Skip to content

Emotional Manipulation Instead of Password Brute-Force: The New Attack Vector

In a nutshell: Romance scams and AI-driven emotional manipulation require a rethink of security architecture: Technical protection without psychological early detection is no longer sufficient.

Social engineering has become the dominant attack vector: According to Norton telemetry, social engineering content accounted for more than 90 percent of all blocked attacks in 2025. Generative AI enables cybercriminals to scale deceptively authentic fake identities and automate emotional manipulation – a problem that classical authentication mechanisms cannot solve.

The threat landscape has fundamentally shifted: Attacks no longer primarily target technical weaknesses, but instead exploit psychological manipulation. Alexander Vukcevic, Director CyberSafety Technology at Gen, notes that conventional security measures such as two-factor authentication or password managers are necessary but insufficient. Once a foundation of trust has been established, victims complete the final step themselves – they click on links, accept device pairings, scan QR codes or share verification codes.

Generative AI has dramatically increased the professionalization and scalability of romance fraud schemes. While earlier attempts often failed due to poor language quality or inadequate scalability, attackers can now produce fluent, region-specific dialogues, deceptively authentic profile pictures, synthetic audio and video materials in series. Small cybercriminal networks automate profile creation and compose emotionally tailored messages in flawless German. For the German market, Norton shows that 59 percent of active dating app users encounter suspicious profiles at least once a week.

For CISOs and security teams, this means a fundamental reorientation of protection models: Cybersecurity can no longer end at the purely technical level. What is needed is an extended model that detects manipulation early, understands emotionally driven decision-making processes and generates credible warnings before psychological pressure leads to financial or personal harm. The most harmful fraud schemes increasingly take place in browsers, social media, messaging apps and payment systems – in other words, where users are already present daily.


Source: www.it-daily.net · Published 3 June 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.2.9.

Share on: