Tag

#Social Engineering

4 articles covering Social Engineering across campaign analysis, detection engineering, and defender tradecraft.

Coverage

4 entries

Field Analysis

Dual UseCampaign AnalysisMay 31, 20266 min read

Ghost CMS ClickFix Wave Turns Trusted Sites Into Paste-and-Run Staging

A reported exploitation wave against Ghost CMS pushed malicious JavaScript onto more than 700 sites, sending visitors into fake verification flows that used ClickFix-style paste-and-run instructions.

By PhishPond Desk

Field Analysis

Blue TeamCampaign AnalysisMay 31, 20267 min read

Phishing the Recovery Key: Fake Signal Support Goes After Encrypted Backups

A phishing wave impersonating Signal Support pressures targets to hand over the 64-character recovery key that protects their encrypted backups, harvesting a secret directly inside the trusted app with no link to detonate.

Compliance Lures Are Becoming Multi-Stage AiTM Token Traps

Recent code-of-conduct phishing campaigns show how attackers blend HR pressure, PDF staging, CAPTCHA gates, and AiTM flows to steal session tokens.

By PhishPond Desk

Field Analysis

Red TeamCampaign AnalysisApr 24, 20269 min read

Approval Fatigue Becomes the New Credential Theft Front Door

Attackers are blending push prompts, urgent collaboration lures, and identity fatigue to move users from suspicion to accidental approval.

By PhishPond Desk

#Social Engineering

Coverage

Browse Other Tags