Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

Amazon Prime Day 2022 is Coming: Here are Quick Cybersecurity Tips to Help You Stay Safe

Amazon Prime Days this year are July 12 - 13th 2022. As a result, cybercriminals are taking every step to capitalize on the holiday with new phishing attacks. I have been getting asked ...
Continue Reading

Vendor Impersonation Competing with CEO Fraud

Researchers at Abnormal Security have observed an increase in vendor impersonation in business email compromise (BEC) attacks.
Continue Reading

FBI Warns of Fraudsters on LinkedIn

The US FBI has warned that scammers on LinkedIn are a “significant threat,” CNBC reports. Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento field offices, ...
Continue Reading

Smishing Text Scams Have Doubled in the Last Three Years

New data shows a rise in the use of text messages as an effective vehicle to connect with potential victims for social engineering scams as Americans increase their preference of the ...
Continue Reading

New PDF-Based Phishing Attack Demonstrates that Office Docs Aren’t Passé – They are Just Obfuscated!

Security researchers have discovered a cunning PDF-based phishing attack that leverages social engineering and PDF prompt specifics to trick users into opening malicious Office docs.
Continue Reading

Over 2000 Social Engineering Scammers Arrested in Multi-Country Crackdown on Fraud, BEC, and Money Laundering

Thousands of members of cybercriminal groups were arrested in a sting that lasted 2 months and involved coordinated efforts of the law enforcement departments of 76 countries.
Continue Reading

Vishing Attacks Increase 550% Over Last Year as the Financial Sector Continues to be a Primary Target

Cybercriminals are continuing to bypass the use of malware in favor of response-based and credential-centric social engineering attacks, according to new data from Agari and PhishLabs.
Continue Reading

A Closer Look at HR Scams: Does Niceness Have a Downside?

Threat actors are targeting HR employees who are looking to hire new people, according to Lisa Vaas at Contrast Security. As part of their job, HR employees frequently interact with ...
Continue Reading

Spear Phishing Campaign Targets Former Israeli Officials

An Iranian threat actor is conducting a spear phishing operation against Israeli officials, according to researchers at Check Point. The targets have included the former Foreign Minister ...
Continue Reading

Monkeypox Scams Continue to Increase

Attackers are taking advantage of the current news about monkeypox to trick people into clicking on malicious links, Pickr reports. Researchers at Mimecast have spotted a phishing ...
Continue Reading

FTC Warns that Scammers are Turning to Cryptocurrencies

The US Federal Trade Commission (FTC) has warned that people have reported losing over $1 billion in crypto to scams since the beginning of 2021. The vast majority of these losses were ...
Continue Reading

Homographic Domain Name Phishing Tactics

Bitdefender warns that Microsoft Office applications are vulnerable to phishing tactics that exploit international domain names (IDNs). Affected applications include Outlook, Word, Excel, ...
Continue Reading

Smishing and Home Delivery

A smishing campaign is impersonating the UK-based delivery company Evri with text messages informing recipients that their package couldn’t be delivered, according to Paul Ducklin at ...
Continue Reading

SideWinder Targets Pakistani Entities With Phishing Attacks

The India-aligned APT SideWinder is using a variety of social engineering techniques to target Pakistani government and military entities, according to researchers at Group-IB. The threat ...
Continue Reading

Phishing Campaign Targets QuickBooks Users

Accounting software provider Intuit has warned of a phishing scam targeting its customers, BleepingComputer reports. The phishing campaign affected users of Intuit’s QuickBooks product, ...
Continue Reading

We Do Not Talk Enough About Social Engineering and It’s Hurting Us

One of the most important things I have tried to communicate to audiences since at least the 1990s is how prevalent a role social engineering plays in cybersecurity attacks. I have ...
Continue Reading

The $44 Million Smishing Problem and How to Not Be a Victim

Consumer Affairs reported on how big of a problem SMS phishing scams have become, and how it's about to get a lot worse. According to a recent FBI report, more than 320,000 Americans were ...
Continue Reading

Collaring the (Alleged) Leader of a BEC Gang

A joint operation by INTERPOL and the cybercrime unit of the Nigeria Police Force have concluded a yearlong investigation into the SilverTerrier business email compromise gang by ...
Continue Reading

That’s Not Actually Elon Musk

Scammers are using deepfake videos of Elon Musk in an attempt to trick people into handing over cryptocurrency, BleepingComputer reports. The scammers set up a phony cryptocurrency ...
Continue Reading

FBI Director Warns of “Unprecedented” Cyberespionage Attacks Originating in China

FBI Director Christopher Wray highlighted China’s role in cyberespionage in a recent 60-Minutes news segment, saying the level of attacks the U.S. is seeing is “unprecedented in history.”
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews