Social Engineering

Meta Shuts Down 150K Accounts Tied to Southeast Asia Scam Centers in Global Crackdown

Meta has disabled more than 150,000 accounts connected to scam centers in Southeast Asia, part of a coordinated global effort involving authorities from Thailand, the U.S., the U.K., Canada, Korea, Japan, Singapore, the Philippines, Australia, New Zealand, and Indonesia. The crackdown also led to 21 arrests by the Royal Thai Police. This action follows a […]

Meta Shuts Down 150K Accounts Tied to Southeast Asia Scam Centers in Global Crackdown Read More »

Starkiller Phishing Kit Leverages AiTM Reverse Proxy to Evade Multi Factor Authentication

Cybersecurity researchers have uncovered a powerful new phishing toolkit named Starkiller that leverages adversary in the middle technology to bypass multi factor authentication protections. The phishing suite is being promoted by a cybercrime group calling itself Jinkusu. It is marketed as a phishing as a service platform that provides subscribers with a centralized dashboard to

Starkiller Phishing Kit Leverages AiTM Reverse Proxy to Evade Multi Factor Authentication Read More »

Meta Files Lawsuits Against Brazil, China, and Vietnam Advertisers Over Celebrity Bait Scams

Meta has announced a sweeping legal campaign aimed at disrupting fraudulent advertising operations running across its platforms. The company confirmed it has filed lawsuits against advertisers located in Brazil, China, and Vietnam who allegedly orchestrated large scale celebrity bait scams and deceptive ad schemes. According to Meta, the enforcement action includes suspending payment methods, shutting down related advertising accounts,

Meta Files Lawsuits Against Brazil, China, and Vietnam Advertisers Over Celebrity Bait Scams Read More »

SLH Offers $500 to $1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks

The cybercrime collective Scattered LAPSUS$ Hunters (SLH) has been reported recruiting women to execute voice phishing (vishing) attacks against IT help desks. According to Dataminr, the group is offering $500–$1,000 per call and supplying pre-written scripts to maximize the chances of success. The initiative reflects a shift in social engineering tactics, leveraging the assumption that female voices may

SLH Offers $500 to $1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks Read More »

Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Scheme

A 29 year old Ukrainian citizen has been sentenced to five years in a U.S. federal prison for helping facilitate North Korea’s fraudulent IT worker operation that infiltrated dozens of American companies. Oleksandr “Alexander” Didenko pleaded guilty in November 2025 to wire fraud conspiracy and aggravated identity theft. Authorities say he stole the identities of

Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Scheme Read More »

INTERPOL Operation Red Card 2.0 Leads to 651 Arrests in African Cybercrime Crackdown

An international cybercrime operation targeting online scams has resulted in 651 arrests and the recovery of over $4.3 million, coordinated by law enforcement agencies from 16 African countries. The initiative, named Operation Red Card 2.0, ran from December 8, 2025 to January 30, 2026, focusing on high-yield investment scams, mobile money fraud, and fraudulent mobile

INTERPOL Operation Red Card 2.0 Leads to 651 Arrests in African Cybercrime Crackdown Read More »

CRESCENTHARVEST Campaign Targets Iran Protest Supporters with RAT Malware

Cybersecurity researchers have uncovered a new cyber espionage campaign, dubbed CRESCENTHARVEST, that appears to target individuals supporting ongoing protests in Iran. The operation is designed to deploy a remote access trojan, RAT, capable of long term surveillance, credential theft, and sensitive data exfiltration. Security analysts warn that the campaign reflects a broader pattern of nation

CRESCENTHARVEST Campaign Targets Iran Protest Supporters with RAT Malware Read More »

Microsoft Identifies “Summarize with AI” Prompts Manipulating Chatbot Recommendations

Microsoft has identified a new tactic used by legitimate businesses to influence artificial intelligence chatbot responses through so-called “Summarize with AI” buttons embedded on websites. The technique mirrors traditional search engine optimization abuse but targets AI systems instead of search rankings. The research, conducted by the Microsoft Defender Security Research Team, describes the method as AI Recommendation

Microsoft Identifies “Summarize with AI” Prompts Manipulating Chatbot Recommendations Read More »

Snail Mail Campaign Targets Trezor and Ledger Users in Cryptocurrency Theft Attacks

Cybercriminals have launched a new wave of cryptocurrency phishing attacks by sending physical letters to users of Trezor and Ledger hardware wallets. The fraudulent mail is designed to trick recipients into revealing their wallet recovery phrases, ultimately enabling attackers to steal digital assets. QR Code Scam Delivered by Post Unlike traditional email phishing, this campaign

Snail Mail Campaign Targets Trezor and Ledger Users in Cryptocurrency Theft Attacks Read More »

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Organizations

Security researchers have revealed that North Korean cyber operatives are increasingly targeting global companies by impersonating legitimate professionals on LinkedIn. The threat actors are applying for remote roles using real LinkedIn accounts, often tied to verified email addresses and identity badges, to make their applications appear authentic. This long-running campaign, tracked as Jasper Sleet, PurpleDelta, and Wagemole,

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Organizations Read More »