Expansion in the underground market of cybercriminals indicates a growing prevalence of social engineering tactics

In the ever-evolving world of cybersecurity, the need for robust defenses has never been more crucial. According to a report by ReliaQuest, businesses are advised to employ professional vulnerability management, including regular scans and reporting, and implement a risk-based security concept. This approach regularly identifies vulnerable and high-value assets, prioritizing them based on their respective risk levels.

As the cybersecurity landscape continues to change, so does the demand for skilled professionals. The underground job market is becoming increasingly professional, with 87% of job listings being posted by criminal 'headhunters' who search the dark web for technicians with specialized attack skills. This trend is reflected in the report by ReliaQuest, which states that the number of job listings in the cybercriminal job market has more than doubled between 2024 and 2025.

The growing sophistication of cybercriminals is evident in the increasing demand for AI experts. CrowdStrike's report between January 1, 2023, and July 31, 2025, indicates that job postings for cybercriminal roles more than doubled between 2024 and 2025. These experts are sought after to automate attack operations, making cybercrime more organized, specialized, and efficient.

The rise of AI in the cybercriminal world also extends to the use of AI-powered deepfake technologies, which are expected to increase in the market. This development could potentially become a cost-effective alternative for many cybercriminals.

To combat these threats, companies are urged to reduce their human risks by implementing modern Human Risk Management systems. Modern Human Risk Management uses AI for personalized and automated Phishing Training, Education, and Testing. Dr. Martin J. Krämer, Security Awareness Advocate at KnowBe4, emphasizes the importance of this approach, stressing that the entire workforce must be able to recognize even the subtlest signs of social engineering, phishing, and spear-phishing.

Moreover, ReliaQuest advises providing professional training and testing for the entire staff to help build a vigilant workforce that can effectively resist manipulation attempts. This training is becoming increasingly important as the growing use of AI by cybercriminals increases the urgency for such measures.

In the fight against cyber threats, employees have become the best defense. Modern Anti-Phishing Email Technologies combine AI with Crowdsourcing for early detection and defense. AI is also used to detect and defend against the latest Zero Day threats in these technologies.

As the cybersecurity landscape continues to evolve, it is clear that businesses must adapt and strengthen their defenses to stay ahead of the threat. By implementing modern Human Risk Management systems and providing regular training, companies can ensure their employees are ready to recognize and resist the latest cyber threats.