While ransomware gangs made headlines this summer (hugops to the Minnesota National Guard), the real damage came from attacks that looked like business as usual. A tired employee approving their 47th push notification. An executive on a video call authorizing a routine transfer. A lunch order scanned from a QR code in the lobby. By the time anyone realized something was wrong, the attackers had already moved on to their next target.

The most effective attacks in Q3 were psychologically clever. Attackers learned to exploit the gap between security theater and actual security. They turned MFA prompts into a numbers game, betting someone would eventually click approve. Deepfakes were used sparingly but effectively, targeting specific executives for specific transactions. Legitimate QR codes were replaced with malicious ones, knowing most people scan first and think later (RIP my years of no parking tickets). These anomalies are hard to spot in traditional security tools due to the noise of everything else happening in an organization.

The patterns documented here emerged from incident response engagements across industries this quarter. Some you may recognize from your own environment. Others may be operating right now, undetected, waiting for the right combination of fatigue and trust. If Q3 showed us anything, it’s that next quarter’s attacks will look even more like normal business operations.

Deepfake Social Engineering at Executive Scale 🎭

The summer started with some extra heat when the U.S. State Department warned diplomats that an impostor using AI had attempted to reach out to at least three foreign ministers, a U.S. senator, and a governor. The impostor posed as Secretary of State Marco Rubio through text, Signal, and voicemail. In parallel, we saw Kimsuky launch a sophisticated spear phishing campaign against South Korean defense institutions, using AI-generated deepfake military ID cards that fooled even trained security personnel.

OpenAI CEO Sam Altman warned at a Federal Reserve event about an impending “fraud crisis” triggered by AI’s ability to impersonate anyone. Altman even admitted, “AI has fully defeated most of the ways that people authenticate currently, other than, like, passwords…” Recent research reveals that losses attributed to attacks involving deepfakes have risen to $1b in 2025, 2x the amount from 2024.

Tactics: Initial Access, Defense Evasion, Collection, Impact

• T1656 – Impersonation

  • AI-generated deepfakes of executives in real time video/voice calls

• T1591.004 – Gather Victim Org Information: Identify Roles

  • Researching executive hierarchies and approval chains for targeted impersonation

• T1593.001 – Search Open Websites/Domains: Social Media

  • Harvesting voice samples from earnings calls, LinkedIn videos, and conference recordings

• T1566.002 – Phishing: Spearphishing Link

  • Messages with links to video calls featuring deepfaked executives

• T1204.001 – User Execution: Malicious Link

  • Victims clicking on video/voice call links that host deepfaked participants

• T1534 – Internal Spearphishing

  • Using deepfaked executive voices/videos to request actions from employees

What You Should Be Looking For:

• Video call anomalies: Executives joining from personal devices, unusual backgrounds, slight audio delays, requests to keep cameras off during “critical decisions”

• Pattern breaks: CEO requesting wire transfers without board approval, CFO bypassing normal payment workflows, urgent requests during off-hours or vacations

• Multi-channel inconsistencies: Video call followed immediately by Slack/Teams confirmation from a different device, email headers showing different geographic origins, use of non-standard communication channels (WhatsApp)

• Technical artifacts: Compression artifacts around faces, unnatural eye movements, voice pitch variations, background noise inconsistencies

Data Sources:

• Video conferencing audit logs (Teams, Zoom, WebEx)

• Wire transfer approval systems

• Executive calendar systems for meeting verification

• Email security gateways analyzing sender behavior

• Financial approval workflow exceptions

• Voice biometric analysis systems (if deployed)

• Messaging app logs (Signal, WhatsApp, SMS)

Resources:

• AI impostor attempts to impersonate Secretary of State Rubio to foreign ministers and U.S. officials

• Kimsuky APT uses AI-generated military IDs in defense sector attacks

• OpenAI CEO warns of “fraud crisis” at Federal Reserve event

• Deepfake fraud losses exceed $200M in Q1 2025 alone

• AI drives deepfake losses to $1.56 billion

• National Cybersecurity Awareness Month: How to Protect Yourself from Deepfakes
  

Death by a Thousand Push Notifications 📱

In September 2025, BBC cyber correspondent Joe Tidy became the target of a sophisticated insider recruitment attempt by the Medusa ransomware gang that escalated into an MFA bombing campaign when he refused their offer of 25% of a multi-million dollar ransom. When recruitment failed, the attackers pivoted to flooding his phone with authentication requests, hoping he’d accidentally approve just one.

New reports also reveal that 79% of business email compromise victims investigated in 2024-2025 had MFA enabled, with approximately 25% of recent attacks involving fraudulent MFA push notifications. The technique has become so prevalent that ransomware crews like Scattered Spider and Muddled Libra have adopted MFA bombing as a standard part of their playbook.

CyberProof SOC analysts identified compromised accounts where attackers successfully bypassed MFA using mobile app notifications. Audit logs showed all authentication attempts as “successful,” despite originating from Cloudflare IP addresses. The attacks left no traditional indicators of compromise, as all sign-ins appear legitimate.

Tactics: Initial Access, Persistence, Defense Evasion

Techniques:

• T1621 – Multi-Factor Authentication Request Generation

  • Triggering repeated MFA prompts to exhaust users

• T1078 – Valid Accounts

  • Using compromised credentials to trigger legitimate MFA prompts

• T1111 – Two-Factor Authentication Interception

  • Capturing approval when user finally accepts

• T1556.006 – Modify Authentication Process: Multi-Factor Authentication

  • Following up with device enrollment once inside

What You Should Be Looking For:

• Push patterns: Multiple MFA requests within minutes, especially outside business hours (midnight to 6 AM anyone?), requests during user PTO/weekends, geographic impossibilities between pushes

• Approval anomalies: Acceptance after 10+ denials, approvals at unusual hours, immediate new device enrollment post-approval, first time user approving without verification

• Behavioral breaks: MFA from new locations immediately after password reset, push notifications while user actively working elsewhere, requests from IPs in sanctioned countries

• Support correlations: Help desk tickets about “broken MFA” followed by successful authentication, users reporting “ghost” notifications, complaints about overnight push spam

Data Sources:

• MFA provider logs (Duo, Okta Verify, Microsoft Authenticator)

• Authentication event correlation

• Time-based analysis of push patterns

• User complaint/ticket systems

• VPN logs showing active sessions during push attempts

• Mobile device management (MDM) enrollment logs

• Employee reports of suspicious contact attempts

Resources:

• BBC journalist targeted by Medusa ransomware gang with MFA bombing after refusing insider recruitment

• 79% of BEC victims had MFA enabled, 25% of attacks involve fraudulent push notifications

• CyberProof SOC analysis of MFA bypass using Cloudflare IPs to mask attacker location

• Defend your users from MFA fatigue attacks - Microsoft

• Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines

The Low Tech High Tech Attacks 🏷️

In July 2025, Cyble Research & Intelligence Labs uncovered “Scanception,” a sophisticated credential-harvesting campaign active across more than 50 nations that exploited PDF attachments with embedded QR codes, with nearly 80% of the 600+ unique phishing PDFs showing zero detections on VirusTotal. The attacks targeted personal mobile devices in order to shift the attack surface away from enterprise visibility and defeat email gateways that only scan for clickable links.

But the digital attacks were just half the story. The summer of 2025 saw a coordinated wave of physical QR code attacks across North America. In June, New York City discovered fraudulent QR code stickers on ParkNYC meters that directed users to third-party websites requesting credit card information. By July, Denver reported fake QR codes on parking signs in Cherry Creek, Broadway, and Lincoln Street that sent users to international websites instead of the city’s Pay By Phone app. And in Montreal, the Agence de mobilité durable warned that vandals had placed malicious QR codes on signs meant to promote their new Mobicité parking app. Meanwhile, nation-state actors used QR codes to compromise messaging accounts of military personnel through Signal, distributing remote access trojans (RATs) that provided full device access.

Tactics: Initial Access, Defense Evasion, Credential Access

Techniques:

• T1566.001 – Phishing: Spearphishing Attachment

  • PDFs masquerading as HR handbooks with QR codes on final pages to evade detection

• T1204.001 – User Execution: Malicious Link

  • QR codes redirecting through YouTube, Google, Bing, Cisco, and Medium to mask malicious intent

• T1598.003 – Phishing for Information: Spearphishing Link

  • AITM phishing pages that detect automation tools and redirect to “about:blank” when analysis detected

• T1027.009 – Obfuscated Files or Information: Embedded Payloads

  • Split QR codes divided into two benign-looking images, nested codes with legitimate codes embedded inside malicious ones

• T1608.005 – Stage Capabilities: Link Target

  • Physical QR code stickers overlaid on legitimate parking meters and signage

What You Should Be Looking For:

• Email indicators: PDFs with 4+ pages placing QR codes on final pages, professional-looking documents with tables of contents mimicking HR workflows

• Physical red flags: Stickers on parking meters with URLs one letter off from legitimate services (poybyphone vs PayByPhone), fresh adhesive or misaligned stickers over existing codes

• Redirection patterns: Links routing through trusted platforms with base64-encoded victim email addresses appended as parameters

• Detection evasion: Pages that disable right-click, monitor for debugging every 100ms, detect Selenium/PhantomJS/Burp Suite and immediately redirect

• Mobile behaviors: Users scanning work-related QR codes with personal devices, authentication requests immediately after QR scan

Data Sources:

• Email gateway logs for PDF/image attachments

• Mobile device management (MDM) for personal device usage

• Web proxy logs showing redirects through trusted platforms

• URL inspection services for QR payload analysis

• Physical security reports of tampered signage

• Browser fingerprinting attempts in access logs

Resources:

• Cyble uncovers “Scanception” campaign using PDFs with embedded QR codes across 50+ nations

• NYC discovers fraudulent QR codes on ParkNYC meters directing to third-party sites

• Denver reports fake QR codes on parking signs across multiple neighborhoods

• Montreal warns of vandalized parking signs with malicious QR codes

• Barracuda discovers split and nested QR code techniques evading detection

• Nation-state actors use QR codes to compromise military Signal accounts

• How to Not Get Hacked by a QR Code

Conclusion

These are the behaviors that defined Q3. They weren’t sophisticated, they were mostly… human. Attackers weaponized fatigue with MFA bombing, trust with deepfaked executives, and convenience with QR codes stuck over parking meters. Each technique turned a security control into an attack vector.

What patterns are you seeing that don’t match these signatures? Which trust mechanisms are being weaponized in your environment? Drop a comment with the living-off-the-land techniques keeping you up at night, and we might feature your insights in the next From the Fire.

Leave a comment