Deceptive Intelligence - AI, Social Engineering, and Securing the Human Element

Read more

This book explores the transformative impact of artificial intelligence on social engineering and testing, offering a timely and necessary guide for navigating one of the most pressing challenges in modern cybersecurity. AI is not only revolutionizing how attackers exploit vulnerabilities but also how defenders test and strengthen their systems. With over 80% of data breaches attributed to human error or social engineering, and phishing responsible for 36% of successful cyberattacks, the stakes for organizations are higher than ever. The rise of AI tools capable of automating these attacks has introduced new complexities, making it critical for organizations to adopt advanced strategies to test their resilience.
The book's core mission is to equip cybersecurity professionals with the tools, knowledge, and frameworks to counter these AI-driven threats ethically and effectively. Readers will discover how to simulate sophisticated AI-enabled attacks, from deepfake impersonations to multi-channel phishing campaigns, all while respecting ethical boundaries. Practical applications are emphasized, such as leveraging open-source tools to mimic real-world attack scenarios and using AI to analyze human vulnerabilities. It also provides actionable guidance on building defenses and training programs that reflect the rapidly evolving threat landscape.
As AI tools like ChatGPT, deepfake generators, and voice synthesis platforms become increasingly accessible, their misuse in crafting malicious campaigns is accelerating. Research shows that 83% of organizations experienced a successful phishing attack in 2022, while incidents involving deepfakes rose 300% compared to the previous year. Meanwhile, the widespread availability of personal information on social media has created fertile ground for AI-driven reconnaissance, making targeted social engineering easier and more effective than ever. This book directly addresses these challenges, showing how to test against these threats before attackers can exploit them.
What makes this book essential is its focus on preparing organizations for the future of security testing. It goes beyond describing threats by offering a blueprint for integrating AI into their existing workflows, enabling defenders to think like attackers and stay one step ahead. From actionable case studies to ethical frameworks, it provides a comprehensive resource for testing and improving defenses in environments where the line between human and machine deception grows increasingly blurred. This is not just a book about threats-it's a call to action for organizations to evolve their approach to security and embrace AI's potential to strengthen their defenses.
What You Will learn:

• How AI reshapes social engineering and testing, acquiring the knowledge to simulate advanced threats such as AI-generated phishing, deepfakes, and automated reconnaissance.
• How to develop skills to implement open-source AI tools for crafting ethical attack simulations, testing human and organizational vulnerabilities, and strengthening defenses.
• How to prepare to navigate future challenges in AI-enabled security testing, ensuring readers remain adaptable as social engineering threats evolve.

Who This Book is for:
The primary audience includes technical positions, penetration testers, and security professionals (mid- to senior-level cybersecurity professionals, including penetration testers, red teamers, and SOC analysts, with 3-10 years of experience in technical roles); the secondary audience is managers, technical managers, strategists, and influencers, legal (5+ years in management or leadership roles, overseeing technical teams or developing security strategies); and the tertiary audience is beginners (Entry- to mid-level technical professionals exploring advanced cybersecurity techniques or AI applications).

List of contents

Chapter 1: The Machines Learn to Trick Us.- Chapter 2: From Confidence Tricks to Code .- Chapter 3: Why We Fall for It.- Chapter 4: Spying with Smarter Eyes.- Chapter 5: Algorithms That Know You Better Than You Do.- Chapter 6: Words That Work Like Magic.- Chapter 7: Faces and Voices That Aren t Real.- Chapter 8: Mining the Gold in Your Online Life.- Chapter 9: Phishing Smarter, Not Harder.- Chapter 10: The Chatbots That Never Sleep.- Chapter 11: Testing the Machines Tricks .- Chapter 12: Building Tools for a Human Weakness.- Chapter 13: The Human Element in an AI World.- Chapter 14: Fighting Fire with Fire.- Chapter 15: AI to Spot AI.- Chapter 16: Picking Up the Pieces.- Chapter 17: Playing by the Rules.- Chapter 18: Learning to Outsmart the Bots.- Chapter 19: What s Next in AI Trickery?.- Chapter 20: A Smarter, Safer Tomorrow.

About the author

Sean-Philip Oriyano has been actively working in the IT field since 1990. Throughout his career, he has held positions such as support specialist to consultants and senior instructor. Currently he is an IT instructor who specializes in infrastructure and security topics for various public and private entities. Sean has instructed for the US Air Force, Navy, and Army at locations both in North America and internationally. Sean is certified as a CISSP, CHFI, CEH, CEI, CNDA, SCNP, SCPI, MCT, MCSE, and MCITP, and he is a member of EC-Council, ISSA, Elearning Guild, and Infragard. 

Summary

This book explores the transformative impact of artificial intelligence on social engineering and testing, offering a timely and necessary guide for navigating one of the most pressing challenges in modern cybersecurity. AI is not only revolutionizing how attackers exploit vulnerabilities but also how defenders test and strengthen their systems. With over 80% of data breaches attributed to human error or social engineering, and phishing responsible for 36% of successful cyberattacks, the stakes for organizations are higher than ever. The rise of AI tools capable of automating these attacks has introduced new complexities, making it critical for organizations to adopt advanced strategies to test their resilience.
The book’s core mission is to equip cybersecurity professionals with the tools, knowledge, and frameworks to counter these AI-driven threats ethically and effectively. Readers will discover how to simulate sophisticated AI-enabled attacks, from deepfake impersonations to multi-channel phishing campaigns, all while respecting ethical boundaries. Practical applications are emphasized, such as leveraging open-source tools to mimic real-world attack scenarios and using AI to analyze human vulnerabilities. It also provides actionable guidance on building defenses and training programs that reflect the rapidly evolving threat landscape.
As AI tools like ChatGPT, deepfake generators, and voice synthesis platforms become increasingly accessible, their misuse in crafting malicious campaigns is accelerating. Research shows that 83% of organizations experienced a successful phishing attack in 2022, while incidents involving deepfakes rose 300% compared to the previous year. Meanwhile, the widespread availability of personal information on social media has created fertile ground for AI-driven reconnaissance, making targeted social engineering easier and more effective than ever. This book directly addresses these challenges, showing how to test against these threats before attackers can exploit them.
What makes this book essential is its focus on preparing organizations for the future of security testing. It goes beyond describing threats by offering a blueprint for integrating AI into their existing workflows, enabling defenders to think like attackers and stay one step ahead. From actionable case studies to ethical frameworks, it provides a comprehensive resource for testing and improving defenses in environments where the line between human and machine deception grows increasingly blurred. This is not just a book about threats—it’s a call to action for organizations to evolve their approach to security and embrace AI’s potential to strengthen their defenses.
What You Will learn:

• How AI reshapes social engineering and testing, acquiring the knowledge to simulate advanced threats such as AI-generated phishing, deepfakes, and automated reconnaissance.
• How to develop skills to implement open-source AI tools for crafting ethical attack simulations, testing human and organizational vulnerabilities, and strengthening defenses.
• How to prepare to navigate future challenges in AI-enabled security testing, ensuring readers remain adaptable as social engineering threats evolve.

Who This Book is for:
The primary audience includes technical positions, penetration testers, and security professionals (mid- to senior-level cybersecurity professionals, including penetration testers, red teamers, and SOC analysts, with 3–10 years of experience in technical roles); the secondary audience is managers, technical managers, strategists, and influencers, legal (5+ years in management or leadership roles, overseeing technical teams or developing security strategies); and the tertiary audience is beginners (Entry- to mid-level technical professionals exploring advanced cybersecurity techniques or AI applications).