Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

New Research: Ransomware Data Extortion Skyrocketing

Data theft extortion attacks increased by 46% in the fourth quarter of 2024, according to a new report from Nuspire.
Continue Reading

New Phishing Campaign Targets The X Accounts of Politicians, Tech Companies, Cryptocurrency, And More

SentinelOne warns that a phishing campaign is targeting high-profile X accounts, including those belonging to US political figures, leading journalists, major technology companies, ...
Continue Reading

Cybersecurity Resilience and Culture Matters to Face the Growing Frequency and Sophistication of Cybercrime

Dr. Martin J. Kraemer discusses learning from The Word Economics Forum Cybersecurity Outlook 2025 report Last year, the British multinational corporation Arup lost about 20 million pounds ...
Continue Reading

Don’t Fall Victim: DeepSeek-Themed Scams Are on the Rise

Scammers are taking advantage of the newfound popularity of the China-based AI app DeepSeek, according to researchers at ESET.
Continue Reading

Phishing Up 76% – Deepfake Attacks Surge: Is Your Org the Next Target?

Nearly half (46%) of businesses observed an increase in deepfakes and generative AI-related fraud last year, a new report from AuthenticID has found.
Continue Reading

Warning: Phishing Campaign Targets Germany with New Malware

Researchers at Cisco Talos warn that a new phishing campaign is targeting users in Germany and Poland in an attempt to deliver several strains of malware, including a new backdoor dubbed ...
Continue Reading

The Rising Tide of Cybercrime Concerns in Africa

Our recent Africa Cybersecurity Awareness survey has revealed a startling surge in cybersecurity concerns among African users, with 58% of respondents expressing high levels of worry ...
Continue Reading

Microsoft is Still the Most Commonly Impersonated Brand in Phishing Attacks

Microsoft, Apple, and Google were the most commonly impersonated brands in phishing attacks last quarter, according to researchers at Check Point.
Continue Reading

Beware of Toll Scam Texts: How Cybercriminals are Targeting U.S. Drivers

Drivers across the U.S. are being bombarded with fraudulent text messages claiming to come from toll operators like E-ZPass.
Continue Reading

Nearly Three-Quarters of UK Education Orgs Have Sustained Cyberattacks

73% of educational institutions in the UK have sustained at least one cyberattack or breach in the past five years, according to researchers at ESET.
Continue Reading

Phishing is the Top Security Threat For Smartphone Users

Phishing attacks are the most common security issue for smartphone users, according to a new study by Omdia.
Continue Reading

Phishing Campaign Attempts to Bypass iOS Protections

An SMS phishing (smishing) campaign is attempting to trick Apple device users into disabling measures designed to protect them against malicious links, BleepingComputer reports.
Continue Reading

Effective Security Awareness Training Really Does Reduce Data Breaches

Social engineering and phishing are involved in 70% - 90% of data breaches. No other root cause of malicious hacking (e.g., unpatched software and firmware, eavesdropping, cryptography ...
Continue Reading

Ransomware Gangs Claimed More Than 5,000 Attacks in 2024

Ransomware groups claimed responsibility for 5,461 attacks in 2024, with 1,204 of these attacks being publicly confirmed by victim organizations, according to Comparitech’s latest ...
Continue Reading

First Ever Magic Quadrant™ for Email Security Platforms by Gartner®

In cybersecurity, email has always been a critical concern. However, we feel the new 2024 Gartner® Magic Quadrant for Email Security Platforms™ has signaled a shift in how we approach ...
Continue Reading

Japan Attributes More Than 200 Cyberattacks to China Threat Actor "MirrorFace"

Japan’s National Police Agency (NPA) has attributed more than 200 cyber incidents over the past five years to the China-aligned threat actor “MirrorFace,” Infosecurity Magazine reports.
Continue Reading

Tax-Themed Phishing Campaign Delivers Malware Via Microsoft Management Console Files

Securonix warns that tax-themed phishing emails are attempting to deliver malware via Microsoft Management Console (MSC) files.
Continue Reading

"Get Beyond Security Awareness Training" Does Not Mean Forgetting About It

KnowBe4 is a big believer in focusing on decreasing human risk as the best way to decrease cybersecurity risk in most environments.
Continue Reading

Mobile Phishing Attacks Use New Tactic to Bypass Security Measures

ESET has published its threat report for the second half of 2024, outlining a new social engineering tactic targeting mobile banking users.
Continue Reading

Attackers Abuse HubSpot’s Free Form Builder to Craft Phishing Pages

A threat actor is abusing HubSpot’s Free Form Builder service to craft credential-harvesting phishing pages, according to Palo Alto Networks’ Unit 42.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews