A new AI-driven phishing campaign, uncovered by Cyble Research & Intelligence Labs (CRIL) demonstrates how attackers are moving beyond traditional credential theft and adopting more invasive, technology-driven tactics. 

According to CRIL, the campaign has been active since early 2026 and relies on a wide range of social engineering lures, including themes like ID scanner, Telegram ID freezing, and “Health Fund AI.” These deceptive entry points are designed to trick users into granting access to hardware features such as cameras and microphones under the guise of verification or account recovery. 

Once permissions are granted, the malicious scripts begin collecting extensive data. This incl...