Social Engineering Leveled Up. Has Your Security Program?

This Huntress report outlines how modern social engineering has evolved to exploit trusted identities, platforms, and workflows—highlighting AI-driven impersonation, search/AI result poisoning, and a PHaaS campaign (EvilTokens using Railway) that performs device-code phishing to obtain persistent Microsoft session tokens, alongside macOS AMOS infostealer incidents—and recommends shifting from prevention-only approaches to resilience centered on identity/behavior visibility, rapid response, and clear ownership.