Search Results: SocialEngineering

Cybercriminals are weaponizing TikTok with deceptive 'activation guide' videos that trick users into executing PowerShell commands, delivering Aura Stealer malware. This ClickFix attack campaign steals credentials, cookies, and crypto wallets while evolving with secondary payloads that execute in memory. Security experts warn this social engineering tactic represents a dangerous shift in malware distribution targeting both consumers and developers.

The FTC reports a record $700 million lost by Americans aged 60+ to online scams in 2024, a sixfold increase from 2020 driven by tech-based impersonation and social engineering. Scammers exploited trust gaps and digital illiteracy, devastating life savings through fake crises and fraudulent calls. This underscores a critical cybersecurity crisis demanding urgent industry and educational reforms.

French luxury giant Chanel confirms its US customer contact data was stolen, becoming the latest high-profile victim in a relentless wave of attacks targeting Salesforce instances. The ShinyHunters extortion group is exploiting employee vishing attacks to compromise credentials or install malicious OAuth apps, bypassing platform security. This breach underscores a critical vulnerability in cloud service dependencies: the human element.

A deep dive into the ClickFix social engineering attack reveals how threat actors manipulate browser clipboards to execute malware. We examine its evolution into FileFix and why browser-native defenses are becoming critical infrastructure for enterprise security.

Cleaning product giant Clorox has filed a lawsuit against IT contractor Cognizant, alleging that help desk workers repeatedly handed over login credentials to hackers in a 2023 breach that caused $380 million in damages. The attack, enabled by ignored password policies and social engineering, crippled operations and exposes critical risks in outsourced IT security.

Consumer goods giant Clorox has filed a $380 million lawsuit against IT services provider Cognizant, alleging gross negligence after hackers tricked its help desk into resetting credentials without verification. The breach, linked to Scattered Spider actors, paralyzed Clorox's operations for weeks, causing massive product shortages. This case exposes critical vulnerabilities in third-party IT service security and the devastating ripple effects of social engineering.