Olivia
Online
Arsen Security
@arsen
๐ก๏ธ Security Awareness for the age of AI โ โจ AI-driven vishing, smishing, and phishing โ ๐
๐บ๐ธ USA ๐ฌ๐ง UK ๐ซ๐ท France
Joined March 2020
193 Following
359 Followers
286 Posts
Your most vulnerable attack surface is your team.
https://t.co/SawAXwakUh
MFA doesn't protect you if your users approve access themselves. Here's how attackers are hijacking @Microsoft365 & @Azure OAuth, and what to do about it. ๐งต
Follow-up training, personalized to what each employee actually did, completes the cycle. Not a generic module blasted to everyone. The right lesson, for the right person, at the right moment.
Crypto, blockchain, and DeFi companies operate in an environment of irreversible settlement, distributed counterparties, and fragmented security frameworks. That creates an ideal attack surface.
Attackers know it. So do we. Here's our solution:
https://t.co/xviQMHl1cs
Crypto, blockchain, and Web3 companies are targeted by social engineering attacks. Irreversible transactions & distributed teams make them targets. 40% of crypto security incidents stem from social engineering.
@Arsen fixes this.
Over $200 million in financial losses were attributed to deepfakes in Q1 2025, and 44% of financial professionals have already reported deepfake-driven fraud. Here are three concrete controls you can deploy:
https://t.co/b0djfywyHo
@Arsenal https://t.co/27mOzauiN9
We got tons of notifications because @Arsenal qualified for the #UCL, and our handle @arsen starts almost the same! Do you know this reflects a #phishing tactic? It's called #typosquatting (aka URL hijacking), where fraudsters exploit typing mistakes to redirect to fake sites. ๐
#CustomerStory @odaseva needed security awareness training that could scale with their global workforce. With Arsen, they got it: localized campaigns, zero friction, real behavioral insights.
Read the full story ๐ https://t.co/qgRmEeqk04
#SocialEngineering @Mandiant (@googlecloud) recently released its M-Trends 2026 report, confirming vishing is now the second most common initial breach vector globally and the #1 vector in cloud environments.
๐https://t.co/zxxpN3CGBZ
Over the past few weeks, we deployed a redesigned cyber awareness training module, now available to all customers. It delivers adaptive, engaging learning that drives behavior change, not just compliance knowledge.
๐ https://t.co/jSi8WEx4mC
The @vercel breach didn't start at Vercel. It started with a 3rd party. We'll learn more in the coming days, but if it's really ShinyHunters, social engineering on top of weakness exploitation is very probable.
Either way: 3rd party + human surface remains a key entry point.
๐ฅ From a cloned CEO identity to a fake Slack workspace and a fake Microsoft Teams error: the perfect multi-step #SocialEngineering attack?
Read the report ๐
https://t.co/Wl2NM7nXgG
"Click Next. Click Next. Click Next. Quiz passed." That's not security awareness; that's speed-clicking. CISOs: Your employees deserve better than a slideshow they'll forget by lunch. Try actual, real-life simulations instead. https://t.co/37GCTmUwcq
'You must complete the HR mandatory safety training"
Me:
According to @ESET, ClickFix attacks surged by 517% in 2025. This social engineering trick can make your employees run malware on their own. @MsftSecIntel and @moonlock_lab recently detected two new massive schemes using this technique. Find out how.๐
https://t.co/xJcO6b8u2n
@MsftSecIntel Arsen offers ready-made 'ClickFix' simulation campaign scenarios. Test your employees on real attacker tactics: multi-step social engineering sequences that lead to a deceptive action request.
https://t.co/gAGhhLS6SO
Bad actors are impersonating and weaponizing legitimate Microsoft tools thousands of firms use, using 'ClickFix' attacks - @MsftSecIntel. Arsen's simulations now allow security teams to mimic similar ClickFix attacks to assess and train their employees. Learn more below. ๐
Microsoft Defender Experts identified a widespread ClickFix social engineering campaign in February 2026 leveraging Windows Terminal as the primary execution mechanism. Rather than the traditional Win + R โ paste โ execute technique, this campaign instructs targets to use the Windows + X โ I shortcut to launch Windows Terminal (wt.exe) directly, guiding users into a privileged command execution environment that blends into legitimate administrative workflows and appears more trustworthy to users.
This approach bypasses detections specifically tuned to Run dialog abuse while exploiting the legitimacy and familiarity of Windows Terminal. Once the terminal is opened, targets are prompted to paste malicious PowerShell commands delivered through fake CAPTCHA pages, troubleshooting prompts, or verification-style lures designed to appear routine and benign.
Last Seen Users on Sotwe
Gelap
Seen from United States
meow
Seen from Malaysia
tรผrbanlฤฑ siker
Seen from Turkey
ุญุตุฑูุงุช. King
Seen from Germany
Bhone Min Nay
Seen from Thailand
Fady ๐ฝโ ๏ธ
Seen from Egypt
Nattawat.Nat
Seen from Vietnam
Veeeeebeeeeen
Seen from Turkey
hero nice
Seen from Egypt
์ฑ๋ฆผ๐ค
Seen from Korea
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers