This paper explores how attackers bypass defenses by impersonating employees, with help desks emerging as prime targets. Credential abuse and phishing dominate breaches, and service desk agents—who manage credentials, MFA, and access—hold “keys to the kingdom.” The report underscores vulnerabilities from PII reuse and deepfakes, showing how social engineering enables lateral movement, ransomware, and exfiltration. Proofpoint recommends a human-centric defense strategy, focused training for help desk staff, improved identity verification, and risk-based controls to counter evolving impersonation and deception attacks.

Join for free to read