social engineering
Coverage of social engineering in the Nexus archive.
- How the Reddit and Discord false report scam steals accounts
Scammers on Reddit and Discord use social engineering to trick users into sharing login or verification codes by falsely claiming they were involved in a report. The scam involves fake emails, urgent countdowns, and threats of account suspension to pressure victims into complying.
- [US]Anyone heard of the "Merchant Services" scam? And if so, what are they trying to do?
A business receives daily scam calls from individuals impersonating 'Merchant Services' to request sensitive information about a non-existent merchant account. Callers use spoofed caller IDs and attempt to deceive employees into divulging details, though no legitimate account or personnel exist. The scam appears designed to exploit potential vulnerabilities through social engineering.
- Russia used social engineering to breach prominent messaging accounts, Ukraine says
Ukraine's SBU reported a Russian cyber operation using fake tech-support workers to steal credentials for messaging apps. The breach involved social engineering tactics targeting messaging account access.
- Cardiac monitor maker's security skips a beat as data thieves go for the jugular
iRhythm, a California-based cardiac monitoring company, confirmed a data breach where cybercriminals stole patient health information and proprietary data. Attackers demanded payment to avoid public disclosure, though the breach did not affect clinical systems or patient care. The incident was attributed to social engineering, and the company has cyber insurance to cover potential losses.
- WhatsApp says it disrupted new NSO spyware phishing attacks
WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks.
- TDP announces three candidates for Rajya Sabha elections
The TDP has announced three candidates for the Rajya Sabha elections, emphasizing social engineering, dedication, loyalty to the party, and the promotion of young leadership as key criteria for selection.
- Malicious Notifications Could Trick Google Gemini Users
A prompt injection flaw in Google Gemini's voice assistant allowed attackers to hide malicious commands in notifications, enabling social engineering and other attacks. The vulnerability could trick users through deceptive notifications, exploiting the assistant's processing of input.
- Carnival data breach exposes personal information of nearly 6 million cruise passengers
Carnival Cruise Line experienced a data breach affecting nearly 6 million passengers, exposing personal information such as names, addresses, and government-issued IDs. The breach, discovered on April 14 via a social engineering attack, led to free credit monitoring for impacted individuals and enhanced security measures by the company.
- Ransomware Actors Show Up In Person to Steal Law Firm Data
The FBI has issued a warning about the ransomware group Silent Ransom Group targeting law firms through social engineering tactics to infiltrate servers and databases. The group is stealing sensitive data and demanding ransoms, highlighting a growing threat to legal institutions.
- Casa Launches Four Security Features to Combat Rising Social Engineering Attacks on Bitcoin Holders
Casa, a Bitcoin security firm, has launched four new security features to combat social engineering attacks, which accounted for the majority of crypto theft in 2025. The features include Guardian Mode, address whitelisting, suspicious account activity monitoring, and phone call detection, aimed at preventing unauthorized access and phishing attacks.
- FBI warns extortion hackers are visiting US law firms to steal data
The FBI issued a public advisory warning that a hacking group is targeting US law firms through social engineering tactics to gain remote access and steal data. The attack method involves exfiltrating corporate system information, highlighting a growing cybersecurity threat.
- Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks
Verizon's 2026 Data Breach Investigations Report reveals that the healthcare sector faces escalating social engineering attacks despite efforts to defend against them. While ransomware and vendor breaches remain persistent threats, the report highlights that evolving social engineering tactics are creating new vulnerabilities in the healthcare industry.
- Signal adds security warnings for social engineering, phishing attacks
Signal has introduced new security measures to protect against phishing and social engineering attacks. These measures include in-app confirmations and warning messages. The goal is to prevent various forms of fraud.
- This April We Saw $805 Million Lost in DeFi Hacks
In April, $805 million was lost through DeFi hacks targeting platforms like Kelp Dao, Drift Protocol, and Grinex. Attacks involved methods such as social engineering and domain hijacking, with North Korea-backed Lazarus Group suspected as the primary threat actor.
- UNC6692 Combines Social Engineering, Malware, Cloud Abuse
A new threat actor named UNC6692 is leveraging Microsoft Teams, AWS S3 buckets, and custom 'Snow' malware in a coordinated campaign combining social engineering, malware, and cloud infrastructure abuse.
- Deepfake Call Tricks Cardano Dev, Exposes New Weak Spot
A deepfake phone call successfully tricked a Cardano developer, exposing a new security vulnerability in the cryptocurrency's infrastructure. The incident highlights the risks of social engineering attacks targeting blockchain developers.
- Threat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group named UNC6692 is using social engineering to deploy a new malware suite called 'Snow' through Microsoft Teams. The malware includes a browser extension, a tunneler, and a backdoor.
- Crime crew impersonates help desk, abuses Microsoft Teams to steal your data
A previously unknown threat group is using Microsoft Teams chat invitations and helpdesk staff impersonation to deploy custom Snow malware in data-stealing attacks, as reported by Google's Threat Intelligence Group.
- SoCal man who laundered $263M in stolen crypto, lived 'fantastically extravagant' lifestyle, sentenced to prison
A 22-year-old Newport Beach man, Evan Tangeman, was sentenced to 70 months in prison for laundering $263 million in stolen cryptocurrency to fund an extravagant lifestyle. The U.S. Attorney Jeanine Pirro stated he used an elaborate social engineering scheme orchestrated by a multi-state criminal enterprise.
- Dev targeted by sophisticated job scam: 'I let my guard down, and ran the freaking code'
A developer fell victim to a sophisticated job scam involving a realistic-looking website, video interviews, and malicious code disguised as a technical test. The scam began with a LinkedIn message and used social engineering tactics to trick the victim into executing harmful code.
- North Korea targets macOS users in latest heist
North Korean criminals are using social engineering and a fake Zoom software update to steal macOS users' credentials and cryptocurrency. Microsoft reported that the malware requires users to manually run it, exploiting the difficulty of patching such attacks.
- New ATHR vishing platform uses AI voice agents for automated attacks
A new cybercrime platform called ATHR uses AI voice agents and human operators to conduct automated voice phishing attacks, harvesting user credentials through social engineering. The platform combines AI-driven and human-led tactics to enhance the effectiveness of its attacks.
- Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
A novel social engineering campaign is exploiting Obsidian, a note-taking app, to deliver PHANTOMPULSE RAT, a previously undocumented Windows remote access trojan targeting financial and cryptocurrency sector individuals. Elastic Security Labs has labeled the activity as REF6598, highlighting its use of Obsidian plugins as an initial access vector.
- North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
North Korea's hacking group APT37 (ScarCruft) conducted a social engineering campaign via Facebook, using friend requests to deliver RokRAT malware. The multi-stage attack exploited trust-building on the platform to deploy a remote access trojan.
- Axios Attack Shows Complex Social Engineering Is Industrialized
The Axios NPM package attack exemplifies industrialized social engineering tactics targeting maintainers. Threat actors are scaling sophisticated campaigns to compromise software packages and infrastructure.