already wildly successful, will be a blueprint for future attacks in which something that seems completely normal, spurred with urgency, will fool not just the indiscriminate user but also the more tech-savvy and aware.”
...
To stay ahead next year, businesses must start treating browsers as critical infrastructure, he suggests. “That means tightening access and identity controls, improving endpoint and cloud-level monitoring, and training users to recognize the new generation of attacks. Awareness alone won’t be enough – defenses rely on both user and system resilience working in concert.”
Read the full article on SecurityWeek.