Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

[INFOGRAPHIC] KnowBe4’s Content Library by the Numbers

Jul 19, 2023 9:27:35 AM By Stu Sjouwerman
KnowBe4 offers the world’s largest library of always-fresh security awareness and compliance training content that includes assessments, interactive training modules, videos, games, ...
Continue Reading

WormGPT, an "ethics-free" Cyber Crime text generator

Jul 17, 2023 1:26:05 PM By Stu Sjouwerman
A new generative AI model called “WormGPT” is being offered on cybercrime forums, according to researchers at SlashNext. While other AI tools, such as ChatGPT, have safeguards in place ...
Continue Reading

Tailgating Through Physical Security Using Social Engineering Tactics

Jul 13, 2023 9:00:47 AM By Stu Sjouwerman
Researchers at Check Point outline various forms of tailgating attacks. These attacks can allow threat actors to bypass physical security measures via social engineering.
Continue Reading

Launch Of New Meta Thread App Spawns Hundreds Of Spoof Domains

Jul 12, 2023 8:56:35 AM By Stu Sjouwerman
Researchers at Veriti have observed hundreds of spoofed domains following Meta’s launch of its Threads social media platform.
Continue Reading

Australia’s National Anti-Scam Centre: Prevention Is Better Than the Cure

Jul 10, 2023 10:56:48 AM By Jacqueline Jayne
Australia officially launched their National Anti-Scam Centre this week. With more than AUD $3.1 billion lost each year, Australians need support.
Continue Reading

Job Recruitment Scams Rising Due to Social Engineering

Jul 10, 2023 10:52:29 AM By Stu Sjouwerman
Job scams are a rising form of socially engineered cybercrime. And while it’s easy to imagine the trouble they cause individuals who innocently fall for them (lost opportunities, identity ...
Continue Reading

Amazon Prime Day Alert: Beware of Fake Logins, Gift Card Scams

Jul 7, 2023 11:39:18 AM By Stu Sjouwerman
A new threat alert from ConsumerAffairs and TrendMicro proves more than just shoppers will take advantage of Amazon’s upcoming Prime Day.
Continue Reading

U.K. Twitter Impersonation Hacker Sentenced to Prison in the U.S.

Jul 7, 2023 11:00:00 AM By Stu Sjouwerman
The British national responsible for hacking into and impersonating high-profile individuals as part of a crypto theft scheme has been sentenced to five years in prison.
Continue Reading

Microsoft Teams Cyber Attack Exploit Tool Relies on Social Engineering to Deliver Malware

Jul 7, 2023 8:00:00 AM By Stu Sjouwerman
If your organization uses Microsoft Teams, then you definitely want to hear about a new way bad actors are exploiting this newly discovered cyber attack tool.
Continue Reading

New Report Shows Social Engineering and Business Email Compromise Attacks Have Drastically Increased in 2023

Jul 6, 2023 8:45:53 AM By Stu Sjouwerman
Email-based social engineering attacks have risen by 464% this year compared to the first half of 2022, according to a report by Acronis. Business email compromise (BEC) attacks have also ...
Continue Reading

National Cyber Security Centre Notes UK Law Firms are Main Target for Cybercriminals

Jun 28, 2023 11:16:46 AM By Stu Sjouwerman
In the most recent Cyber Threat report from the National Cyber Security Centre (NCSC), it is clear that UK law firms are a gold mine for cybercriminals.
Continue Reading

Russian Threat Actor Targets Ukraine Government And Military With Spear Phishing Emails

Jun 27, 2023 8:54:25 AM By Stu Sjouwerman
Russia’s APT28 (also known as “Fancy Bear” or “BlueDelta”) is using spear phishing to compromise Ukrainian government and military entities, according to researchers at Recorded Future. ...
Continue Reading

New Cryptocurrency Coinbase Phishing Campaign Uses Social Engineering

Jun 26, 2023 9:12:26 AM By Stu Sjouwerman
A phishing campaign is impersonating cryptocurrency trading platform Coinbase, Tech.co reports. Crypto trader Jacob Canfield described the campaign in a Twitter thread, stating that the ...
Continue Reading

Want To Stop All Scams? Here Is How!

Jun 23, 2023 2:25:52 PM By Roger Grimes
There are many ways to be socially engineered and phished, including email, websites, social media, SMS texts, chat services, phone calls and in-person. These days, it is hard to sell ...
Continue Reading

Extremely Persistent Threat Group Demonstrates a Strong Understanding of the Modern Incident Response Frameworks

Jun 22, 2023 9:44:42 AM By Stu Sjouwerman
A threat actor tracked as “Muddled Libra” is using the 0ktapus phishing kit to gain initial access to organizations in the software automation, business process outsourcing, ...
Continue Reading

Is AI-Generated Disinformation on Steroids About To Become a Real Threat for Organizations?

Jun 21, 2023 9:49:39 AM By Martin Kraemer
A researcher was alerted to a fake website containing fake quotes that appeared to be written by himself. The age of generative artificial intelligence (AI) toying with our public ...
Continue Reading

KnowBe4’s 2023 Phishing By Industry Benchmarking Report Reveals that 33.2% of Untrained End Users Will Fail a Phishing Test

Jun 20, 2023 9:07:42 AM By Joanna Huisman
Cybercriminals still know that the easiest way to successfully infiltrate an organization is through its people.
Continue Reading

New Social Engineering Tactic Uses PDFs in Business Email Compromise Attacks

Jun 20, 2023 8:46:31 AM By Stu Sjouwerman
Legitimate services can be exploited in social engineering, including business email compromise (BEC) attacks.  Researchers at Check Point describe one current BEC campaign that’s using ...
Continue Reading

New Survey Shows 40% of People Searching for a Job Encountered a Scam

Jun 15, 2023 8:47:35 AM By Stu Sjouwerman
A survey by PasswordManager.com has found that one in three job seekers has fallen for, and responded to, fake job scams over the past two years.
Continue Reading

[INFOGRAPHIC] KnowBe4’s SecurityCoach: Top 10 Risky Behaviors

Jun 14, 2023 4:08:25 PM By Stu Sjouwerman
Real-time security coaching helps improve your organization’s security culture by enabling real-time coaching of your users in response to risky security behaviors.
Continue Reading
Subscribe

Search Our Blog


Free Phishing Security Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews