Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Scammers Can Be Victims Too

Mar 20, 2025 10:27:52 AM By Roger Grimes
There are thousands of people worldwide trying to scam you, hoping they can make you a victim, steal your money, and harm you in some way. While some of it is done by individuals or small ...
Continue Reading

Phishing Attacks Abuse Microsoft 365 to Bypass Security Filters

Mar 20, 2025 10:27:20 AM By Stu Sjouwerman
Threat actors are abusing Microsoft’s infrastructure to launch phishing attacks that can bypass security measures, according to researchers at Guardz.
Continue Reading

The Cybersecurity Confidence Gap: Are Your Employees as Secure as They Think?

Mar 18, 2025 10:26:41 AM By Anna Collard
Our recent research reveals a concerning discrepancy between employees' confidence in their ability to identify social engineering attempts and their actual vulnerability to these attacks.
Continue Reading

Booking.com Phishing Scam Targets Employees in the Hospitality Sector

Mar 18, 2025 10:25:44 AM By Stu Sjouwerman
A phishing campaign is impersonating travel agency Booking.com to target employees in the hospitality industry, according to researchers at Microsoft.
Continue Reading

Protect Yourself: Social Engineering Fuels SIM Swapping Attacks

Mar 13, 2025 9:13:20 AM By Stu Sjouwerman
Group-IB has published a report on SIM swapping attacks, finding that attackers continue to use social engineering to bypass technical security measures.
Continue Reading

AI and AI-agents: A Game-Changer for Both Cybersecurity and Cybercrime

Mar 12, 2025 9:10:02 AM By Anna Collard
Artificial Intelligence (AI) is no longer just a tool—it is a game changer in our lives, our work as well as in both cybersecurity and cybercrime.
Continue Reading

Beware: Malvertising Campaign Hits Nearly a Million Devices

Mar 12, 2025 9:09:33 AM By Stu Sjouwerman
Microsoft warns that a widespread malvertising campaign hit nearly one million devices around the world. The campaign, which began on illegal streaming sites, impacted both consumer and ...
Continue Reading

Autonomous Agentic AI-Enabled Deepfake Social Engineering Malware is Coming Your Way!

Mar 10, 2025 9:17:27 AM By Roger Grimes
I’ve been in the cybersecurity industry for over 36 years. Surprisingly, hackers and malware haven't changed all that much.
Continue Reading

Software Will Become Agentic and the Security Lessons We Need To Learn

Mar 7, 2025 9:14:24 AM By Roger Grimes
Ever since OpenAI publicly released ChatGPT in late 2022, people have been predicting the end of programmers.
Continue Reading

Data at Risk: 96% of Ransomware Attacks Involve Data Theft

Mar 6, 2025 9:54:08 AM By Stu Sjouwerman
A new report from Arctic Wolf has found that 96% of ransomware attacks now involve data theft as criminals seek to force victims to pay up.
Continue Reading

[Heads Up] Sophisticated Phishing Attack Uses New JavaScript Obfuscation Trick

Mar 5, 2025 9:11:50 AM By Stu Sjouwerman
Researchers at Juniper Threat Labs warn that phishing attacks are utilizing a new obfuscation technique to hide malicious JavaScript.
Continue Reading

Primary Refresh Tokens Aren’t Your Parent’s Browser Token

Mar 4, 2025 9:40:59 AM By Roger Grimes
If you haven’t been paying attention closely enough, a new type of access control token, like a super browser token on steroids, is becoming hackers' theft target of choice.
Continue Reading

Protect Yourself from Job Termination Scams

Feb 28, 2025 9:13:46 AM By Stu Sjouwerman
ESET warns of a wave of phishing attacks informing employees that they’ve been fired or let go. The emails are designed to make the user panic and act quickly to see if they’ve actually ...
Continue Reading

Phishing Attack Leads to Lateral Movement in Just 48 Minutes

Feb 27, 2025 9:09:03 AM By Stu Sjouwerman
Researchers at ReliaQuest have published a report on a phishing breach in the manufacturing sector that went from initial access to lateral movement in just 48 minutes.
Continue Reading

[NEW] KnowBe4 Interviews a Fake North Korean Employee

Feb 24, 2025 8:43:19 AM By Roger Grimes
You would think with all the global press we have received because of our public announcement of how we mistakenly hired a North Korean fake employee in July 2024, followed by our ...
Continue Reading

Phishing for Love: A Sharp Surge in Valentine’s Day-Themed Scams

Feb 17, 2025 8:00:00 AM By Martin Kraemer
Authors: Martin Kraemer, Security Awareness Advocate at KnowBe4 and James Dyer, Threat Intelligence Lead at KnowBe4 This Valentine’s Day, Cupid wasn’t the only one taking aim. Our Threat ...
Continue Reading

New Research: Ransomware Data Extortion Skyrocketing

Feb 14, 2025 9:12:53 AM By Stu Sjouwerman
Data theft extortion attacks increased by 46% in the fourth quarter of 2024, according to a new report from Nuspire.
Continue Reading

New Phishing Campaign Targets The X Accounts of Politicians, Tech Companies, Cryptocurrency, And More

Feb 13, 2025 10:26:10 AM By Stu Sjouwerman
SentinelOne warns that a phishing campaign is targeting high-profile X accounts, including those belonging to US political figures, leading journalists, major technology companies, ...
Continue Reading

Cybersecurity Resilience and Culture Matters to Face the Growing Frequency and Sophistication of Cybercrime

Feb 10, 2025 5:07:38 PM By Martin Kraemer
Dr. Martin J. Kraemer discusses learning from The Word Economics Forum Cybersecurity Outlook 2025 report Last year, the British multinational corporation Arup lost about 20 million pounds ...
Continue Reading

Don’t Fall Victim: DeepSeek-Themed Scams Are on the Rise

Feb 7, 2025 4:38:19 PM By Stu Sjouwerman
Scammers are taking advantage of the newfound popularity of the China-based AI app DeepSeek, according to researchers at ESET.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews