Krebs on Security

NOVEMBER 9, 2024

“This is social engineering at the highest level and there will be failed attempts at times. A review of EDR vendors across many cybercrime forums shows that some fake EDR vendors sell the ability to send phony police requests to specific social media platforms, including forged court-approved documents.

Hacking 294

Hacking Accountability Government Social Engineering 294

The Last Watchdog

JUNE 13, 2025

3, 2025, CyberNewswire– Arsen , the cybersecurity startup known for defending organizations against social engineering threats, has announced the release of its new Vishing Simulation module, a cutting-edge tool designed to train employees against one of the fastest-growing attack vectors: voice phishing (vishing). Paris, Jun.

Phishing 100

Phishing Social Engineering Engineering CISO 100

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. ” Crazy Evil is referred as a traffer team, which is a group of social engineering specialists tasked with redirecting legitimate traffic to malicious landing pages.

Scams 86

Scams Media Cryptocurrency Cybercrime 86

Security Through Education

FEBRUARY 20, 2024

In the ever-evolving landscape of cybersecurity, social engineering has undergone significant transformations over the years, propelled by advancements in technology. This article delves into the historical shifts in social engineering tactics and explores how adversaries embrace new technologies to achieve their objectives.

Social Engineering 109

Social Engineering Artificial Intelligence Engineering Phishing 109

SecureWorld News

NOVEMBER 8, 2023

Social engineering attacks have long been a threat to businesses worldwide, statistically comprising roughly 98% of cyberattacks worldwide. Given the much more psychologically focused and methodical ways that social engineering attacks can be conducted, it makes spotting them hard to do.

Social Engineering 113

Social Engineering Engineering Cyber Attacks Artificial Intelligence 113

Krebs on Security

NOVEMBER 21, 2024

The feds then obtained records from Virgin Media, which showed the address was leased for several months to Tyler Buchanan , a 22-year-old from Dundee, Scotland. The Spanish police told local media that Buchanan, who allegedly went by the alias “ Tylerb ,” at one time possessed Bitcoins worth $27 million. .”

Identity Theft 268

Identity Theft Phishing Cryptocurrency Accountability 268

Malwarebytes

JUNE 18, 2025

They can profess their empty love to you across your social media apps. They use it to check emails, browse the internet, make phone calls, scroll through social media, and text family and friends. A romance scam, similarly, can start on a social media platform but can move into a messaging service like WhatsApp.

Scams 103

Scams Social Engineering Media Engineering 103

Krebs on Security

OCTOBER 18, 2024

In December 2022, KrebsOnSecurity broke the news that USDoD had social-engineered his way into the FBI’s InfraGard program , an FBI initiative designed to build informal information sharing partnerships with vetted professionals in the private sector concerning cyber and physical threats to critical U.S.

Social Engineering 278

Social Engineering Passwords Cybercrime Mobile 278

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media.

Social Engineering 132

Social Engineering Media Mobile Scams 132

The Last Watchdog

MARCH 20, 2023

Related: How Google, Facebook enable snooping In fact, a majority of scams occur through social engineering. The rise of social media has added to the many user-friendly digital tools scammers, sextortionists, and hackers can leverage in order to manipulate their victims.

Media 214

Media Identity Theft Internet Internet 214

Joseph Steinberg

OCTOBER 24, 2022

An online cybersecurity event with 2,500 people already logged in had to be cancelled after suspected cybercriminals launched a social engineering attack in the event’s chat window.

Cybersecurity 363

Cybersecurity Social Engineering Artificial Intelligence Insurance 363

Krebs on Security

DECEMBER 18, 2024

“No one gets arrested,” Daniel enthused to Junseth in the May 7 podcast, which quickly went viral on social media. This process, he explained, essentially self-selects people who are more likely to be susceptible to their social engineering schemes. [It

Cryptocurrency 363

Cryptocurrency Accountability Authentication Phishing 363

The Last Watchdog

AUGUST 15, 2023

Social media giants have long held too much power over our digital identities. By making people feel like mere products- this exploitative digital environment further encourages a bubble of distrust amongst social media users. The fine was the largest ever imposed on a social media company for privacy violations.

Media 188

Media Accountability Social Engineering Hacking 188

The Last Watchdog

MARCH 28, 2025

In the case studies demonstrated by SquareX , these attacks leverage AI agents to automate the majority of the attack sequence, requiring minimal social engineering and interference from the attacker. Previously disclosed attacks include Browser Syncjacking and Polymorphic Extensions.

Antivirus 147

Antivirus Ransomware Social Engineering Engineering 147

SecureWorld News

APRIL 22, 2025

Attack methodology: a step-by-step breakdown The Elusive Comet campaign begins with cybercriminals impersonating venture capitalists, media representatives, or business partners to lure cryptocurrency professionals into Zoom meetings. Victims are sent unsolicited invitations to join Zoom calls, often via links in phishing emails or messages.

Cryptocurrency 88

Cryptocurrency Social Engineering Cybercrime Engineering 88

SecureWorld News

OCTOBER 3, 2023

And one of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential information. Social engineering is more sophisticated than ever, and its most advanced iteration is the topic of today's discussion: deepfakes.

Social Engineering 109

Social Engineering Phishing Engineering Technology 109

Webroot

MARCH 3, 2025

Common attacks to consumer protection Identity theft and fraud Some common types of identity theft and fraud include account takeover fraud , when criminals use stolen personal information such as account numbers, usernames, or passwords to hijack bank accounts, credit cards, and even email and social media accounts.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Krebs on Security

AUGUST 21, 2020

.” The perpetrators focus on social engineering new hires at the targeted company, and impersonate staff at the target company’s IT helpdesk. The agencies said crooks use the vished VPN credentials to mine the victim company databases for their customers’ personal information to leverage in other attacks.

Social Engineering 363

Social Engineering VPN Authentication Engineering 363

Krebs on Security

AUGUST 19, 2020

For now at least, they appear to be focusing primarily on companies in the financial, telecommunications and social media industries. Zack Allen is director of threat intelligence for ZeroFOX , a Baltimore-based company that helps customers detect and respond to risks found on social media and other digital channels.

Phishing 363

Phishing VPN Social Engineering Media 363

Security Affairs

APRIL 7, 2025

Guidebooks are also available to instruct on how to exploit the information obtained, in order to more effectively target victims through social engineering and doxxing campaigns. The lack of a robust verification process, combined with the trust placed in authorities, increases the risk to users’ digital security and privacy.

Cybercrime 140

Cybercrime Social Engineering Accountability Government 140

Security Affairs

OCTOBER 11, 2024

The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. OpenAI’s report also detailed the use of ChatGPT by another Iranian threat actor, tracked Storm-0817.

Malware 138

Malware Social Engineering Engineering Hacking 138

The Last Watchdog

JANUARY 30, 2025

Using a very clever social engineering attack that exploits trusted domains, the adversary can then further escalate the profile hijacking attack to steal passwords from the victims browser.

Social Engineering 130

Social Engineering Authentication Engineering Accountability 130

SecureWorld News

JUNE 6, 2025

USB-borne threats are resurging: 13% of threats were introduced via removable media—still a glaring vulnerability in many industrial settings. USB and removable media: The forgotten threat vector Honeywell continues to track high-risk threats delivered via USB devices. OT defenders must plan for: Hybrid threats (e.g.,

Media 85

Media Social Engineering Malware Engineering 85

Krebs on Security

APRIL 6, 2022

In fact, the group often announces its hacks on social media. The group of teenagers who hacked Twitter hailed from a community that traded in hacked social media accounts. ” Like LAPSUS$, these vishers just kept up their social engineering attacks until they succeeded. ADVANCED PERSISTENT TEENAGERS.

Social Engineering 293

Social Engineering Phishing Accountability Engineering 293

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But it’s worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website.

Hacking 332

Hacking Social Engineering Phishing Scams 332

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media.

Social Engineering 98

Social Engineering Media Scams Advertising 98

SecureWorld News

FEBRUARY 13, 2025

Deepfakes involve AI-generated synthetic media that convincingly mimics real individuals' voices and faces. Evolution of social engineering Social engineering exploits human psychology to manipulate individuals into revealing sensitive information or taking harmful actions.

Social Engineering 84

Social Engineering Authentication Identity Theft Engineering 84

The Last Watchdog

NOVEMBER 19, 2023

Using routine social engineering strategies, the cyber-thieves gathered information about key employees. Professional networking and social media platforms continue to prove a rich landscape for phone numbers, locations, hobbies, dates of birth, family members, and friendships.

Social Engineering 310

Social Engineering Passwords Authentication Marketing 310

CyberSecurity Insiders

MAY 4, 2023

Meta, the parent company of Facebook, has uncovered a new social media espionage campaign in which cyber criminals launch social engineering attacks on Facebook and Instagram users by asking them to click on malevolent links, download malware, or share personal details.

Media 100

Media Social Engineering Engineering Accountability 100

Krebs on Security

JANUARY 29, 2020

This sort of information would no doubt be of interest to scammers seeking to conduct social engineering attacks against Sprint employees as way to perpetrate other types of fraud, including unauthorized SIM swaps or in gleaning more account information from targeted customers.

Social Engineering 326

Social Engineering Telecommunications Data privacy Engineering 326

Malwarebytes

MARCH 10, 2025

I realize that may sound like something trivial to steer clear from, but apparently its not because the social engineering behind it is pretty sophisticated. But mshta will fetch the malicious media file from the specified domain and run it. The name of the media file may look perfectly fine.

Social Engineering 140

Social Engineering Media Scams Malware 140

SecureList

JANUARY 18, 2023

The threat landscape is constantly updated through new malware and spyware, advanced phishing methods, and new social engineering techniques. The media routinely report incidents and leaks of data that end up publicly accessible on the dark web. Kaspersky detects an average of 400,000 malicious files every day.

Media 140

Media Social Engineering Ransomware Hacking 140

Security Affairs

JUNE 9, 2025

OpenAI banned ChatGPT accounts tied to Russian and Chinese hackers using the tool for malware, social media abuse, and U.S. The blocked accounts were used to assist malware development, social media automation, and research about U.S. satellite tech research. and Europe. Some content offered payment for classified info.

Accountability 75

Accountability Social Engineering Media Penetration Testing 75

Krebs on Security

NOVEMBER 21, 2020

In response to questions from KrebsOnSecurity, GoDaddy acknowledged that “a small number” of customer domain names had been modified after a “limited” number of GoDaddy employees fell for a social engineering scam. GoDaddy said the outage between 7:00 p.m. and 11:00 p.m. PST on Nov.

Cryptocurrency 364

Cryptocurrency Scams Social Engineering VPN 364

Malwarebytes

APRIL 1, 2025

One of the pitfalls the IRS warns about is bad tax advice provided on social media, as submitting false information to the IRS could land you in serious trouble. And, although these scams do appear year-round, tax season is when they reach their peak level. The other big type of scams are phishing emails, like we saw above.

Scams 138

Scams Phishing Artificial Intelligence Social Engineering 138

SecureWorld News

MAY 9, 2025

The method, known as "ClickFix," leverages social engineering to bypass traditional email-based defenses. The LOSTKEYS malware shows how attackers are getting smarter at tricking people and sneaking past basic security tools, especially by using fake websites and social engineering to get users to run harmful scripts," said J.

Malware 84

Malware Social Engineering Government Engineering 84

Security Affairs

MAY 17, 2025

The financially motivated group UNC3944 (also known as Scattered Spider , 0ktapus ) is known for social engineering and extortion. Google experts state that UNC3944 targets sectors like Tech, Telecom, Finance, BPO, Gaming, Retail, and Media, focusing on large enterprises in English-speaking countries, plus India and Singapore.

Retail 68

Retail Social Engineering Cybercrime Financial Services 68