Research says Phishing overtakes Dark Web as primary source of stolen Personal Information

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points.

For years, the Dark Web has been regarded as the primary marketplace for stolen personal and corporate information. Cybercriminals frequently relied on underground forums and marketplaces to buy and sell sensitive data obtained from previous breaches. However, recent findings suggest that the cybercrime landscape is undergoing a significant shift.
According to the 2026 Enterprise Social Engineering Report compiled by Optery, phishing and other social engineering techniques have now emerged as the leading methods used by hackers to obtain valuable information, pushing the Dark Web into a secondary role.
The report, which gathered insights from more than 420 cybersecurity leaders across various industries, highlights growing concerns about the security of employee information. Surprisingly, only 4 percent of respondents expressed confidence that their employees’ personal data—including phone numbers, residential addresses, and details about family members—was adequately protected from cybercriminals.
The remaining 96 percent admitted uncertainty regarding their organizations’ ability to defend against increasingly sophisticated cyberattacks. Many cybersecurity professionals interviewed for the report suggested that the Dark Web now serves more as a repository or “information dumpster” where previously stolen data is stored and traded. While the information remains valuable, hackers are increasingly focusing on acquiring fresh and actionable data directly from victims through deception rather than relying solely on historical data breaches.
One of the most effective methods being used today is social engineering, particularly phishing and vishing attacks. In phishing campaigns, cybercriminals send fraudulent emails or messages designed to trick employees into revealing passwords, login credentials, or confidential business information. Vishing, or voice phishing, involves attackers impersonating trusted individuals over phone calls to manipulate victims into disclosing sensitive data.
Cybersecurity experts warn that data brokers and criminal groups have become highly skilled at exploiting human psychology. Information obtained through social engineering attacks is often sold on underground brokerage forums, where it is later used to gain unauthorized access to corporate networks and critical business systems.
Several high-profile incidents over the past year have demonstrated the effectiveness of these tactics. In 2025, luxury automobile manufacturer Jaguar Land Rover, owned by Tata Group, reportedly suffered significant financial losses after cybercriminal groups Scattered Spider and ShinyHunters gained unauthorized access to sensitive information. Similarly, British retail giant Marks & Spencer was targeted in a social engineering attack in which hackers allegedly impersonated IT support personnel and convinced employees to share critical information.
The hospitality industry has also been affected. Major casino and hotel operators Caesars Palace and MGM Resorts International have experienced incidents linked to social engineering schemes that resulted in the exposure of sensitive business information.
The findings underscore a growing reality in cybersecurity: while technical defenses remain important, human error continues to be one of the most exploited vulnerabilities. As cybercriminals increasingly rely on deception rather than traditional hacking techniques, organizations must invest in employee awareness training, stronger authentication measures, and continuous monitoring to reduce the risk of successful social engineering attacks.

Join our LinkedIn group Information Security Community!