When the Help Desk Becomes the Front Door: AI-Assisted Social Engineering Hits Onboarding
IBM says 16% of breaches in 2025 involved attackers using AI. A lot of those calls land at the service desk, and new-hire onboarding is the softest spot.

Key points
- IBM's 2025 Cost of a Data Breach Report found that 16% of breaches studied involved attackers using AI tools, mostly for phishing or deepfake impersonation.
- Major intrusions at Marks & Spencer, MGM Resorts and Clorox all began with a phone call to the IT help desk asking for access.
- New-employee onboarding is the weakest moment, because agents often have no prior familiarity with the person on the other end of the line.
- Defenders are being urged to add biometric liveness checks, where a camera confirms a real live person is present, before resetting passwords or handing out credentials.
There is a boring truth behind a lot of glamorous-sounding AI attacks. The criminal does not hack anything. They phone the help desk and ask nicely.
That is the through-line in a new writeup from Specops Software, flagged this week by BleepingComputer, on how generative AI is sharpening one of the oldest tricks in the book: social engineering, which is the practice of tricking a human into doing something they should not.
IBM's 2025 Cost of a Data Breach Report, the primary number everyone is quoting, says 16% of studied breaches involved attackers using AI tools. Most of that was phishing, which is fake emails or messages designed to fool staff, and deepfakes, which are AI-generated fake voices or videos of real people.
Why is the service desk suddenly the problem?
Because it is designed to say yes. Help desks exist to unblock tired employees quickly. That is their job. An attacker who sounds like a legitimate user does not need to defeat firewalls or crack passwords. They can just ask an agent to reset one.
The pattern is not new. What is new is how convincing the impersonation has become.
The big-name intrusions at Marks & Spencer, MGM Resorts and Clorox all started, according to public reporting, with variations of the same sentence: can you help me get access? From there the attackers moved into real accounts and racked up damages measured in millions.
AI is greasing the wheels in three specific ways.
First, it makes the impersonation sound right. Generative AI can produce a clean email, a natural chat message or a phone script in seconds. In more targeted cases, attackers use AI-cloned voices, or even video, to impersonate a specific employee. Think of it as caller ID spoofing, an old trick where the number on your phone screen is faked, except now the voice is faked too.
Second, AI speeds up homework. Attackers pull details from LinkedIn, job ads, press releases and welcome posts, then let a model stitch it into a believable story: right manager, right team, right internal tool. A request stuffed with correct-sounding detail feels routine. Routine requests move fast.
Third, AI lets attackers scale. One pretext becomes fifty variations. If agent A pushes back, agent B gets a slightly reworded version an hour later. It is the same volume game that made credential stuffing, where criminals try huge lists of stolen passwords against many sites, so effective on the web.
What actually helps?
Not lectures about being careful. Under pressure, in a queue of tickets, careful is not a strategy.
The practical fixes look mundane, and that is the point. Stop sending new-hire passwords over SMS or email, which can be intercepted. Send an enrollment link instead and let the employee set their own password. It is the same logic as a bank never emailing you your PIN.
Add biometric liveness detection for sensitive actions like password resets on privileged accounts. Liveness checks use a camera to confirm a real, breathing human is on the other end, not a photo, a recorded clip or a deepfake video. This matters most for remote onboarding, where the agent will never meet the new hire in person.
And require that identity check before the agent clicks reset, not after.
None of this is exotic. It is the same principle a good bank teller uses when someone walks in claiming to be a customer: verify first, help second. The AI era has not changed that rule. It has just made the person at the counter a lot better at lying.



