Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Nation-State Threat Actors Rely on Social Engineering

Nov 12, 2024 3:38:33 PM By Stu Sjouwerman
A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.
Continue Reading

[FREE RESOURCE KIT] Stay Cyber Safe this Holiday Season with Our Free 2024 Resource Kit!

Nov 12, 2024 7:24:00 AM By Stu Sjouwerman
Isn’t it typical for bad actors to strike when we’re distracted and busy during this time of year?
Continue Reading

Criminals Use Search Engine Poisoning to Boost Phishing Pages

Nov 11, 2024 4:46:36 PM By Stu Sjouwerman
Researchers at Malwarebytes warn that cybercriminals are using search engine poisoning to boost phishing pages to the top of Bing’s search results.
Continue Reading

[Eye Opener] Attackers Don’t Hack, They Log In. Can You Stop Them?

Nov 9, 2024 8:58:57 AM By Stu Sjouwerman
The latest trend in cybercrime is that attackers don't really focus on “hacking” in; they’re logging in.
Continue Reading

BlackBasta Ransomware Gang Uses New Social Engineering Tactics To Target Corporate Networks

Nov 5, 2024 2:13:18 PM By Stu Sjouwerman
ReliaQuest warns that the BlackBasta ransomware gang is using new social engineering tactics to obtain initial access within corporate networks.
Continue Reading

Attackers Abuse Eventbrite to Send Phishing Emails

Nov 5, 2024 2:13:13 PM By Stu Sjouwerman
Attackers are abusing Eventbrite’s scheduling platform to send phishing emails, according to researchers at Perception Point. These attacks increased by 900% between July and October 2024.
Continue Reading

If Social Engineering Is 70% - 90% of Attacks, Why Aren’t We Acting Like It?

Nov 4, 2024 1:37:53 PM By Roger Grimes
Over a decade ago, I noticed that social engineering was the primary cause for all malicious hacking. It has been that way since the beginning of computers, but it took me about half of ...
Continue Reading

QR Code Phishing is Growing More Sophisticated

Oct 30, 2024 1:31:53 PM By Stu Sjouwerman
Sophos describes a QR code phishing (quishing) campaign that targeted its own employees in an attempt to steal information.
Continue Reading

4 out of 10 Phishing Emails Are Sent From a Compromised Email Account

Oct 28, 2024 4:40:24 PM By Stu Sjouwerman
Analysis of phishing emails in the second quarter of this year paints a picture of what security teams and vigilant recipients should expect from modern phishing attacks.
Continue Reading

Threat Actors Compromise Valid Accounts Via Social Engineering

Oct 28, 2024 4:38:14 PM By Stu Sjouwerman
Phishing remains a top initial access vector for cyberattacks, according to researchers at Cisco Talos.
Continue Reading

The £3 Million Daily Heist

Oct 28, 2024 9:15:03 AM By Javvad Malik
A recent report from UK Finance covered by the BBC paints a concerning picture of the evolving landscape of financial fraud. With a 16% rise in fraud cases and criminals stealing over £3 ...
Continue Reading

Cybersecurity Budgets Are Increasing, but Security Leaders Don’t Think It’s Enough

Oct 25, 2024 4:15:23 PM By Stu Sjouwerman
Despite the belief that today’s SOC should be doing the lion’s share of protecting an organization, new data shows reliance on more than just security teams is needed.
Continue Reading

[2025 Is Too Late] - European Companies Must Act Now Against AI-Powered Cyber Threats

Oct 24, 2024 1:39:12 PM By Stu Sjouwerman
European Organizations Can't Afford to Wait: Critical Cybersecurity Threats Demand Immediate Action
Continue Reading

More Than 33,000 People in the UK Have Been Hacked Over the Past Year

Oct 22, 2024 2:56:57 PM By Stu Sjouwerman
Action Fraud, the UK’s national fraud and cyber crime reporting service, warns that more than 33,000 people have reported that their online accounts have been hacked over the past year.
Continue Reading

KnowBe4's Cybersecurity Experts Shine at Barnes & Noble in New York City

Oct 21, 2024 11:16:40 AM By Stu Sjouwerman
New York City's iconic Barnes & Noble on 5th Avenue recently featured the newly released books of two of KnowBe4's leading cybersecurity experts: Chief Human Risk Management Officer ...
Continue Reading

North Korean IT Worker Threat: 10 Critical Updates to Your Hiring Process

Oct 19, 2024 8:53:26 AM By Stu Sjouwerman
KnowBe4 was asked what changes were made in the hiring process after the North Korean (DPRK) fake IT worker discovery. Here is the summary and we strongly suggest you talk this over with ...
Continue Reading

FBI Warns Scammers Are Targeting Law Firms For Phony Debt Collections

Oct 18, 2024 3:59:56 PM By Stu Sjouwerman
The U.S. FBI warns that scammers are attempting to trick law firms into transferring money as part of a phony debt collection scheme.
Continue Reading

Phishing Attacks Are Abusing Legitimate Services to Avoid Detection

Oct 18, 2024 2:17:30 PM By Stu Sjouwerman
Microsoft warns that threat actors are abusing legitimate file-hosting services to launch phishing attacks. These attacks are more likely to bypass security filters and appear more ...
Continue Reading

North Korean Hackers Continue to Target Job Seekers

Oct 16, 2024 8:53:47 AM By Stu Sjouwerman
A North Korean threat actor is launching social engineering attacks against job seekers in the tech industry, according to researchers at Palo Alto Networks’ Unit 42.
Continue Reading

"Operation Kaerb" Takes Down Sophisticated Phishing-as-a-Service Platform “iServer”

Oct 14, 2024 8:51:36 AM By Stu Sjouwerman
A partnering of European and Latin American law enforcement agencies took down the group behind the mobile phone credential theft of 483,000 victims.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews