Report cover image

Impersonating Trust: How Threat Actors Leverage Familiar Systems to Breach IT Defenses

Publisher IDC
Published Aug 26, 2025
Length 10 Pages
SKU # IDC20346373

Description

This IDC Perspective discusses phishing and other social engineering attacks that put personnel in your organization in direct contact with sophisticated adversaries on a regular basis. These attackers use knowledge of your organization and the systems it uses to craft pretexts that coerce employees into divulging sensitive information and credentials. Threat actors are increasingly using tactics where trusted personnel and internal and third-party IT systems are impersonated as part of these pretexts. These deceptive schemes turn the trust your employees and customers have in your IT organization against them, with often devastating results.Addressing this risk exercises all facets of an IT organization's security program. Prioritizing defense against this threat is well worth the effort. Not only does this work put your organization's security posture in a better place against other foreseeable threats, but it can also be a catalyst that fosters a healthy awareness of the paths to success for an attacker and the psychological factors involved in these attacks.This document discusses this evolving tactic and enumerates technical mitigations that can be used on IT and other core infrastructure systems to make attacks of this form less likely to succeed. We also discuss a number of activities that can be used to put these risks in context and identify gaps in your IT organization's security posture."Sophisticated threat actors tailor their phishing campaigns to the responsibilities and workflows of targeted personnel. IT personnel deal with notifications and alerts from systems they manage as part of their daily responsibilities. A well-crafted phishing campaign that mimics a familiar IT system is an effective tactic for bad actors to quickly gain access to sensitive IT credentials and systems," says Joel Sandin, adjunct research analyst, IT Executive Programs (IEP), IDC. "Understanding these attacks, educating personnel, and fortifying IT systems against this threat is well worth the effort."

Table of Contents

10 Pages

Executive Snapshot

Situation Overview

Motivating Example

Why Attackers Target IT Personnel

Reconnaissance for Spear Phishing

Understanding the Psychology of Pretexts

Summing Up: Why This Pretext Works

Advice for the Technology Buyer

Recommendations

Establish Comprehensive Technical Controls

Perform Risk Assessment for IT Services

Implement Mitigations Based on Service Risk

Learn More

Related Research

Synopsis

Search Inside Report

Pricing

Currency Rates
How Do Licenses Work?

How Do Licenses Work?

The primary function of a report license is to define how many people within a company are authorized to use the purchased report. This is separate to how a report might be delivered. Unless specifically identified otherwise, the purchase option is Single User. Below is a helpful description of that license, along with a sampling of others most commonly offered.

  • This license allows only one user to have access to and to use/read the report. It is not one user at a time or one user group; it is an individual who will be reading and utilizing the report.

  • This license allows for the entire purchasing company to read and use the report. This is the license level that would allow for a report to be placed on an internal company shared drive for access by all employees of that direct company. This license does not extend to parent or sister company use.

  • This license is designed to allow an entire department within a company full access to a report. The departmental license is a great option for companies that have more than one location and the department is spread out all over the country/world

  • This license is for companies that have one location where they want the report to be accessible by all employees within that physical location.

  • This is the most flexible of the licensing options. Some publishers will allow you to get a license for a preset number of people (typically 5). These licenses are ideal for small work groups.

License options are at the discretion of each publisher. As such, not all licenses indicated above are available for every product. If you are uncertain of the best license for your needs or would like a license that is not proactively available, please contact us and we will be happy to assist.

Head shot

Questions or Comments?

Our team has the ability to search within reports to verify it suits your needs. We can also help maximize your budget by finding sections of reports you can purchase.
Chat Now
Contact Us