Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Texas School District Loses $2.3 Million In BEC Scam

Jan 13, 2020 12:58:38 PM By Stu Sjouwerman
Texas’s Manor Independent School District was the victim of a costly 2.3 million dollar Business Email Compromise (BEC) scam in November of 2019.
Continue Reading

An Overview of Phishing from the Accounting Sector

Jan 13, 2020 8:23:18 AM By Stu Sjouwerman
Employee training is an essential long-term defense against phishing attacks, according to David Barton and Kimberly Anderson at UHY Advisors. In an article for Accounting Today, Barton ...
Continue Reading

[Scam Of The Week] Don't Fall For This Tricky: “Start your 2020 with a gift from us”

Jan 13, 2020 7:00:00 AM By Stu Sjouwerman
Paul Ducklin at Naked Security warned us about a scam that just surfaced and promises a gift by courier from overseas where the other person hasn’t told you what they’re sending – the ...
Continue Reading

The Top 5 Eyeopener Strategies To Improve Your IT Defenses And Keep Bad Guys Out Of Your Network

Jan 9, 2020 4:16:06 PM By Roger Grimes
Last year, in 2019 according to CVEdetails, there were 12,174 new, publicly announced vulnerabilities. If that sounds like a high number, it’s a lot less than the previous two years. We ...
Continue Reading

Scammer Who Tricked Facebook and Google Out of $120 Million Gets 5 Years in Jail

Jan 9, 2020 8:29:01 AM By Stu Sjouwerman
The Lithuanian hacker who ran the most notorious, simplest, and most lucrative email-based social engineering fraud scam has been brought to justice and will be serving time and paying ...
Continue Reading

Smishing 101 and Defenses

Jan 8, 2020 10:04:15 AM By Roger Grimes
Smishing is phishing via Short Message Service (SMS) on a participating device, usually a cell phone. Long neglected by phishers and spammers, smishing has recently become a very common ...
Continue Reading

Encryption Isn’t Your Only Ransomware Problem - There Are Some Other Nasty Issues

Jan 7, 2020 12:05:54 PM By Roger Grimes
Ransomware has become one of the most dreaded problems in the cyber world and it’s only getting worse. Much worse!
Continue Reading

Phishing Emails on the Rise as Spear Phishing Continues to Return Bigger Payouts

Jan 7, 2020 8:59:42 AM By Stu Sjouwerman
New data from Microsoft Security Insights sheds some needed light on exactly what the bad guys are doing and how they’re shifting tactics. Sometimes it feels like the bad guys are ...
Continue Reading

Penn State Warns of Spear Phishing Attacks

Jan 7, 2020 8:30:37 AM By Stu Sjouwerman
Penn State is warning its community about a recent spike in phishing attacks targeting the university’s employees. Attackers are sending emails posing as real Penn State employees and ...
Continue Reading

Announcing A New 8-Minute Training Module - Social Media: Staying Secure in a Connected World

Jan 6, 2020 7:00:00 AM By Stu Sjouwerman
As you probably know, social media is the number one place that attackers can get intel about your organization to make their "hacking of your humans" more effective. We have been hearing ...
Continue Reading

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Jan 3, 2020 2:27:46 PM By Stu Sjouwerman
Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. ...
Continue Reading

Seven Kinds of Malware, and all Arrive by Social Engineering

Jan 3, 2020 9:25:59 AM By Stu Sjouwerman
Naked Security outlines seven different categories of malware and describes how each of them through social engineering techniques can affect your organization. Some or all of these ...
Continue Reading

Phishing Remains the Most Widespread Risk

Jan 2, 2020 8:27:21 AM By Stu Sjouwerman
As organizations look to improving their defenses, it’s worth remembering that attackers usually get through those defenses by manipulating the human beings those security measures are in ...
Continue Reading

Tax Season Warning: the IRS on Social Engineering

Dec 31, 2019 8:25:18 AM By Stu Sjouwerman
We have had occasion to warn of this before, but as 2020 begins and April 15th approaches, it may be worth another mention. The US Internal Revenue Service wants taxpayers to keep a sharp ...
Continue Reading

PayPal Scammers Want More than Just Your PayPal Credentials

Dec 27, 2019 9:30:25 AM By Stu Sjouwerman
Researchers at ESET have come across phishing sites that try to steal PayPal logins along with a wide range of personal and financial information. The scam begins with phishing emails ...
Continue Reading

Veterans are High-Payoff Social Engineering Targets for Scammers

Dec 27, 2019 9:05:27 AM By Stu Sjouwerman
Veterans are particularly valuable targets for various types of social engineering attacks, according to Mary K. Talbot at the Providence Journal. Veterans are often respected leaders in ...
Continue Reading

Star Wars Rogue One: A Phish Story

Dec 26, 2019 10:16:45 AM By Stu Sjouwerman
We’ve heard that scammers are exploiting the release of the new Star Wars movie by distributing malware disguised as free copies of the film. But what if we turned this on its head and ...
Continue Reading

These Aren't the Droids You're Looking For

Dec 26, 2019 9:54:16 AM By Stu Sjouwerman
Researchers at Kaspersky have identified sixty-five malicious files masquerading as online copies of Star Wars: The Rise of Skywalker, TechRepublic reports. The files are spread via ...
Continue Reading

Financial Advisor Fined After Falling for BEC Scam

Dec 18, 2019 8:23:32 AM By Stu Sjouwerman
The Financial Industry Regulatory Authority (FINRA) fined and temporarily suspended a financial advisor working for UBS after he was tricked into transferring $511,870 from a client’s ...
Continue Reading

Insurance Company On The Hook for 1.7 Million Dollars After Denying BEC Scam Claim

Dec 12, 2019 3:11:49 PM By Stu Sjouwerman
An article in the insurance Journal reports that the 11th Circuit Court in Atlanta agreed with a district court ruling that insurance company "Ironshore" is still on the hook for paying a ...
Continue Reading
Subscribe

Search Our Blog


Weak Password Test Contest

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews