Report Surfaces Multiple Novel Social Engineering Tactics and Techniques
None
<p>A <a href="https://threatresearch.ext.hp.com/hp-wolf-security-threat-insights-report-september-2025/" target="_blank" rel="noopener">report</a> published today by HP Inc. suggests that the tactics and techniques cybercriminals are using to evade detection are becoming more sophisticated.</p><p>The latest quarterly report from the HP Threat Research Team finds, for example, cybercriminals in Colombia are sending legal warnings via emails that direct users to a fake government website, which surfaces a Scalable Vector Graphics (SVG) file to display an auto-scroll animation guiding them to a “one-time password” that results in malware being downloaded into their system.</p><p>The report also notes the discovery of a fake Adobe-branded PDF that redirects users to a fraudulent site that then pretends to update their PDF reader software. Instead, it installs a modified executable of a ScreenConnect remote access tool that connects back to servers that can be used to take control of the device.</p><p>The report also details how threat actors hosted a malicious payload on Discord servers to deliver malware in a way that bypasses the Memory Integrity protection feature of Windows 11. It then installs Phantom Stealer, a subscription-based infostealer that is widely made available on multiple illicit marketplaces.</p><p>Additionally, the report finds that more than half (57%) of the top strains of malware discovered in the third quarter were information stealers, a type of malware that typically also has cookie theft capabilities. Rather than stealing passwords or bypassing multi-factor authentication (MFA), attackers are hijacking cookies to gain access to systems and applications.</p><p>Finally, the report finds that at least 11% of email threats identified by HP Sure Click bypassed one or more email gateway scanners.</p><p>Alex Holland, senior malware analyst for HP Security Lab, said, in general, the attacks are all examples of more sophisticated social engineering techniques using, for example, an SVG file to trick an end user into downloading software that they then use to gain access. Usually, that involves creating some sense of urgency that results in an end user downloading some type of malicious payload, he added. It’s now only a matter of time before similar attacks using SVG files are discovered outside of Colombia, he added.</p><p>The challenge is that as these attacks become more sophisticated and realistic, end-user training is becoming less effective, noted Holland. The social engineering tactics and techniques being employed can only be discovered by cybersecurity teams that have the necessary tools, he said.</p><p>Hopefully, artificial intelligence (AI) tools will soon make it easier to discover and prevent these attacks. In the meantime, however, cybersecurity teams are, as always, going to be engaged in a game of whack-a-mole. Every time they find a way to thwart one attack, the tactics and techniques being employed by cybercriminals evolve.</p><p>In the meantime, cybersecurity teams should expect the number of incidents involving <a href="https://securityboulevard.com/2025/11/in-an-ai-world-every-attack-is-a-social-engineering-attack/" target="_blank" rel="noopener">some type of social engineering attack</a> to, at least for the foreseeable future, continue to increase, especially as cybercriminals make use of AI to create attacks that are going to be nearly impossible for most end users to detect.</p><p>In fact, organizations, whether they realize it or not, are now engaged in an AI cybersecurity arms race that is only going to intensify in the months and years ahead.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2025/12/report-surfaces-multiple-novel-social-engineering-tactics-and-techniques/" data-a2a-title="Report Surfaces Multiple Novel Social Engineering Tactics and Techniques"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Freport-surfaces-multiple-novel-social-engineering-tactics-and-techniques%2F&linkname=Report%20Surfaces%20Multiple%20Novel%20Social%20Engineering%20Tactics%20and%20Techniques" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Freport-surfaces-multiple-novel-social-engineering-tactics-and-techniques%2F&linkname=Report%20Surfaces%20Multiple%20Novel%20Social%20Engineering%20Tactics%20and%20Techniques" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Freport-surfaces-multiple-novel-social-engineering-tactics-and-techniques%2F&linkname=Report%20Surfaces%20Multiple%20Novel%20Social%20Engineering%20Tactics%20and%20Techniques" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Freport-surfaces-multiple-novel-social-engineering-tactics-and-techniques%2F&linkname=Report%20Surfaces%20Multiple%20Novel%20Social%20Engineering%20Tactics%20and%20Techniques" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Freport-surfaces-multiple-novel-social-engineering-tactics-and-techniques%2F&linkname=Report%20Surfaces%20Multiple%20Novel%20Social%20Engineering%20Tactics%20and%20Techniques" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div>