Social Engineering stories

Experts warn organisations are still exposed as password reuse, phishing and weak access governance persist despite growing push for passkeys and MFA.

Industrial manufacturing heads Digitain's cyber risk index, with healthcare and information technology close behind as attacks, breaches and ransomware mount.

Leak-site posts surge 22% to 2,638 in Q1 2026 as ReliaQuest flags The Gentlemen's rise, fake claims and shifting extortion tactics.

One click can trigger ransomware, but modern Zero Trust access and cloud-delivered controls can stop malicious links and files from causing a breach.

Norton warns travellers that scammers are using real hotel reservation data to send convincing payment demands through trusted apps and emails.

Bitdefender urges journalists to harden phones, accounts and source contacts against phishing, spyware, impersonation and AI-linked leaks.

Infoblox says counterfeit verification prompts are being used to trick users into sending premium texts, creating recurring SMS charges and telecom losses.

Keeper Security launches Verify Mode for enterprise browser extension, warning users before passwords are entered on suspicious sites to curb phishing logins.

KnowBe4 honours APJ partners in Singapore, with SSS Cybersecurity Specialists named regional winner as Australia, Thailand and Japan firms also recognised.

Barracuda links surge in device code phishing attacks to EvilTokens kit as criminals exploit Microsoft 365 logins and bypass multifactor checks.

VIPRE says cyber criminals are increasingly abusing trusted services like Cloudflare, Microsoft and TestFlight to dodge email security filters.

Everywhen warns businesses and consumers to check web addresses, padlocks and browser alerts as fake sites fuel rising cyber fraud risk.

Universities face a more varied cyber onslaught, with data breaches, hacktivism and ransomware surging as researchers draw nation-state attention.

Proofpoint warns that 36% of FIFA World Cup 2026 commercial partners still lack the strongest DMARC settings, leaving fans exposed to spoofed emails.

KnowBe4 and Synthesia launch AI avatar videos for security training, letting firms create, revise and localise content faster across 130 languages.

Anthropic is to give UK banks controlled access to its Mythos AI model, as financial firms brace for a new era of autonomous cyber threats.

Appdome unveils mobile API defence that checks app, device and session identity before granting access, targeting bot abuse and takeover attacks.

Ecommpay urges eCommerce overhaul as fraud report says current controls miss social engineering, distort competition and leave merchants exposed.

Rue Gilt Groupe brings Riskified identity scoring into Zendesk as retailers race to stop refund abuse without slowing customer service.

ReliaQuest says suspected former Black Basta operators are bombarding staff with emails and posing as IT support in Microsoft Teams to reach senior executives.