Ransomware Thugs Masquerade as Interpol to Entice Small Biz
The ransomware campaign relies on basic social engineering and stretches across multiple regions, including the US, Europe, Middle East, and elsewhere.
Social engineering manipulates people into revealing access or approving actions, causing compromise; verify requests and enforce least privilege.
Search across headline titles and summaries.
Background for this topic.
Social engineering is the deliberate manipulation of people into disclosing information, bypassing a control, or performing an action for an attacker. It commonly uses phishing, voice or text messages, impersonation, pretexting, and physical access attempts. In a threat model, the attacker targets trust, urgency, authority, or helpfulness rather than exploiting software directly. Successful deception can expose credentials or personal data, authorize fraudulent payments, enable malware delivery, or provide an initial foothold for account or network compromise.
Effective defenses make sensitive requests independently verifiable and limit the damage of a mistake. Use phishing-resistant multi-factor authentication where practical, least-privilege access, and approval or call-back procedures for payments, password resets, and changes to account or banking details. Staff should have a simple way to report suspected messages without penalty; security teams can then investigate related accounts, messages, and login activity, revoke exposed credentials, and contain follow-on access. Awareness training helps people recognize pretexts, but should reinforce these technical and procedural controls rather than rely on vigilance alone.
Weekly headline count for the current query.
The ransomware campaign relies on basic social engineering and stretches across multiple regions, including the US, Europe, Middle East, and elsewhere.
Researchers say the highly effective social engineering technique is no longer the exception for malware attacks — it's now the rule.
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social engineering and obsfucation, including blockchain abuse.
Persistent cybercrime, social engineering, and infrastructure threats continue to plague the FIFA 2026 World Cup across the US, Canada, and Mexico.
AI-native operating systems are shifting the responsibility to stay vigilant against social engineering cyberattacks from the user onto the system itself.
Cyber insurance coverage is slowly changing, and some policies may not provide coverage for social engineering attacks like ClickFix.
A prompt injection flaw in Google Gemini's voice assistant let attackers hide malicious commands in notifications, enabling social engineering and more.
Ransomware and vendor breaches persist. The "2026 Data Breach Investigations Report" (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable.
The SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to Apple script-based execution.
More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware.
A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged campaign.
The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns.
A new service on the cybercrime market provides automated capabilities to create persistent information-stealing social engineering attacks.
Credential theft soared in the second half of 2025, thanks in part to the industrialization of infostealer malware and AI-enabled social engineering.
A social engineering campaign impersonating PayPal and Amazon uses customer support interactions to acquire sensitive info.
With access to SIM, location data, and a preview of recent SMSes, attackers have everything they need for account takeover or targeted social engineering.
Iranian threat actors have been stealing credentials from people of interest across the Middle East, using spear-phishing and social engineering.
The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a Python-based RAT.
Threat actors are using the social engineering technique and a legitimate Microsoft tool to deploy the DCRat remote access Trojan against targets in the hospitality sector.
A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install malware on victims' computers.