KnowBe4

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Business Email Compromise, Credential Theft, and Many Other Attack Vectors Surged as High as 5x in Q4 2018

Feb 14, 2019 11:30:32 AM By Stu Sjouwerman
The latest data from Proofpoint shows many types of cyberattacks making massive jumps in comparison to both previous quarters and years.
Continue Reading

[LIVE WEBINAR] Get an Insider View Into the Methods and Exploits of the World's Most Famous Hacker, Kevin Mitnick

Feb 11, 2019 2:16:07 PM By Stu Sjouwerman
Many of the world's most reputable organizations rely on Kevin Mitnick, the world's most famous hacker and KnowBe4's Chief Hacking Officer, to uncover their most dangerous security flaws. ...
Continue Reading

Social Engineering Comes to Wikipedia

Feb 6, 2019 6:55:23 AM By Stu Sjouwerman
Attackers are selectively editing Wikipedia articles to lend credibility to tech support scams, according to Rob VandenBrink at the SANS Internet Storm Center. The Wikipedia page for the ...
Continue Reading

Sextortion Phishing Scam Exploits Recent Breach Fears

Feb 5, 2019 7:23:09 AM By Stu Sjouwerman
Sextortion scam emails are circulating which claim that a popular adult site has been hacked, allowing an attacker to record videos of users through their webcams, according to Lawrence ...
Continue Reading

[Brilliant New Social Engineering Phish] "Please Docusign: Funding For Your Business"

Jan 31, 2019 7:13:19 AM By Stu Sjouwerman
A friend was sent this email and he forwarded it to me. It's a brilliant new social engineering phishing scam. It will sail through all your spam / malware filters and email protection ...
Continue Reading

"Hacking Humans" Is The No. 1 Podcast Covering Social Engineering!

Jan 30, 2019 11:33:50 AM By Stu Sjouwerman
Each week the CyberWire’s Hacking Humans podcast looks behind the social engineering scams, phishing schemes, and criminal exploits that make headlines and take a heavy toll on ...
Continue Reading

Social Engineering Testing: Why Getting Hacked Is a Security Advantage

Jan 28, 2019 3:42:55 PM By Stu Sjouwerman
Stephanie Carruthers, People Hacker for IBM- X-Force Red wrote an excellent post about the need for red-teaming and pentesting your own organization. I'll quote the first paragraph or so, ...
Continue Reading

Online Job Offer Turns Would-Be Applicant into Unwitting Conspirator in Malware Attack

Jan 25, 2019 7:17:51 AM By Stu Sjouwerman
The context of contacting the victim via a credible website may be all that was needed to trick one job seeker into installing malware on the network of a bank.
Continue Reading

Criminals Make Off With USD $150,000 in Business Email Compromise Real Estate Scam

Jan 22, 2019 5:20:21 PM By Stu Sjouwerman
Scammers stole $150,000 from a woman during a real estate transaction last year, according to Lisa Vaas at Naked Security. Mireille Appert, a Swiss woman who lives in the United States, ...
Continue Reading

Firm in $1.7-million dispute with insurer because of social engineering fraud

Jan 21, 2019 1:58:05 PM By Stu Sjouwerman
Global law firm Dentons Canada LLP is locked in a $1.7-millon dispute with its insurer after staff at the firm’s Vancouver office fell victim to an alleged social engineering attack.
Continue Reading

Gartner's Neil Wynne: "Email Phishing is a Growing Threat"

Dec 20, 2018 3:21:41 PM By Stu Sjouwerman
Email phishing is a top threat to organizations because it works so well, according to Neil Wynne, principal and analyst for secure business enablement at Gartner. Wynne told Stephanie ...
Continue Reading

Is that phone call really from Amazon?

Dec 20, 2018 1:35:51 PM By Eric Howes
By Eric Howes,  KnowBe4 Principal Lab Researcher.  Now that it's the holiday season, malicious parties across the globe are exploiting Amazon's good name and popularity with consumers to ...
Continue Reading

CrowdStrike: Compelling Stories From The Cyber Intrusion Casebook 2018

Dec 15, 2018 2:51:34 PM By Stu Sjouwerman
From the Front Lines of Incident Response, the CrowdStrike Services Cyber Intrusion Casebook 2018 offers some compelling stories how threat actors are continuously adopting new means to ...
Continue Reading

[Heads-up] New Email Extortion Scam Bomb Threat Demands Bitcoin

Dec 13, 2018 5:34:15 PM By Stu Sjouwerman
A new email extortion scam is making the rounds, threatening that someone has planted bombs within the recipient's building that will be detonated unless a hefty bitcoin ransom is paid by ...
Continue Reading

WARNING: Your Head of Finance May Be 1 of 50,000 Execs Targeted in BEC Scams

Dec 13, 2018 3:42:59 PM By Stu Sjouwerman
According to a report from email security & protection vendor Agari, the cybercriminal group dubbed London Blue are directing their latest scams at very specific finance execs.
Continue Reading

Giveaway Scam Offers Free Volkswagens to Generate Ad Revenue

Dec 12, 2018 5:34:58 PM By Stu Sjouwerman
A scam campaign is promising free Volkswagen car giveaways to trick social media users into visiting third-party ad servers, according to researchers at Sucuri.
Continue Reading

Hackbusters - Where Can You Discuss All Things Social Engineering?

Dec 11, 2018 3:19:07 PM By Stu Sjouwerman
The KnowBe4 Hackbuster’s Forum is an online community dedicated to stopping the bad guys that use social engineering to hack your organization.
Continue Reading

CEOs are Prime Targets for Social Engineering Attacks

Nov 20, 2018 4:46:20 PM By Stu Sjouwerman
CEOs can be the weakest link in an organization’s security posture, according to Mimecast’s Matthew Gardiner. Carole Theriault talked to Gardiner last week on The CyberWire’s Hacking ...
Continue Reading

Scammers Target 21 Social Media Users Every Minute

Nov 1, 2018 10:58:51 AM By Stu Sjouwerman
According to a new survey, social media sharing – and oversharing – provides cybercriminals with important personal details to commit identity theft, fraud, and more.
Continue Reading

On Facebook, Make Sure They Are Who They Say They Are Before You become Friends

Oct 11, 2018 1:54:22 PM By Stu Sjouwerman
You receive a message apparently from a Facebook friend telling you they received another friend request from you. They go on to diagnose the "situation," tell you that you’ve been ...
Continue Reading
Subscribe

Search Our Blog


Forrester KnowBe4 TEI Whitepaper

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews