Skip to content
The Nexus
DossierENTITY

social engineering

Coverage of social engineering in the Nexus archive.

Earliest in view: Apr 6 · 20:55 UTCMost recent: Jul 7 · 17:45 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJul 7 · 17:45 UTCMALWAREBYTES LABS
    How the Reddit and Discord false report scam steals accounts

    Scammers on Reddit and Discord use social engineering to trick users into sharing login or verification codes by falsely claiming they were involved in a report. The scam involves fake emails, urgent countdowns, and threats of account suspension to pressure victims into complying.

  • SECURITYJul 5 · 21:22 UTCR/SCAMS
    [US]Anyone heard of the "Merchant Services" scam? And if so, what are they trying to do?

    A business receives daily scam calls from individuals impersonating 'Merchant Services' to request sensitive information about a non-existent merchant account. Callers use spoofed caller IDs and attempt to deceive employees into divulging details, though no legitimate account or personnel exist. The scam appears designed to exploit potential vulnerabilities through social engineering.

  • SECURITYJun 26 · 13:10 UTCRECORDED FUTURE NEWS
    Russia used social engineering to breach prominent messaging accounts, Ukraine says

    Ukraine's SBU reported a Russian cyber operation using fake tech-support workers to steal credentials for messaging apps. The breach involved social engineering tactics targeting messaging account access.

  • SECURITYJun 16 · 11:45 UTCTHE REGISTER
    Cardiac monitor maker's security skips a beat as data thieves go for the jugular

    iRhythm, a California-based cardiac monitoring company, confirmed a data breach where cybercriminals stole patient health information and proprietary data. Attackers demanded payment to avoid public disclosure, though the breach did not affect clinical systems or patient care. The incident was attributed to social engineering, and the company has cyber insurance to cover potential losses.

  • SECURITYJun 8 · 18:40 UTCBLEEPING COMPUTER
    WhatsApp says it disrupted new NSO spyware phishing attacks

    WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks.

  • POLITICSJun 7 · 04:01 UTCTHE HINDU NATIONAL
    TDP announces three candidates for Rajya Sabha elections

    The TDP has announced three candidates for the Rajya Sabha elections, emphasizing social engineering, dedication, loyalty to the party, and the promotion of young leadership as key criteria for selection.

  • SECURITYJun 3 · 12:01 UTCDARK READING
    Malicious Notifications Could Trick Google Gemini Users

    A prompt injection flaw in Google Gemini's voice assistant allowed attackers to hide malicious commands in notifications, enabling social engineering and other attacks. The vulnerability could trick users through deceptive notifications, exploiting the assistant's processing of input.

  • SECURITYJun 2 · 09:52 UTCNBC6 SOUTH FLORIDA
    Carnival data breach exposes personal information of nearly 6 million cruise passengers

    Carnival Cruise Line experienced a data breach affecting nearly 6 million passengers, exposing personal information such as names, addresses, and government-issued IDs. The breach, discovered on April 14 via a social engineering attack, led to free credit monitoring for impacted individuals and enhanced security measures by the company.

  • SECURITYMay 27 · 20:38 UTCDARK READING
    Ransomware Actors Show Up In Person to Steal Law Firm Data

    The FBI has issued a warning about the ransomware group Silent Ransom Group targeting law firms through social engineering tactics to infiltrate servers and databases. The group is stealing sensitive data and demanding ransoms, highlighting a growing threat to legal institutions.

  • SECURITYMay 27 · 16:34 UTCBITCOIN MAGAZINE
    Casa Launches Four Security Features to Combat Rising Social Engineering Attacks on Bitcoin Holders

    Casa, a Bitcoin security firm, has launched four new security features to combat social engineering attacks, which accounted for the majority of crypto theft in 2025. The features include Guardian Mode, address whitelisting, suspicious account activity monitoring, and phone call detection, aimed at preventing unauthorized access and phishing attacks.

  • SECURITYMay 27 · 14:33 UTCRECORDED FUTURE NEWS
    FBI warns extortion hackers are visiting US law firms to steal data

    The FBI issued a public advisory warning that a hacking group is targeting US law firms through social engineering tactics to gain remote access and steal data. The attack method involves exfiltrating corporate system information, highlighting a growing cybersecurity threat.

  • SECURITYMay 22 · 13:17 UTCDARK READING
    Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks

    Verizon's 2026 Data Breach Investigations Report reveals that the healthcare sector faces escalating social engineering attacks despite efforts to defend against them. While ransomware and vendor breaches remain persistent threats, the report highlights that evolving social engineering tactics are creating new vulnerabilities in the healthcare industry.

  • SECURITYMay 12 · 19:40 UTCBLEEPING COMPUTER
    Signal adds security warnings for social engineering, phishing attacks

    Signal has introduced new security measures to protect against phishing and social engineering attacks. These measures include in-app confirmations and warning messages. The goal is to prevent various forms of fraud.

  • SECURITYApr 30 · 16:47 UTCR/CRYPTOCURRENCY
    This April We Saw $805 Million Lost in DeFi Hacks

    In April, $805 million was lost through DeFi hacks targeting platforms like Kelp Dao, Drift Protocol, and Grinex. Attacks involved methods such as social engineering and domain hijacking, with North Korea-backed Lazarus Group suspected as the primary threat actor.

  • SECURITYApr 27 · 20:12 UTCDARK READING
    UNC6692 Combines Social Engineering, Malware, Cloud Abuse

    A new threat actor named UNC6692 is leveraging Microsoft Teams, AWS S3 buckets, and custom 'Snow' malware in a coordinated campaign combining social engineering, malware, and cloud infrastructure abuse.

  • SECURITYApr 27 · 16:26 UTCR/CRYPTOMARKETS
    Deepfake Call Tricks Cardano Dev, Exposes New Weak Spot

    A deepfake phone call successfully tricked a Cardano developer, exposing a new security vulnerability in the cryptocurrency's infrastructure. The incident highlights the risks of social engineering attacks targeting blockchain developers.

  • SECURITYApr 25 · 15:07 UTCBLEEPING COMPUTER
    Threat actor uses Microsoft Teams to deploy new “Snow” malware

    A threat group named UNC6692 is using social engineering to deploy a new malware suite called 'Snow' through Microsoft Teams. The malware includes a browser extension, a tunneler, and a backdoor.

  • SECURITYApr 25 · 09:28 UTCTHE REGISTER
    Crime crew impersonates help desk, abuses Microsoft Teams to steal your data

    A previously unknown threat group is using Microsoft Teams chat invitations and helpdesk staff impersonation to deploy custom Snow malware in data-stealing attacks, as reported by Google's Threat Intelligence Group.

  • SECURITYApr 25 · 03:44 UTCKTLA 5
    SoCal man who laundered $263M in stolen crypto, lived 'fantastically extravagant' lifestyle, sentenced to prison

    A 22-year-old Newport Beach man, Evan Tangeman, was sentenced to 70 months in prison for laundering $263 million in stolen cryptocurrency to fund an extravagant lifestyle. The U.S. Attorney Jeanine Pirro stated he used an elaborate social engineering scheme orchestrated by a multi-state criminal enterprise.

  • SECURITYApr 23 · 21:38 UTCTHE REGISTER
    Dev targeted by sophisticated job scam: 'I let my guard down, and ran the freaking code'

    A developer fell victim to a sophisticated job scam involving a realistic-looking website, video interviews, and malicious code disguised as a technical test. The scam began with a LinkedIn message and used social engineering tactics to trick the victim into executing harmful code.

  • SECURITYApr 16 · 18:20 UTCTHE REGISTER
    North Korea targets macOS users in latest heist

    North Korean criminals are using social engineering and a fake Zoom software update to steal macOS users' credentials and cryptocurrency. Microsoft reported that the malware requires users to manually run it, exploiting the difficulty of patching such attacks.

  • SECURITYApr 16 · 14:09 UTCBLEEPING COMPUTER
    New ATHR vishing platform uses AI voice agents for automated attacks

    A new cybercrime platform called ATHR uses AI voice agents and human operators to conduct automated voice phishing attacks, harvesting user credentials through social engineering. The platform combines AI-driven and human-led tactics to enhance the effectiveness of its attacks.

  • SECURITYApr 16 · 10:20 UTCTHE HACKER NEWS
    Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

    A novel social engineering campaign is exploiting Obsidian, a note-taking app, to deliver PHANTOMPULSE RAT, a previously undocumented Windows remote access trojan targeting financial and cryptocurrency sector individuals. Elastic Security Labs has labeled the activity as REF6598, highlighting its use of Obsidian plugins as an initial access vector.

  • SECURITYApr 13 · 09:15 UTCTHE HACKER NEWS
    North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

    North Korea's hacking group APT37 (ScarCruft) conducted a social engineering campaign via Facebook, using friend requests to deliver RokRAT malware. The multi-stage attack exploited trust-building on the platform to deploy a remote access trojan.

  • SECURITYApr 6 · 20:55 UTCDARK READING
    Axios Attack Shows Complex Social Engineering Is Industrialized

    The Axios NPM package attack exemplifies industrialized social engineering tactics targeting maintainers. Threat actors are scaling sophisticated campaigns to compromise software packages and infrastructure.

social engineering · Dossier · The Nexus