The Hacker News

JULY 10, 2025

Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems.

Cryptocurrency

Malwarebytes

JUNE 18, 2025

They can profess their empty love to you across your social media apps. They use it to check emails, browse the internet, make phone calls, scroll through social media, and text family and friends. A romance scam, similarly, can start on a social media platform but can move into a messaging service like WhatsApp.

Scams

Krebs on Security

OCTOBER 18, 2024

In December 2022, KrebsOnSecurity broke the news that USDoD had social-engineered his way into the FBI’s InfraGard program , an FBI initiative designed to build informal information sharing partnerships with vetted professionals in the private sector concerning cyber and physical threats to critical U.S.

Social Engineering

Krebs on Security

DECEMBER 18, 2024

“No one gets arrested,” Daniel enthused to Junseth in the May 7 podcast, which quickly went viral on social media. This process, he explained, essentially self-selects people who are more likely to be susceptible to their social engineering schemes. [It

Cryptocurrency

Krebs on Security

JULY 24, 2025

In an October 2021 report , Palo Alto said SilverTerrier excels at so-called “ business e-mail compromise ” or BEC scams, which target legitimate business email accounts through social engineering or computer intrusion activities.

Scams

Security Affairs

JULY 2, 2025

Qantas has also set up a dedicated support line and webpage to keep customers informed, and will provide ongoing updates through its website and social media. “We The cybercriminals are using social engineering techniques to gain access to target organizations by impersonating employees or contractors.

Data breaches

Security Affairs

APRIL 7, 2025

Guidebooks are also available to instruct on how to exploit the information obtained, in order to more effectively target victims through social engineering and doxxing campaigns. The lack of a robust verification process, combined with the trust placed in authorities, increases the risk to users’ digital security and privacy.

Cybercrime

SecureList

AUGUST 13, 2025

[link] Example of an OTP (one-time password) bot call Data harvesting and analysis Large language models like ChatGPT are well-known for their ability to not only write grammatically correct text in various languages but also to quickly analyze open-source data from media outlets, corporate websites, and social media.

Phishing

The Last Watchdog

MARCH 28, 2025

In the case studies demonstrated by SquareX , these attacks leverage AI agents to automate the majority of the attack sequence, requiring minimal social engineering and interference from the attacker. Previously disclosed attacks include Browser Syncjacking and Polymorphic Extensions.

Antivirus

Webroot

MARCH 3, 2025

Common attacks to consumer protection Identity theft and fraud Some common types of identity theft and fraud include account takeover fraud , when criminals use stolen personal information such as account numbers, usernames, or passwords to hijack bank accounts, credit cards, and even email and social media accounts.

Consumer Protection

SecureWorld News

FEBRUARY 13, 2025

Deepfakes involve AI-generated synthetic media that convincingly mimics real individuals' voices and faces. Evolution of social engineering Social engineering exploits human psychology to manipulate individuals into revealing sensitive information or taking harmful actions.

Social Engineering

Security Affairs

OCTOBER 11, 2024

The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. OpenAI’s report also detailed the use of ChatGPT by another Iranian threat actor, tracked Storm-0817.

Malware

SecureWorld News

JUNE 6, 2025

USB-borne threats are resurging: 13% of threats were introduced via removable media—still a glaring vulnerability in many industrial settings. USB and removable media: The forgotten threat vector Honeywell continues to track high-risk threats delivered via USB devices. OT defenders must plan for: Hybrid threats (e.g.,

Media

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media.

Social Engineering

SecureWorld News

MAY 9, 2025

The method, known as "ClickFix," leverages social engineering to bypass traditional email-based defenses. The LOSTKEYS malware shows how attackers are getting smarter at tricking people and sneaking past basic security tools, especially by using fake websites and social engineering to get users to run harmful scripts," said J.

Malware

The Last Watchdog

JANUARY 30, 2025

Using a very clever social engineering attack that exploits trusted domains, the adversary can then further escalate the profile hijacking attack to steal passwords from the victims browser.

Social Engineering

Malwarebytes

APRIL 1, 2025

One of the pitfalls the IRS warns about is bad tax advice provided on social media, as submitting false information to the IRS could land you in serious trouble. And, although these scams do appear year-round, tax season is when they reach their peak level. The other big type of scams are phishing emails, like we saw above.

Scams

SecureWorld News

FEBRUARY 14, 2025

And 2025 will be no different, as increasingly sophisticated online hackers seek to take advantage of Valentine's themed email traffic, social media advertisements, or marketing campaigns, and exploit heightened emotions and a desire to connect. Last year saw a 110% rise in cybercrime in the lead up to Valentine's Day.

Scams

Hacker's King

DECEMBER 16, 2024

Phishing and Social Engineering : Phishing remains a popular attack method, leveraging emails, fake websites, and social media to deceive users into providing sensitive information. Cybercriminals are also increasingly using social media to gather intelligence, exploit personal information, and initiate attacks.

Cyber Attacks

Malwarebytes

MARCH 10, 2025

I realize that may sound like something trivial to steer clear from, but apparently its not because the social engineering behind it is pretty sophisticated. But mshta will fetch the malicious media file from the specified domain and run it. The name of the media file may look perfectly fine.

Social Engineering

Security Affairs

MAY 17, 2025

The financially motivated group UNC3944 (also known as Scattered Spider , 0ktapus ) is known for social engineering and extortion. Google experts state that UNC3944 targets sectors like Tech, Telecom, Finance, BPO, Gaming, Retail, and Media, focusing on large enterprises in English-speaking countries, plus India and Singapore.

Retail

SecureWorld News

JULY 17, 2025

The result is a wave of new schemes that combine social engineering with digital forgery: Executive deepfake fraud: Fraudsters impersonate senior executives (CEO, CFO, etc.) Augmented phishing and social media impersonation: Even text-based scams have become more convincing with AI. in live video calls or voicemails.

Banking

SecureWorld News

APRIL 14, 2025

With these insights, security personnel know which attack vectors to watch more closely, how to orchestrate the defenses, and what new phishing and social engineering trends to warn employees about. They amass data from websites, social media networks, news sources, public databases, and domain registries.

Media

The Last Watchdog

APRIL 22, 2025

As AI technology advances, attackers are shifting their focus from technical exploits to human emotions using deeply personal and well-orchestrated social engineering tactics. Typically, the attacker collects authentic media samples of their target, including still images, videos, and audio clips, to train the deep learning model.

Authentication

Malwarebytes

FEBRUARY 4, 2025

The leaked data included: Full names Phone numbers Email addresses Home addresses Dates of birth Nationality and places of birth Social media links Employment history Educational background As you can imagine, these resumes represent a treasure trove for phishers and other cybercriminals. What do I need to do?

Identity Theft

Hacker's King

OCTOBER 12, 2024

OSINT allows hackers to leverage data from the internet, social media, databases, and other open channels to uncover potential vulnerabilities. The information gathered can include anything from email addresses, domain names, and IP addresses to social media profiles and leaked data found on the dark web. Why Use Maltego?

Media

SecureWorld News

JULY 29, 2025

The root cause of the Allianz Life breach was a social engineering attack launched on one of its cloud vendors on July 16th, according to the company's filing with the Maine Attorney General's office. It's part of a disturbing trend of social engineering attacks specifically targeting the insurance sector and other industries.

Data breaches

IT Security Guru

NOVEMBER 1, 2024

Phishing and Social Engineering: These tactics manipulate individuals to disclose sensitive information. With the use of social media and encrypted communication channels, terrorist organizations have expanded their reach, recruiting members and coordinating attacks globally.

Technology

Security Through Education

AUGUST 12, 2025

Through OSINT (open-source intelligence gathering) bad actors will use personalized details gathered from social media sites and create pretexts that are very realistic. Together, these techniques exploit human trust and social engineering principles, making vishing attacks more convincing and successful.

Social Engineering

Malwarebytes

FEBRUARY 4, 2025

These agents could even hold people for ransom by matching stolen data online with publicly known email addresses or social media accounts, composing messages and holding entire conversations with victims who believe a human hacker out there has access to their Social Security Number, physical address, credit card info, and more.

Artificial Intelligence

Security Boulevard

JUNE 10, 2025

An attacker could exploit this vulnerability through social engineering, by convincing a target to open a malicious URL or file. of the vulnerabilities patched this month, followed by information disclosure vulnerabilities at 26.2%. It was assigned a CVSSv3 score of 8.8 and is rated important.

Social Engineering

Jane Frankland

MAY 16, 2025

Fraudsters use AI, social engineering, and emotional manipulation to steal not just money, but also trust, time, and peace of mind. Shopping Scams Fake online shops, social media ads, or marketplace listings. Scams today arent just dodgy emails or shady phone calls. And it’s hitting home: 11.4

Scams

Hacker's King

DECEMBER 25, 2024

Snapchat is a widely popular social media platform that connects millions of users daily. Social Engineering : Attackers manipulate victims into sharing personal information, such as passwords or answers to security questions. This is one of the most prevalent methods of account compromise.

Passwords

SecureList

DECEMBER 9, 2024

This case underscores the serious risk that social engineering and supply chain attacks pose to open-source projects. Media sources reported that explosives had been concealed within the devices. Kaspersky presented detailed technical analysis of this case in three parts. Why does it matter? Why does it matter?

Internet

Cisco Security

JULY 7, 2025

Twenty years ago, when the National Academies last published the Cyber Hard Problems report, social media was for college kids with.edu emails and the global pandemic had yet to drive business online. Ask a question and stay connected with Cisco Security on social media. We’d love to hear what you think!

Cyber Risk

SecureWorld News

DECEMBER 30, 2024

law enforcement, regulators, or media) should be contacted. Social engineering techniques enable them to bypass technical security measures effectively. Provide a framework for communicating with affected individuals, partners, and contractors. Define the conditions under which external entities (e.g.,

Data breaches

Malwarebytes

JULY 2, 2025

Qantas says the breach occurred after a cybercriminal targeted a call centre and managed to gain access to the third party platform, presumably via social engineering. But it’s noteable that this weekend the FBI put out a warning on social media about ransomware attacks targeting airlines.

Social Engineering