Netcrook
Security Awareness & Social Engineering
Fewer Phish, Better Hooks: How AI Is Rewriting the Attack Math
A drop in phishing volume does not mean less danger when attackers are using AI to make each lure more convincing.
SniperDz Turns Brand Trust Into a Phishing Assembly Line
A phishing-for-hire platform is being used to copy trusted identities and push fake promotional lures at users across the Middle East and North Africa.
Security Teams Are Spending More on AI Training - The Real Bottleneck Is Time
Enterprises are putting more money into security education around AI and other critical topics, but the hardest problem may be getting employees enough uninterrupted time to learn.
Valve Cuts a Physical Payment Path That Scammers Learned to Love
Retail Steam gift cards are being retired, while digital cards stay in play - a small product change that highlights how fraud crews often target the easiest trust channel, not the most complex system.
When Phishing Becomes a Service, the Browser Turns Into the Crime Scene
Campaigns tied to a SniperDz label show how brand spoofing, social lures, and browser-level tricks can turn everyday browsing into a repeatable fraud pipeline.
When a Voice Can Be Forged, City Hall Becomes a Target
Deepfakes are no longer only a media problem: in digital government, they can turn identity, approvals, and trust into attack surfaces.
When a Viral Tutorial Turns Into a Download Trap
Short-form video can do more than sell a trend - it can move a user from curiosity to an unsafe installer in a few taps.
Tax Emails, Hidden Payloads: Why a Windows Inbox Can Become a Memory-Only Crime Scene
A tax lure is only the first move; the harder part for defenders is the kind of malware that may run in memory and leave fewer clues on disk.
The Hidden Attack Surface Before Kickoff
A pre-2026 World Cup warning centers on exposed public data across parts of the event ecosystem, showing how large sponsorship networks can become security risk multipliers.
When “Free Premium” Clips Become a Trapdoor
Short-form videos on TikTok and Instagram Reels are being used to push fake software offers and steer viewers toward malicious download sites, turning casual entertainment into a social-engineering funnel.
World Cup Tickets and the Scam Economy Around Big Games
When demand spikes for a global tournament, so does fraud: the risk is not just losing money, but trusting the wrong seller under time pressure.
Fake Browser Windows Are Turning Microsoft Sign-Ins Into a Trap
A BitB phishing campaign is using in-page browser mimicry and spoofed OAuth prompts to make Microsoft 365 logins look legitimate at a glance.
BitB Phishing Pushes Microsoft 365 Users Into a Dangerous Login Illusion
A phishing campaign is using Browser-in-the-Browser styling to target Microsoft 365 credentials, turning ordinary sign-in habits into the attacker’s main entry point.
WhatsApp’s Quiet Scam Shield Signals a New Privacy Tradeoff
Meta is developing “Scam Alert” for WhatsApp as an on-device feature that can spot suspicious behavior without reading message content.
Fake Travel Sites Turn Booking Urgency into a Fraud Trap
A Polizia Postale alert about counterfeit travel-agency websites highlights a simple but effective scam model: impersonation, urgency, and a convincing booking flow.
Fake AI Logins Are the New Front Door for Credential Thieves
Attackers are leaning on the trust attached to familiar AI brands, steering users from search results and ads into counterfeit sign-in pages built to collect credentials.
AI Brand Masks Are Turning Familiar Logins Into Phishing Traps
Impersonation of ChatGPT, Claude, and DeepSeek shows how attackers can turn trusted AI branding into credential theft, payment fraud, and possible malware lures without breaching the platforms themselves.
When a Familiar Voice Becomes a Fraud Tool
AI-assisted impersonation is pushing companies to confront a hard truth: identity cues such as a face, voice, or name are no longer enough to authorize sensitive action.
When Phishing Becomes a Content Factory, SOC Triage Becomes the Real Target
AI is not just helping attackers write better lures - it is turning phishing into a higher-volume workflow that can swamp Tier 1 review.
When the Breach Starts with a Voice Call, Firewalls Arrive Too Late
A U.S. extortion campaign attributed to UNC3753 shows how social engineering and physical access can turn trust, not malware, into the main attack path.