* [Blog](https://www2.paloaltonetworks.com/blog) * [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/) * [Threat Intelligence](https://www2.paloaltonetworks.com/blog/category/threat-intelligence/?lang=zh-hant) * 社交工程攻擊日益猖獗... # 社交工程攻擊日益猖獗 [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2025%2F09%2Fsocial-engineering-attacks-increasing%2F%3Flang%3Dzh-hant) [](https://twitter.com/share?text=%E7%A4%BE%E4%BA%A4%E5%B7%A5%E7%A8%8B%E6%94%BB%E6%93%8A%E6%97%A5%E7%9B%8A%E7%8C%96%E7%8D%97&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2025%2F09%2Fsocial-engineering-attacks-increasing%2F%3Flang%3Dzh-hant) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2025%2F09%2Fsocial-engineering-attacks-increasing%2F%3Flang%3Dzh-hant&title=%E7%A4%BE%E4%BA%A4%E5%B7%A5%E7%A8%8B%E6%94%BB%E6%93%8A%E6%97%A5%E7%9B%8A%E7%8C%96%E7%8D%97&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2025/09/social-engineering-attacks-increasing/?lang=zh-hant&ts=markdown) [](mailto:?subject=社交工程攻擊日益猖獗) Link copied By [Michael Sikorski](https://www.paloaltonetworks.com/blog/author/michael-sikorski/?lang=zh-hant&ts=markdown "Posts by Michael Sikorski") Sep 04, 2025 1 minutes [Threat Intelligence](https://www.paloaltonetworks.com/blog/category/threat-intelligence/?lang=zh-hant&ts=markdown) **網路犯罪分子與國家級駭客運用精密社交工程手法,對全球組織發動大規模攻擊** Palo Alto Networks的 Unit 42威脅情報小組近日發布《2025年Unit 42 全球事件回應報告:社交工程專刊》。本報告深入探討過去一年中最常見的初始攻擊手法──社交工程。在這段期間內,超過三分之一的 Unit 42 事件回應案件,都是從社交工程攻擊手法開始的。 報告分析了攻擊者如何透過操弄信任來入侵企業網路,進而造成業務中斷與財務損失。本報告內容結合 Palo Alto Networks 的威脅偵測資料、超過 700 起事件回應案例,以及 Unit 42 的威脅研究成果。 **社交工程數據揭示人性弱點如何被駭客利用** 根據 Unit 42 的觀察,社交工程是最常見的初始入侵手法,其中網路釣魚(phishing)占了 65% 的社交工程案例。這類攻擊通常鎖定高權限帳號(66%),經常冒充內部人員身分(45%),並使用 回撥(callback)或語音相關技術(23%)。隨著駭客開始運用人工智慧技術,這些手法也愈趨精密難辨。 社交工程之所以能成功,源於利用人類行為與薄弱的控管,而非技術上的漏洞。我們的數據顯示,以下幾項關鍵模式,是促使社交工程攻擊得逞的主因: * \*\*業務中斷風險高:\*\*在社交工程攻擊事件中,有 60% 導致資料外洩,比其他初始入侵手法高出 16 個百分點。其中,商務電子郵件詐騙(BEC)占了約一半,且近 60% 的 BEC 攻擊最終導致資料外洩。 * \*\*新型攻擊手法崛起:\*\*雖然釣魚攻擊仍是主流,但有 35% 的社交工程案例採用其他手法,例如 SEO 關鍵字毒化(SEO poisoning)、惡意廣告(malvertising)、簡訊詐騙(smishing)與 MFA 轟炸攻擊(MFA bombing)。攻擊者逐步擴展戰場,不再僅侷限於電子郵件,而是延伸至其他平台與裝置。 * \*\*控管缺口明顯:\*\*在所有社交工程案例中,有 13% 發現警示遭忽略、10% 存在過度權限問題,另有 10% 未部署多重身分驗證(MFA)。資安團隊人力不足、疲於應付,常導致忽略或降低對警示的優先處理。 **AI** **推動社交工程攻擊邁入新世代** 人工智慧正在重塑社交工程威脅樣貌。雖然傳統手法依然猖獗,但攻擊者如今已利用 AI 工具來提升 攻擊速度、擬真程度與規模。 Unit 42 在資安事件中觀察到 三種層級的 AI 工具運用方式: * **自動化**工具加速入侵流程。 * **生成式人工智慧(** **Generative AI** \*\*)\*\*製作擬真人類的內容,用於個人化誘餌、語音克隆及互動適應。 * **自主型人工智慧(** **Agentic AI** \*\*)\*\*能自動執行多步驟任務,包括跨平台偵察及創建合成身份,用於鎖定目標的攻擊活動。 這代表攻擊手法出現轉變,AI 技術成為傳統社交工程的助力,提升攻擊的規模、速度與靈活度。 **社交工程攻擊既能高度鎖定目標,也具備大規模擴散能力** 報告中,Unit 42 說明兩種主要的社交工程模式,兩者皆透過模仿可信任行為來繞過防護機制: **高互動式入侵(** **High-touch compromise** \*\*)\*\*針對特定個人進行即時攻擊。攻擊者會冒充內部員工、利用客服中心漏洞,並在不使用惡意軟體的情況下提升權限。此類攻擊常透過語音誘騙、現場情境設計及竊取身分資料執行,典型案例包括「Muddled Libra」及多起國家級攻擊行動。這些「白手套」攻擊高度客製化,運用客服冒充、語音偽裝及技術性偵察,達成深度入侵、擴大系統控制權限,並提高金錢獲利的可能性。 **大規模欺騙攻擊**則涵蓋類似 ClickFix 的活動、SEO 毒化、假冒瀏覽器提示以及結合多種誘餌,誘使使用者在多種裝置和平台上主動觸發入侵。大規模的 ClickFix 活動會透過虛假的系統提示和 CAPTCHA 測試,誘騙使用者執行惡意軟體。我們在醫療、零售及政府部門均觀察到此類攻擊,常導致大量帳號憑證外洩及營運中斷。 **組織如何成為社交工程的「低垂果實」** 社交工程攻擊屢見不鮮,主因在於過度授權的存取權限、行為監控盲點,以及對人工作業流程中用戶信任的缺乏驗證。攻擊者透過模仿日常操作,利用身分系統、客服流程與快速審核機制來鑽漏洞。為了對抗此威脅,資安主管必須超越單純的用戶教育,將社交工程視為系統性風險,並採取以下措施: * 推行行為分析與身分威脅偵測與應變(ITDR),主動偵測憑證濫用行為。 * 強化身分復原流程的安全性,並落實條件式存取控制。 * 擴大零信任原則的適用範圍,涵蓋使用者,而非僅限於網路邊界。 隨著科技演進,攻擊者持續利用人性信任與工作效率弱點。信任、驗證與防禦的本質也在改變。 本報告反映過去一年來的趨勢與攻擊手法創新,透過脈絡化這些發現,資安主管能夠調整防禦策略,保障營運持續性,並在不斷變化的威脅環境中保持優勢。 想深入了解這些不斷演進的攻擊手法與 Unit 42 的完整分析,[請點此下載完整報告](https://unit42.paloaltonetworks.com/2025-unit-42-global-incident-response-report-social-engineering-edition/)。 如欲瞭解 Unit 42 如何協助您的組織強化防禦,歡迎造訪我們的[官網](https://www.paloaltonetworks.com/unit42)。 *** ** * ** *** ## Related Blogs ### [Threat Intelligence](https://www.paloaltonetworks.com/blog/category/threat-intelligence/?lang=zh-hant&ts=markdown) [#### 從勒索到營收損失](https://www2.paloaltonetworks.com/blog/2025/12/from-extortion-to-loss/?lang=zh-hant) ### Subscribe to the Blog! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language