KnowBe4

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

On Facebook, Make Sure They Are Who They Say They Are Before You become Friends

Oct 11, 2018 1:54:22 PM By Stu Sjouwerman
You receive a message apparently from a Facebook friend telling you they received another friend request from you. They go on to diagnose the "situation," tell you that you’ve been ...
Continue Reading

Retail is Unprepared for Social Engineering

Oct 4, 2018 6:50:15 AM By Stu Sjouwerman
The latest data from SecurityScorecard shows the retail industry’s security stance is at an all-time low, and is particularly susceptible to social engineering attacks. The retail ...
Continue Reading

Hackers: Social Engineering is Easier

Oct 2, 2018 5:15:41 PM By Stu Sjouwerman
Despite the presence of application and OS vulnerabilities – both new and old – hackers prefer to leverage social engineering as their preferred attack method.
Continue Reading

[Heads-up] Now In The Wild: New Super Evil Rootkit Survives Even "Nuke From Orbit" And HD Swap

Sep 30, 2018 7:56:38 AM By Stu Sjouwerman
This thing is a nightmare that escaped into daylight. The Russian GRU—aka Fancy Bear—probably was riveted reading the Wikileaks CIA Vault 7 UEFI Rootkit docs (PDF) and built one of these ...
Continue Reading

Kevin Mitnick weighs in on Facebook's big security breach

Sep 29, 2018 9:58:59 AM By Stu Sjouwerman
It was all over the news, and CNBC interviewed KnowBe4's very own Chief Hacking Officer Kevin Mitnick (note the StreetCred box on the right).
Continue Reading

The Cybercrime Economy Makes It Impossible to Stop

Sep 28, 2018 12:33:29 PM By Stu Sjouwerman
The operation run by botnet author Peter Levashov demonstrates how easy it is for would-be criminals to get into the business.
Continue Reading

Holiday Threat No. 1: Evil Twin Domains With A "Trusted" SSL/TSL Certificate

Sep 27, 2018 11:38:19 AM By Stu Sjouwerman
As the holiday season approaches, cybercriminals are set to scam your users out of their personal money but also your organizational budget.
Continue Reading

Brand-New Tool: Domain Doppelgänger Identifies Evil Twin Domains

Sep 27, 2018 10:56:40 AM By Stu Sjouwerman
I gave you a heads-up a few days ago, and now I'm excited to announce the actual release of a new tool to help protect your organization from the bad guys.
Continue Reading

Phone Scam Impersonates Sheriff’s Office Using Judge’s Name

Sep 26, 2018 5:42:04 PM By Stu Sjouwerman
The US Marshals Service has stated that a new phone scam is targeting residents of Marshall, Texas. The scammer claims to be from the local sheriff’s office and tells residents that the ...
Continue Reading

Reminder: In Spite of Windows Flaws, Hackers Prefer Social Engineering

Sep 24, 2018 7:13:06 AM By Stu Sjouwerman
Nearly half of hackers surveyed at the recent Black Hat conference in Las Vegas admitted easily compromising both Windows 8 and 10 in the past year.
Continue Reading

Looking at Cyber Attacks From the Inside Out, It’s All About Social Engineering

Sep 21, 2018 2:14:56 PM By Stu Sjouwerman
Frances Zelazny, Vice President of BioCatch, gave a recent Tech Republic interview to share some insight into how hackers can access your passwords. It's familiar but worth reviewing, ...
Continue Reading

Social Engineering, Just a Call Away

Sep 19, 2018 5:38:50 PM By Stu Sjouwerman
An email arrives, and you think it’s from your boss. Because it has your boss’s name on it, there's a huge psychological response, and you tend do what is requested. After a cordial ...
Continue Reading

When Does Effective Persuasion Become Manipulation and Social Engineering?

Sep 18, 2018 1:43:05 PM By Stu Sjouwerman
There’s a fine but clear line between ethical and unethical persuasion, says Joe Gray, a security consultant from the “Advanced Persistent Security” blog and podcast. Gray recently ...
Continue Reading

Universities Are Still Targeted With Phishing Attacks By Iranian Hackers

Aug 25, 2018 9:06:51 AM By Stu Sjouwerman
Secureworks® Counter Threat Unit™ (CTU) researchers reported that despite indictments in March 2018, the Iranian threat group is likely responsible for a large-scale campaign that ...
Continue Reading

Black Hat Puts Long-Term Social Engineering on Display

Aug 20, 2018 1:59:30 PM By Stu Sjouwerman
 
Continue Reading

Hackbusters - Where Can You Discuss All Things Social Engineering?

Aug 19, 2018 2:48:33 PM By Stu Sjouwerman
The KnowBe4 Hackbuster’s Forum is an online community dedicated to stopping the bad guys that use social engineering to hack your organization.
Continue Reading

[On-Demand Webinar] Exposing the Dirty Little Secrets of Social Engineering, Featuring Kevin Mitnick

Aug 14, 2018 4:11:53 PM By Stu Sjouwerman
In this rare event, Kevin Mitnick, the world's most famous hacker and KnowBe4's Chief Hacking Officer, along with Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer, will ...
Continue Reading

Is IT Even Trying to Thwart Social Engineering Attacks?

Aug 13, 2018 11:18:42 AM By Stu Sjouwerman
With so much else on their plate, are today’s IT organizations doing enough to protect the organization against social engineering and phishing attacks?
Continue Reading

Yes, Google's Security Key Is Hackable

Jul 26, 2018 2:22:03 PM By Roger Grimes
Here is an article by Roger Grimes, Data-Driven Defense Evangelist at KnowBe4 Ever since Google told the world that none of its 85,000 employees had been successfully hacked ...
Continue Reading

Effective Social Engineering Matters More than Zero-Days

Jul 20, 2018 12:07:51 PM By Stu Sjouwerman
There's an interesting criminal campaign in progress against government targets in Ukraine. Note that we usually first see them there, and then they spread out to Western Europe and the ...
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews