Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

FBI: US Defense Industry Organizations Targeted with USB-Based Ransomware Attacks

Using mailed out “BadUSB” drives as the initial attack vector, cybercriminals are attempting to infiltrate sensitive networks and infect them with BlackMatter or REvil ransomware strains.
Continue Reading

A Cyberespionage Group Uses Social Engineering

A sophisticated China-aligned threat actor is using social engineering to carry out cyberespionage and financially motivated attacks, according to researchers at Trend Micro.
Continue Reading

North Korean Cryptocurrency Theft Relies on Social Engineering

A North Korean threat actor being called “BlueNoroff,” a subunit of Pyongyang’s Lazarus Group, has been targeting cryptocurrency startups with financially motivated attacks, researchers ...
Continue Reading

Fifty FIFA eSports Accounts Were Hacked Via Social Engineering

Video game maker Electronic Arts (EA) has stated that around fifty high-profile accounts for the soccer game FIFA 22 were hacked after attackers manipulated the company’s customer service ...
Continue Reading

Business Email Compromise Attack Leads to Millions in Non-Profit Loss

A business email compromise attack at Illinois’s Office of the Special Deputy Receiver led to a loss of $6.85 million, Ray Long at the Chicago Tribune reports. Long describes the Office ...
Continue Reading

Obvious, but Probably Effective: Konni RAT Screensaver

A North Korean threat actor is targeting users in Russia with a New Year’s Eve-themed phony screensaver file, the Record reports. Researchers at Cluster25 spotted the activity, and say ...
Continue Reading

Shoulder Surfing is Still a Thing for Successful Social Engineering Attacks

Social engineering isn’t concerned with either novelty or elegance. All that matters is whether it works. ESET’s Jake Moore described a case in point for We Live Security: all someone ...
Continue Reading

5 Notable Obscure Phishing Scams

I love that KnowBe4’s customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4’s products help its customers to educate and test ...
Continue Reading

New Nigerian Phishing Scams Target U.S. Military Families with Needed “Services”

With loved ones potentially a half a world away, scammers prey on families with scams that offer to assist with communication, care packages, leave, and more.
Continue Reading

Having an Efficient Security Awareness Training Program

I love that KnowBe4’s customers are among the most knowledgeable and educated people in the world in avoiding phishing scams. KnowBe4’s products help its customers to educate and test ...
Continue Reading

Spam Calling Rates Spike Globally

Spam calls in the US spiked in October, according to Truecaller’s annual Global Spam Report. The report observed that Truecaller customers in the US received 3,115,861 spam calls in ...
Continue Reading

$148 Million Lost to Gift Card Scams in 2021 (So Far)

A US Federal Trade Commission (FTC) data spotlight has found that people in the US lost $148 million to gift-card-related scams in the first nine months of 2021. The spotlight also found ...
Continue Reading

Netflix is the Latest Impersonated Brand in Ongoing Subscriber Targeting Scams

With the increased interest in and availability of movie and TV streaming services, plenty of new scams are popping up attempting to steal personal details and credit card information.
Continue Reading

Answer 4 Simple Questions To Avoid a Social Engineering Attack

I am usually not a man of a few words. I am the opposite. I write hundreds of pages a month and talk non-stop in person. But lately, I have been trying to be better at saying more with ...
Continue Reading

Socially Engineering Your Way to Customer Data

US telecommunications company Cox Communications has disclosed a data breach that exposed some customers’ information, BleepingComputer reports. The company said in a breach notification ...
Continue Reading

2021 Security Hints & Tips for Holiday Travels

The holiday season may be closer to "normal" this year, and that means your users will be even more focused on holiday activities - including travel. Cybercriminals will undoubtedly be ...
Continue Reading

New Phishing Campaign has Fake DHL Shipping

Researchers at Avanan have spotted a new phishing campaign that’s impersonating DHL with phony shipping notifications. The emails inform the recipients that they need to update their ...
Continue Reading

Bitcoin Scam Videos on Instagram are Part of an Elaborate Account Takeover Scam

This elaborate scam uses social engineering to trick victims into sending the hacker Bitcoin while holding Instagram accounts hostage.
Continue Reading

FBI: Cyber Attacks Target Organizations Involved in Mergers and Acquisitions

A new notification from the FBI warns organizations of attacks at the perfect time when organizations are spending money, new people are being introduced, and operations are in flux.
Continue Reading

Avoid Donating to Charity Scammers During Giving Tuesday 2021

Giving Tuesday is a great way for organizations and people to give back. However, this gives cybercriminals opportunities to take advantage of you with charity scams.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews