Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

“Browser-in-the-Browser” Phishing Technique Spotted in New Steam Account Attack

Sep 23, 2022 1:58:10 PM By Stu Sjouwerman
Luring victims using a realistic- and legitimate-looking fake browser window to steal Steam accounts, this new type of social engineering may be a sign of things to come.
Continue Reading

Social Engineering Targets Healthcare Payment Processors

Sep 19, 2022 8:57:39 AM By Stu Sjouwerman
The US Federal Bureau of Investigation (FBI) has issued an alert warning of an increase in phishing and other social engineering attacks against healthcare payment processors.
Continue Reading

[HEADS UP] Bank of America Warns About Recent Scams That Request Zelle Payment Due to 'Suspicious Activity'

Sep 16, 2022 3:17:35 PM By Stu Sjouwerman
Bank of America recently sent a customer service email warning users to watch out for this new phishing attack.
Continue Reading

Uber security breach 'looks bad', caused by social engineering

Sep 16, 2022 8:36:02 AM By Stu Sjouwerman
It was all over the news, but ZDNet's Eileen Yu was one of the first. -- "Hacker is believed to have breached Uber's entire network in a social engineering attack, which one security ...
Continue Reading

Cisco Attempt Attributed to Lapsus$ Group

Sep 14, 2022 12:40:18 PM By Stu Sjouwerman
Security researchers at Cisco Talos have issued an update on the cyberattack Cisco sustained earlier this year. The attack began with a phishing attack against a Cisco employee, which led ...
Continue Reading

Singapore: Top Ten Scams in the First Half of 2022 Cost Over $227 Million, Scam Frequency Rises by 94%

Sep 9, 2022 8:46:03 AM By Stu Sjouwerman
Queries of reported cases to Singapore Police reveal a rise in scam costs by 59% as phishing cases double and job-related scams increase 7x from the first half of 2021.
Continue Reading

Instagram Phishing: Scammers Exploit Instagram Verification Program

Sep 4, 2022 12:16:10 PM By Stu Sjouwerman
Researchers at Vade warn that an email phishing campaign is informing users that their Instagram account is eligible to receive a blue verification badge. If a user clicks the link, ...
Continue Reading

Fraud Warning from DHS OIG

Sep 2, 2022 8:45:00 AM By Stu Sjouwerman
The Department of Homeland Security’s Office of the Inspector General (DHS OIG) has issued an alert to warn that scammers are posing as DHS employees.
Continue Reading

The Extent of Social Engineering

Aug 30, 2022 10:25:14 AM By Stu Sjouwerman
Researchers at NordVPN have published the results of a survey that found that 84% of Americans have experienced some form of social engineering, although only 54% have heard of the term ...
Continue Reading

Report: Deepfakes Used in Scams

Aug 25, 2022 9:13:56 AM By Stu Sjouwerman
Scammers created a deepfake video of Patrick Hillmann, Chief Communications Officer at cryptocurrency exchange Binance, in order to scam people. Hillmann explained in a blog post that he ...
Continue Reading

[HEADS UP] Highly Sophisticated Job Offer Scam

Aug 25, 2022 8:55:44 AM By Stu Sjouwerman
If you've been approached by recruiters on LinkedIn for a potential job opportunity, you may want to pay attention to this recent scam.
Continue Reading

Dueling Clauses, or, not all Fraud is the Same

Aug 24, 2022 10:47:04 AM By Stu Sjouwerman
There are, famously, three things you can do with risk: accept it, mitigate it, or transfer it. And you transfer risk by buying insurance against it.
Continue Reading

Teach Two Things to Decrease Phishing Attack Success

Aug 24, 2022 8:25:03 AM By Roger Grimes
We know everyone is busy. Everyone already has too much on their plate and is trying to learn as much as they can every day.
Continue Reading

Vishing is a Rising Threat to the Enterprise

Aug 23, 2022 10:05:48 AM By Stu Sjouwerman
Most of us are all too familiar with vishing, the scam voice calls that offer to erase your credit card debt, to extend your automobile warranty, to get you to donate to that worthy cause ...
Continue Reading

Piggybacking: Social Engineering for Physical Access

Aug 18, 2022 11:37:37 AM By Stu Sjouwerman
Tailgating or piggybacking is an old but effective social engineering technique to gain physical access to restricted areas, according to Rahul Awati at TechTarget. Tailgating is when a ...
Continue Reading

Social Engineering for Espionage and Influence

Aug 17, 2022 9:20:19 AM By Stu Sjouwerman
Microsoft has disrupted operations carried out by a Russian government-aligned threat actor tracked as “SEABORGIUM.” The threat actor uses phishing and credential harvesting to conduct ...
Continue Reading

Massive Network of Over 10,000 Fake Investment Sites Targets Europe

Aug 12, 2022 8:47:44 AM By Stu Sjouwerman
Using a mix of compromised social media accounts, social engineering, call center agents, and some convincing websites, this latest scam seeks to get victims to repeatedly “invest”.
Continue Reading

New Research Shows Social Engineering and Phishing are the Top Threats

Aug 9, 2022 8:56:10 AM By Stu Sjouwerman
According to the CS Hub Mid-Year Market Report 2022, new findings shows that 75% of survey respondents believe that social engineering and phishing attacks are the top threat vector to ...
Continue Reading

Twilio hacked by phishing campaign targeting internet companies

Aug 8, 2022 3:38:47 PM By Stu Sjouwerman
Communications giant Twilio has confirmed hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials. 
Continue Reading

Cybercriminals Go to College with New Phishing Attacks

Aug 8, 2022 9:23:42 AM By Stu Sjouwerman
The summer is winding up, and the traditional academic year is approaching. And amid the welcomes from the deans of students, the activities coordinators, the academic advisors and so on, ...
Continue Reading
Subscribe

Search Our Blog


Cybersecurity Awareness Month 2022 Free Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews