CyberheistNews Vol 16 #19 Crafty Criminals Continue to Pose as Help Desks in Social Engineering Attacks

Researchers report a campaign (tracked as UNC6692) that impersonates IT helpdesks via Microsoft Teams to phish credentials with a “double-entry” phishing page and deploy custom malware and a malicious browser extension; separate reporting describes vishing-enabled extortion by CL-CRI-1116 that can bypass MFA and enable lateral movement and exfiltration, while deepfake-driven fraud is credited with multibillion-dollar losses—overall the newsletter highlights active social-engineering-driven intrusion campaigns, credential theft, and organized fraud.