Threat actors continue to rely on social engineering as AI is incorporated into their attacks, according to ESET’s Threat Report for the first half of 2026.
ESET’s Director of Threat Prevention Labs, Jiří Kropáč, stated, “Rather than relying on entirely new methods and tools, attackers are quickly adapting established techniques to new platforms, technologies, and user behaviors. The number of AI skills within this new ecosystem is growing rapidly as we speak, further expanding the attack surface.”
ClickFix social engineering attacks steadily increased throughout the first half of the year, as attackers improved their techniques.
“In H1 2026, ClickFix continued to spread across new environments and leverage new lures: extending to macOS through commands that supposedly install system utilities, compromising WordPress sites to show ClickFix-style prompts to site administrators, and launching AI-themed waves,” the report says. “Attackers have also refined the social engineering layer, using fake blue-screen-of-death (BSOD) prompts, frozen document viewers, and service-specific error messages to increase the chances of successful compromise. ESET telemetry shows that detections of ClickFix attacks…grew by 108% between H2 2025 and H1 2026.”
Notably, ESET is tracking a variant of ClickFix that offers advice related to generative AI tools.
“Adversaries keep the social engineering aspect of ClickFix up to date by adopting what we track as AI-fix which exploits the current hype, growing popularity, and availability of generative AI tools,” the researchers write. “Attackers craft pages that abuse legitimate domains – for example, Anthropic’s Artifact pages, OpenAI’s Canvas, or Microsoft’s Copilot Pages – offering troubleshooting content for nonexistent issues. The user is led to believe that the instructions are AI-generated, which plays right into the attackers’ hands, as people increasingly tend to place their trust in such tools.”
KnowBe4 enables your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 Platform to strengthen their security culture and reduce workforce risk.
GB Hackers has the story: https://gbhackers.com/eset-threat-report-h1-2026/
