KnowBe4

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

[Heads-up] New Email Extortion Scam Bomb Threat Demands Bitcoin

A new email extortion scam is making the rounds, threatening that someone has planted bombs within the recipient's building that will be detonated unless a hefty bitcoin ransom is paid by ...
Continue Reading

WARNING: Your Head of Finance May Be 1 of 50,000 Execs Targeted in BEC Scams

According to a report from email security & protection vendor Agari, the cybercriminal group dubbed London Blue are directing their latest scams at very specific finance execs.
Continue Reading

Giveaway Scam Offers Free Volkswagens to Generate Ad Revenue

A scam campaign is promising free Volkswagen car giveaways to trick social media users into visiting third-party ad servers, according to researchers at Sucuri.
Continue Reading

Hackbusters - Where Can You Discuss All Things Social Engineering?

The KnowBe4 Hackbuster’s Forum is an online community dedicated to stopping the bad guys that use social engineering to hack your organization.
Continue Reading

CEOs are Prime Targets for Social Engineering Attacks

CEOs can be the weakest link in an organization’s security posture, according to Mimecast’s Matthew Gardiner. Carole Theriault talked to Gardiner last week on The CyberWire’s Hacking ...
Continue Reading

Scammers Target 21 Social Media Users Every Minute

According to a new survey, social media sharing – and oversharing – provides cybercriminals with important personal details to commit identity theft, fraud, and more.
Continue Reading

On Facebook, Make Sure They Are Who They Say They Are Before You become Friends

You receive a message apparently from a Facebook friend telling you they received another friend request from you. They go on to diagnose the "situation," tell you that you’ve been ...
Continue Reading

Retail is Unprepared for Social Engineering

The latest data from SecurityScorecard shows the retail industry’s security stance is at an all-time low, and is particularly susceptible to social engineering attacks. The retail ...
Continue Reading

Hackers: Social Engineering is Easier

Despite the presence of application and OS vulnerabilities – both new and old – hackers prefer to leverage social engineering as their preferred attack method.
Continue Reading

[Heads-up] Now In The Wild: New Super Evil Rootkit Survives Even "Nuke From Orbit" And HD Swap

This thing is a nightmare that escaped into daylight. The Russian GRU—aka Fancy Bear—probably was riveted reading the Wikileaks CIA Vault 7 UEFI Rootkit docs (PDF) and built one of these ...
Continue Reading

Kevin Mitnick weighs in on Facebook's big security breach

It was all over the news, and CNBC interviewed KnowBe4's very own Chief Hacking Officer Kevin Mitnick (note the StreetCred box on the right).
Continue Reading

[InfoGraphic] 20 Ways to Block Mobile Attacks

To start your National Cyber Security Awareness Month (NCSAM) here is a goodie for your users to kick things off.
Continue Reading

The Cybercrime Economy Makes It Impossible to Stop

The operation run by botnet author Peter Levashov demonstrates how easy it is for would-be criminals to get into the business.
Continue Reading

Holiday Threat No. 1: Evil Twin Domains With A "Trusted" SSL/TSL Certificate

As the holiday season approaches, cybercriminals are set to scam your users out of their personal money but also your organizational budget.
Continue Reading

Brand-New Tool: Domain Doppelgänger Identifies Evil Twin Domains

I gave you a heads-up a few days ago, and now I'm excited to announce the actual release of a new tool to help protect your organization from the bad guys.
Continue Reading

Phone Scam Impersonates Sheriff’s Office Using Judge’s Name

The US Marshals Service has stated that a new phone scam is targeting residents of Marshall, Texas. The scammer claims to be from the local sheriff’s office and tells residents that the ...
Continue Reading

Reminder: In Spite of Windows Flaws, Hackers Prefer Social Engineering

Nearly half of hackers surveyed at the recent Black Hat conference in Las Vegas admitted easily compromising both Windows 8 and 10 in the past year.
Continue Reading

Looking at Cyber Attacks From the Inside Out, It’s All About Social Engineering

Frances Zelazny, Vice President of BioCatch, gave a recent Tech Republic interview to share some insight into how hackers can access your passwords. It's familiar but worth reviewing, ...
Continue Reading

Social Engineering, Just a Call Away

An email arrives, and you think it’s from your boss. Because it has your boss’s name on it, there's a huge psychological response, and you tend do what is requested. After a cordial ...
Continue Reading

When Does Effective Persuasion Become Manipulation and Social Engineering?

There’s a fine but clear line between ethical and unethical persuasion, says Joe Gray, a security consultant from the “Advanced Persistent Security” blog and podcast. Gray recently ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews