Social Engineering

PTA Alert on the Increase in Fraud and Hacking on WhatsApp Pakistan Telecommunication Authority (PTA) has issued an alert to mobile users regarding the increasing number of hacking and cyber fraud incidents through WhatsApp. Scammers are using social engineering tactics to trick people into gaining access to sensitive personal information, which can result in financial losses and misuse of victims’ accounts. The PTA urges users to remain vigilant and implement security measures to protect against these threats. Criminals often take advantage of victims’ trust, making scams seem urgent and legitimate in order to manipulate them. ...

CTM360 has identified a rapidly expanding WhatsApp account hacking campaign, internally called HackOnChat. This campaign uses a network of deceptive authentication portals and phishing pages to target users around the world. Attackers exploit WhatsApp’s familiar web interface and employ social engineering tactics to trick users into compromising their accounts. CTM360’s research revealed thousands of malicious URLs hosted on low-cost domains and generated quickly by modern website building platforms, allowing attackers to deploy new pages at scale. A notable increase in incidents has been observed in recent weeks, especially in the Middle East and Asia. ...

Food delivery service DoorDash has confirmed that it suffered a data breach in October 2025, where some customers’ personal information was accessed. The company detailed that the incident was the result of a social engineering scam targeting one of its employees. Details of the Data Breach DoorDash informed customers via email about the incident, providing details about the compromised information: Data affected: Names, phone numbers, physical addresses and email details. Data NOT affected: The company highlighted that confidential information, such as social security numbers, driver’s licenses or bank card and payment information, was not accessed. So far, DoorDash has stated that there is no indication that the data has been misused for fraud or identity theft. ...