Social Cyber Attack Archives

Social Cyber Attack

We started with a phone call. Turns out their security verification was a surname and an email address. That's it. We stayed in overnight. Over 15 hours. The MSP never raised a single alert. This is what a vishing attack looks like when the weakest link isn't your staff - it's the company you outsourced security to.

vishing attack undetected overnight stay

The one where we stayed overnight and nobody noticed

We started with a phone call. Turns out their security verification was a surname and an email address. That's it.…

social engineering business email compromise

The one where we got their client’s data by simply asking nicely

Over twelve months, our team built lookalike domains and manufactured a fake authority figure to sign off on every request.…

CovertSwarm and Fintech: Snoop Case Study

"The CovertSwarm team is how we stay ahead in the increasingly aggressive world of cyber security". - Jamie West

The one where public data led to private access

Proving how traditional pen testing was insufficient compared to our constant attack stimulation to find unknown vulnerabilities.

The one where a fake email proved the risk was real

A fake onboarding email opened a real security gap, showing how even mature defences fail when assumptions go untested.

Empty office building corridor with security and elevator signs, symbolising physical security testing and intrusion risks

The one where compliance wasn’t enough

A centuries-old global financial institution believed regular CBEST assessments kept them safe. On paper, it looked that way. But attackers…