Hackers are improving phishing attacks by having you chat with 'sock puppets'

Man talking on phone and to his sock puppet
(Image credit: Getty Images - Brand X Pictures)

Hackers are launching more sophisticated phishing attacks. This time it's not just posing as your IT guy sending you suspicious links through email. This new scam involves using fake 'sock puppet' email accounts to trick you into thinking you are part of conservation among colleagues. 

Researchers at Proofpoint (via Bleeping Computer) call the technique "multi-persona impersonation," or MPI. The technique involves looping the target into a fake email exchange between multiple scammer personas in an attempt to convince them that it's a legitimate conversation. Once trust is gained, sometimes after engaging in "benign conversations with targets for weeks," according to Proofpoint, the hackers deliver a malicious link.

The email exchange will be related to the target's industry or field of research so that being included in the chain won't necessarily seem out of the ordinary. 

The group responsible is designated TA453, which Proofpoint believes works for Iran's Islamic Revolutionary Guard Corps. The group's tactics have evolved over time. Previously, TA453 attackers would pose as individual journalists or researchers covering Middle East policies, targeting "academics, policymakers, diplomats, journalists, and human rights workers," says Proofpoint. They'd try to engage the targets in one-on-one conversations but started using this group email sock puppet strategy earlier this year.   

Steam in your hands

Steam Deck with an image from Elden Ring overlayed on the screen

(Image credit: Future, FromSoftware)

Steam Deck review: Our verdict on Valve's handheld PC.
Steam Deck availability: How to get one.
Steam Deck battery life: What's the real battery life of the new device?
How loud is the Steam Deck? And will it pass the Significant Other test?
Steam Deck - The emulation dream machine: Using Valve's handheld hardware as the ultimate emulator.

One example shows an email sent to two actual US/Russia relations experts from a "Carrol" and three more personas with email accounts run by the hackers. Others include pitches for research collaboration from the "director of research" of a university. In each case, the sock puppet accounts would reply to each other in an effort to lend the conversation legitimacy. 

The initial emails and fake responses usually don't have any links, says Proofpoint. It's generally around the fourth or fifth message where a link gets shared, then a follow-up message asking the target to read the file coming days later. 

Sometimes it's a Zoom call link, a password-protected 'research' file, or a straightforward article link. The link is loaded with malware that scrapes your PC for personal information and sends those details back to the attackers.

The tactic capitalizes on the victim's FOMO, as Proofpoint puts it. The researchers point to a study that showed that people tend to "copy the actions of others," according to a description of the "social proof" principle in Psychology Today

These hackers seem to have a specific group of targets in mind, so unless you're a Middle East or US-Russia policy expert, you're probably in the clear. Be cautious anyway, though: Scammers will use whatever blueprints work, so this one could spread. Another recently spotted new phishing technique uses a fake pop-up window to convincingly simulate a Steam login form. 

Jorge Jimenez
Hardware writer, Human Pop-Tart

Jorge is a hardware writer from the enchanted lands of New Jersey. When he's not filling the office with the smell of Pop-Tarts, he's reviewing all sorts of gaming hardware, from laptops with the latest mobile GPUs to gaming chairs with built-in back massagers. He's been covering games and tech for over ten years and has written for Dualshockers, WCCFtech, Tom's Guide, and a bunch of other places on the world wide web. 

Read more
Team Fortress Spy being shocked
An FPS studio pulled its game from Steam after it got caught linking to malware disguised as a demo, but the dev insists it was actually the victim of a labyrinthine conspiracy
Steam logo
A web3 free-to-play survival game found to be a front for installing malware on your PC has finally been removed from Steam
A Path of Exile 2 sorceress casting flaming skulls in a hellish landscape
'We are incredibly sorry': Path of Exile 2 devs apologise for data breach that saw 66 accounts snatched and personal info potentially stolen
Path of Exile 2 early access class key art
Around 66 accounts in Path of Exile 2 were compromised, due to a one-two punch of an old unused Steam account and a backend bug
Kinzie, in an FBI jacket, uses a computer with the logo of the Third Street Saints on it
Have I Been Pwned adds over 284 million compromised passwords from latest breach
Mister Fantastic giving a thumbs up
A Marvel Rivals player has uncovered 'one of the most dangerous vulnerabilities a game can have' that'll let cheaters take over your PC and find your passwords
Latest in Hardware
The Razer Huntsman Mini 60% gaming keyboard floats in the teal PC Gamer deal void. The per-key RGB lights are on.
The most adorable Razer keyboard features not only an almost half-size form factor, but an almost half-size price at only $70
bulky headphones on black made using x rays
'We essentially created a virtual headset': Scientists transmit inaudible sound using ultrasonic beams to create single person 'audio enclaves'
A promotional image for the Compal Adapt X modular laptop, as presented by the iF Design Foundation
If you've ever wanted to upgrade a laptop with 'modular AI units' then Compal might just have the very thing you're looking for
Dune Awakening
Dune: Awakening system requirements are here, complete with Razer Sensa HD haptic support to 'feel the rumble of your ornithopter's seat'
An image of a MSI power supply unit against a circular gradient blue background
MSI has gone so heavy with 12V-2x6 power sockets in its latest high-end PSUs that many AMD and Intel graphics cards have no way of being powered
Colorful iGame RTX 5070 Ti Vulcan OC graphics card from various angles
The RTX 5060 and RTX 5060 Ti are rumoured to be mere weeks away, with board partners reportedly required to ensure at least one MSRP model at launch
Latest in News
The Razer Huntsman Mini 60% gaming keyboard floats in the teal PC Gamer deal void. The per-key RGB lights are on.
The most adorable Razer keyboard features not only an almost half-size form factor, but an almost half-size price at only $70
Inzoi
Ultra-realistic life sim Inzoi has officially shoved Hollow Knight: Silksong and Deadlock out of the way to become Steam's most hotly-anticipated game
New shaders in Minecraft following Minecraft Live 2025
In the year of our lord 2025, Mojang is finally adding shaders to Minecraft, making reflective lighting and water effects more accessible for all
Decorations in TCG Card Shop Simulator
TCG Card Shop Simulator finally adds the ability to decorate our stores, and suddenly all my profits are being spent on adorable Pigni posters
bulky headphones on black made using x rays
'We essentially created a virtual headset': Scientists transmit inaudible sound using ultrasonic beams to create single person 'audio enclaves'
A promotional image for the Compal Adapt X modular laptop, as presented by the iF Design Foundation
If you've ever wanted to upgrade a laptop with 'modular AI units' then Compal might just have the very thing you're looking for