Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

“Browser-in-the-Browser” Phishing Technique Spotted in New Steam Account Attack

Luring victims using a realistic- and legitimate-looking fake browser window to steal Steam accounts, this new type of social engineering may be a sign of things to come.
Continue Reading

Social Engineering Targets Healthcare Payment Processors

The US Federal Bureau of Investigation (FBI) has issued an alert warning of an increase in phishing and other social engineering attacks against healthcare payment processors.
Continue Reading

[HEADS UP] Bank of America Warns About Recent Scams That Request Zelle Payment Due to 'Suspicious Activity'

Bank of America recently sent a customer service email warning users to watch out for this new phishing attack.
Continue Reading

Uber security breach 'looks bad', caused by social engineering

It was all over the news, but ZDNet's Eileen Yu was one of the first. -- "Hacker is believed to have breached Uber's entire network in a social engineering attack, which one security ...
Continue Reading

Cisco Attempt Attributed to Lapsus$ Group

Security researchers at Cisco Talos have issued an update on the cyberattack Cisco sustained earlier this year. The attack began with a phishing attack against a Cisco employee, which led ...
Continue Reading

Singapore: Top Ten Scams in the First Half of 2022 Cost Over $227 Million, Scam Frequency Rises by 94%

Queries of reported cases to Singapore Police reveal a rise in scam costs by 59% as phishing cases double and job-related scams increase 7x from the first half of 2021.
Continue Reading

Instagram Phishing: Scammers Exploit Instagram Verification Program

Researchers at Vade warn that an email phishing campaign is informing users that their Instagram account is eligible to receive a blue verification badge. If a user clicks the link, ...
Continue Reading

Fraud Warning from DHS OIG

The Department of Homeland Security’s Office of the Inspector General (DHS OIG) has issued an alert to warn that scammers are posing as DHS employees.
Continue Reading

The Extent of Social Engineering

Researchers at NordVPN have published the results of a survey that found that 84% of Americans have experienced some form of social engineering, although only 54% have heard of the term ...
Continue Reading

Report: Deepfakes Used in Scams

Scammers created a deepfake video of Patrick Hillmann, Chief Communications Officer at cryptocurrency exchange Binance, in order to scam people. Hillmann explained in a blog post that he ...
Continue Reading

[HEADS UP] Highly Sophisticated Job Offer Scam

If you've been approached by recruiters on LinkedIn for a potential job opportunity, you may want to pay attention to this recent scam.
Continue Reading

Dueling Clauses, or, not all Fraud is the Same

There are, famously, three things you can do with risk: accept it, mitigate it, or transfer it. And you transfer risk by buying insurance against it.
Continue Reading

Teach Two Things to Decrease Phishing Attack Success

We know everyone is busy. Everyone already has too much on their plate and is trying to learn as much as they can every day.
Continue Reading

Vishing is a Rising Threat to the Enterprise

Most of us are all too familiar with vishing, the scam voice calls that offer to erase your credit card debt, to extend your automobile warranty, to get you to donate to that worthy cause ...
Continue Reading

Piggybacking: Social Engineering for Physical Access

Tailgating or piggybacking is an old but effective social engineering technique to gain physical access to restricted areas, according to Rahul Awati at TechTarget. Tailgating is when a ...
Continue Reading

Social Engineering for Espionage and Influence

Microsoft has disrupted operations carried out by a Russian government-aligned threat actor tracked as “SEABORGIUM.” The threat actor uses phishing and credential harvesting to conduct ...
Continue Reading

Massive Network of Over 10,000 Fake Investment Sites Targets Europe

Using a mix of compromised social media accounts, social engineering, call center agents, and some convincing websites, this latest scam seeks to get victims to repeatedly “invest”.
Continue Reading

New Research Shows Social Engineering and Phishing are the Top Threats

According to the CS Hub Mid-Year Market Report 2022, new findings shows that 75% of survey respondents believe that social engineering and phishing attacks are the top threat vector to ...
Continue Reading

Twilio hacked by phishing campaign targeting internet companies

Communications giant Twilio has confirmed hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials. 
Continue Reading

Cybercriminals Go to College with New Phishing Attacks

The summer is winding up, and the traditional academic year is approaching. And amid the welcomes from the deans of students, the activities coordinators, the academic advisors and so on, ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews