Topic: social engineering
-
Fake Windows BSOD Screens Deliver ClickFix Malware
A sophisticated phishing campaign targets the European hospitality industry by impersonating Booking.com, using a fake website and a fabricated Windows Blue Screen of Death error to trick users into manually installing malware. The attack deploys the DCRAT remote access trojan, which gains persis...
Read More » -
Beware: Fake Windows Update Pushes Malware in ClickFix Attack
A deceptive cyberattack called ClickFix tricks users by mimicking a Windows security update, using a full-screen browser animation to install malware like LummaC2 and Rhadamanthys to steal sensitive information. The attack employs social engineering and steganography, hiding malware within a PNG ...
Read More » -
The $400M Password Problem: Can You Get a New One?
A social engineering attack on Clorox, executed by impersonating employees and manipulating an outsourced service desk, led to an estimated $380 million in damages by exploiting weak password and MFA reset procedures. The breach caused severe operational disruptions, including halted production a...
Read More » -
98% of Cyberattacks Exploit Human Error, UAE Council Warns
98% of successful cyberattacks are due to human error, with criminals increasingly using psychological manipulation rather than technical exploits. Attackers employ social engineering tactics like impersonation, fake rewards, and urgency to trick individuals into revealing sensitive information. ...
Read More » -
AI-Powered Hacking: How Clickfix Tools Are Breaching Systems
A 500% surge in Clickfix attacks in early 2025 highlights a shift toward AI-enhanced social engineering, where attackers use fake alerts to trick users into executing malicious commands, bypassing traditional security. AI is revolutionizing Business Email Compromise (BEC) by generating fabricated...
Read More » -
Don't Paste That TikTok Code! The Dangerous Scam Explained
A dangerous scam on TikTok, known as ClickFix, tricks users into installing information-stealing malware by posing as helpful tech support or free software guides, convincing them to run malicious commands on their own computers. These fraudulent videos, which promote fake methods for accessing p...
Read More » -
2026 Cybersecurity Forecast: Key Trends to Watch
Cybercriminals are increasingly targeting people over software vulnerabilities, using tactics like phishing and deceptive applications to breach networks, as seen in the 2025 Salesforce attack by Shiny Hunters. Artificial intelligence tools are creating more sophisticated threats, such as advance...
Read More » -
Cybercriminals Upgrade ClickFix with E-commerce Tricks
Cybercriminals are enhancing the ClickFix malware delivery method by using persuasive design elements like tutorial videos and countdown timers to rush users into executing harmful commands, making pages appear legitimate. The fraudulent pages dynamically adapt to the victim's operating system an...
Read More » -
University of Pennsylvania Data Stolen in Cyberattack
The University of Pennsylvania experienced a cybersecurity breach where hackers used stolen credentials via social engineering to access systems, stealing sensitive data and sending fraudulent emails. Attackers exfiltrated approximately 1.71 GB of internal documents and a donor database with 1.2 ...
Read More » -
Ransomware Groups Pivot as Victims Stop Paying
Ransomware payment rates have plummeted to just 23% in Q3 2025, significantly undermining the financial model of cybercriminals and marking a victory for cybersecurity efforts. Attackers are increasingly relying on social engineering tactics like insider threats, helpdesk impersonation, and callb...
Read More » -
Can Your Phishing Detection Stop 2025's Security Threats?
Social engineering attacks like Clickfix surged 500% in early 2025, with cybercriminals increasingly using AI to create sophisticated Business Email Compromise scams that exploit human psychology rather than technical vulnerabilities. Clickfix bypasses traditional defenses by tricking users into ...
Read More » -
North Korean Hackers Stole $2 Billion in Crypto This Year
North Korean hackers have stolen over $2 billion in cryptocurrency in 2025, primarily through a major breach at Bybit and numerous other attributed attacks, with the actual total likely higher due to unreported incidents. The groups have shifted tactics to focus on social engineering, targeting h...
Read More » -
Microsoft: Hackers Steal University Payroll in Pirate Attacks
Storm-2657, a cybercrime group, has been targeting U.S. university payroll systems since March 2025, primarily compromising Workday accounts through sophisticated social engineering and exploiting weak multifactor authentication. The attackers use highly customized phishing emails, such as fake c...
Read More » -
Two-Thirds of Firms Hit by Deepfake Attacks
A majority of organizations (62%) experienced a deepfake attack in the past year, often using social engineering to impersonate leaders or manipulate automated verification systems. The threat is growing as deepfake technology becomes more accessible, with the combination of deepfakes and social ...
Read More » -
M&S hit by ransomware attack due to social engineering
M&S suffered a ransomware attack after cybercriminals used social engineering to impersonate an employee, gaining access via a third-party provider and deploying DragonForce ransomware. The attack involved detailed impersonation tactics, potentially facilitated by Tata Consultancy Services, and e...
Read More » -
Russian Hackers Bypass Two-Factor Authentication in New Attack
Russian hackers bypassed two-factor authentication (2FA) using social engineering, exploiting legitimate account features like Gmail's "app password" to target high-profile individuals. A British researcher, Keir Giles, was tricked by hackers posing as U.S. officials, who used forged documents an...
Read More » -
ClickFix Exploits MHSTA to Evade Security for Infostealers
ClickFix is a growing social engineering tactic that tricks users into executing harmful commands by pretending to fix system issues, often through deceptive pop-ups. ClickFix has driven a 10% increase in drive-by compromises and is now the second most common evasion technique, often exploiting t...
Read More » -
New MacOS Malware 'DigitStealer' Targets Apple M2/M3 Chips
DigitStealer is a sophisticated malware targeting macOS systems with Apple M2 and M3 chips, disguising itself as legitimate tools like DynamicLake or Google Drive to trick users into installation. The malware employs a multi-stage delivery process, checking system location and hardware to avoid v...
Read More » -
Beware: Fake Booking.com Emails and BSODs Target Hotels
A sophisticated phishing campaign targets the European hospitality industry using convincing fake Booking.com emails to deliver the DCRat malware, which steals data and provides attackers with persistent remote access. The attack employs advanced social engineering, including a fake Windows error...
Read More » -
North Korean Hackers Lead 2025 Crypto Theft Surge
North Korean state-sponsored hackers stole over $2 billion in cryptocurrency in 2025, a 51% increase, by pivoting to fewer, more sophisticated attacks on high-value targets. Their evolved tactics include sophisticated social engineering, posing as recruiters or investors to compromise employees a...
Read More » -
Insider Threats: Protecting Your Team from Cyber Attacks
Cybercriminals are now infiltrating companies by impersonating IT professionals during hiring, using fabricated personas and deepfakes to gain trusted, privileged access to sensitive systems. The primary goals of these "fake workers" include severe data theft, financial fraud, and cyber espionage...
Read More » -
Beware: Fake Windows Update Screens Spread ClickFix Malware
A deceptive malware campaign uses a fake Windows Update screen to trick users into manually executing malicious commands, leading to the installation of information-stealing software. The attack employs advanced techniques like steganography to hide malicious code in PNG images and operates in me...
Read More » -
Google: AI Will Fuel a Cybercrime Surge by 2026
AI is dramatically transforming cybersecurity by fueling a surge in automated cybercrime, including sophisticated phishing, voice cloning, and prompt injection attacks, while also enabling new defense mechanisms. The rise of AI agents and unauthorized tools complicates security management, requir...
Read More » -
Europe's Phone Networks Flooded by Fake Calls
Caller ID spoofing is a primary tool used by cybercriminals in Europe, leading to an estimated €850 million in annual losses and overwhelming phone networks with fraudulent calls. Criminals exploit legal and jurisdictional differences, using spoofing to impersonate trusted entities and facilitate...
Read More » -
Delete These 12 Android Apps Spying on Your Conversations
ESET security researchers discovered twelve apps containing VajraSpy spyware, which can secretly record conversations and steal sensitive data through deceptive tactics. The malware spreads via fake profiles on messaging platforms that build fake romantic relationships to trick users into install...
Read More » -
Salesforce Refuses to Pay Ransom in Massive Data Breach
Salesforce has refused to pay a ransom after a data breach allegedly exposed nearly one billion customer records, emphasizing its policy against negotiating with cybercriminals despite the risk of data exposure. The attack, initiated in May, involved English-speaking operatives tricking employees...
Read More » -
FileFix Attack Evades Security with Cache Smuggling
A new FileFix social engineering attack uses cache smuggling to deliver malware undetected by disguising itself as a Fortinet VPN Compliance Checker and tricking users into executing hidden PowerShell commands. The attack involves copying a text string that secretly contains a script to search br...
Read More » -
ClickFix Phishing Kit Exposed by Cybersecurity Experts
Palo Alto Networks has identified the IUAM ClickFix Generator, a phishing toolkit that enables even novice cybercriminals to create convincing fake browser verification pages to deploy malware. The toolkit allows customization of phishing pages, detects the user's device and OS to tailor maliciou...
Read More » -
Is Your SOC Ready for Business Email Compromise?
Business email compromise (BEC) attacks use psychological manipulation rather than technical exploits, bypassing traditional security by mimicking trusted communications and requiring intensive manual investigation. These scams evade detection because they lack malicious code, making them invisib...
Read More » -
70,000 Fake Bank Scam Emails Target Australians
A sophisticated callback scam impersonating major Australian banks has targeted tens of thousands of businesses, with over 70,000 detected attempts in one month, particularly affecting sectors like education, legal, and insurance. Scammers send hyper-realistic emails with fabricated transaction d...
Read More » -
Salesforce Blames Social Engineering for Ransomware Breaches
The hacker group Shiny Hunters claims to have stolen nearly one billion records from Salesforce and is demanding ransom from 39 companies, threatening to release the data by October 10, 2025, if not paid. Salesforce denies its platform was breached, attributing the data loss to social engineering...
Read More » -
Bolster Defenses Against Scattered Spider Attacks, Experts Warn
The Scattered Spider hacking group poses a severe threat to businesses by using sophisticated methods like social engineering and ransomware, requiring immediate improvements in identity management, security processes, and third-party risk management. Their attack strategy often starts with vishi...
Read More » -
Insight Partners Warns Thousands Following Ransomware Attack
Insight Partners suffered a cybersecurity breach due to a sophisticated social engineering attack, exposing sensitive personal and financial data of thousands. The breach occurred from October 2024 to January 2025, compromising banking details, employee records, and information on partners and po...
Read More » -
From ClickFix to MetaStealer: How Cyber Threats Are Evolving
Cybersecurity attacks are evolving with threat actors combining social engineering and technical methods, such as using disguised installers and legitimate tools to deploy malware like MetaStealer. Recent incidents involve deceptive techniques, including fake verification pages and malicious file...
Read More » -
ScamAgent: How AI Is Fueling a New Era of Fraudulent Calls
AI-driven scams are evolving to use multi-turn conversations that bypass traditional safety systems by breaking malicious intent into incremental, seemingly harmless steps. These advanced scams can adapt their approach based on victim responses, altering tone and tactics, and are increasingly rea...
Read More » -
Top Cybersecurity Breaches and Attacks of 2025
Sophisticated social engineering and malware campaigns, such as ClickFix and its variants, expanded across operating systems, tricking users into self-inflicted infections and becoming commercialized through paid platforms. The cryptocurrency sector and enterprise software faced massive breaches,...
Read More » -
Security Can't Keep Up with Modern Attackers
Cyber threats are evolving faster than defenses, with attackers constantly refining their tactics, techniques, and procedures (TTPs), creating a widening gap between their innovation and traditional security coverage. Zero-day exploits are now widely used by criminal groups, not just nation-state...
Read More » -
Criminal Networks Are Industrializing Payment Fraud
Criminal syndicates now operate like modern corporations, using automation, reusable infrastructure, and scalable methods to create persistent threats that financial institutions struggle to counter. Fraud networks employ organized, repeatable strategies such as AI-powered social engineering and ...
Read More » -
Microsoft Teams Targeted by Fake IT Support Scams
A new wave of phishing attacks is exploiting Microsoft Teams, using fake IT support accounts to trick employees into installing malware that gives attackers full network control. Attackers are shifting from email to Teams due to its trusted role in business, impersonating IT staff to deploy remot...
Read More » -
The Hidden Vulnerabilities in Email Security
Email is the primary cyberattack vector, with malware, scams, and phishing attempts surging by over 130%, 30%, and 20% respectively, causing widespread operational disruptions. Over 78% of organizations experienced an email breach last year, with phishing and impersonation being the most common m...
Read More » -
OpenAI Data Breach: Why a Password Change Won't Protect You
The breach was a supply chain attack targeting a third-party analytics provider (Mixpanel), not OpenAI's core systems, highlighting a common tactic to exploit weaker links in interconnected software ecosystems. Compromised data was limited to OpenAI's developer portal, affecting developers' non-s...
Read More » -
EDR Exploited for Stealthy Ransomware Attacks
Attackers are exploiting trusted security tools like EDR software and Windows utilities to deploy malware with stealth and persistence, shifting from mass phishing to more sophisticated methods. A specific attack involved social engineering to execute malicious commands, sideloading a rogue DLL v...
Read More » -
Inside DragonForce Ransomware and Scattered Spider
The DragonForce ransomware operation has evolved into a "cartel" model, offering affiliates high profit shares to scale its impact, and has formed a high-profile partnership with the social engineering group Scattered Spider. This alliance merges Scattered Spider's sophisticated initial access te...
Read More » -
Beware: Hackers Hijack Calendar Subscriptions for Attacks
Hackers exploit digital calendar subscriptions by using deceptive systems to deliver malicious content like phishing links and malware through third-party feeds. BitSight's investigation revealed that expired or hijacked domains were used in large-scale campaigns, affecting millions of users thro...
Read More » -
CrowdStrike Insider Leaked Data to Hackers Before Firing
CrowdStrike fired an employee for sharing confidential information with the hacking group Scattered Lapsus$ Hunters, who posted evidence of internal access on Telegram. The company denies its infrastructure was breached, attributing the incident to the insider taking and sharing screen photos, wi...
Read More » -
California Man Admits Laundering $230M in Stolen Crypto
Kunal Mehta pleaded guilty to laundering at least $25 million from a $230 million cryptocurrency theft, becoming the eighth person to do so in a DOJ case initiated in May 2025. The criminal network used social engineering to hack accounts over 18 months, formed through online gaming, and involved...
Read More » -
DoorDash Data Breach: Customer Information Exposed
DoorDash experienced a data breach in October 2025, compromising customer names, phone numbers, email addresses, and delivery locations, but sensitive data like financial details and Social Security numbers were not accessed. The breach resulted from a social engineering attack on an employee, pr...
Read More » -
Chinese Spies Used AI to Automate 90% of Cyberattacks, Report Says
A state-sponsored Chinese group used an advanced AI system to autonomously perform 80-90% of the tactical work in a multi-stage cyberattack, marking a significant shift in AI weaponization. The attackers leveraged open-source tools and manipulated the AI through social engineering to bypass ethic...
Read More » -
Google Allows Sideloading Unverified Apps for 'Experienced Users'
Google is introducing an advanced sideloading option for experienced users to install unverified apps, alongside mandatory developer verification for all Android apps to enhance security. The new installation process includes prominent warnings and protections against social engineering, ensuring...
Read More » -
Cybercriminals Hijack RMM Tools to Steal Physical Cargo
Cybercriminals are using remote monitoring and management (RMM) tools to hijack freight shipments and steal cargo by posing as legitimate brokers and tricking companies into installing malicious software. Attackers gain extensive remote access to identify high-value shipments, compromise accounts...
Read More »