Social Engineering

CTM360 has identified a rapidly expanding WhatsApp account hacking campaign, internally called HackOnChat. This campaign uses a network of deceptive authentication portals and phishing pages to target users around the world. Attackers exploit WhatsApp’s familiar web interface and employ social engineering tactics to trick users into compromising their accounts. CTM360’s research revealed thousands of malicious URLs hosted on low-cost domains and generated quickly by modern website building platforms, allowing attackers to deploy new pages at scale. A notable increase in incidents has been observed in recent weeks, especially in the Middle East and Asia. ...

Food delivery service DoorDash has confirmed that it suffered a data breach in October 2025, where some customers’ personal information was accessed. The company detailed that the incident was the result of a social engineering scam targeting one of its employees. Details of the Data Breach DoorDash informed customers via email about the incident, providing details about the compromised information: Data affected: Names, phone numbers, physical addresses and email details. Data NOT affected: The company highlighted that confidential information, such as social security numbers, driver’s licenses or bank card and payment information, was not accessed. So far, DoorDash has stated that there is no indication that the data has been misused for fraud or identity theft. ...