Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

“Magic Link” Phishing Attacks Scamming Users With Fake McAfee Renewals

May 30, 2023 9:08:34 AM By Stu Sjouwerman
Threat actors are using encoded phishing links to evade security filters, according to Jeremy Fuchs at Avanan. The phishing emails purport to be notifications from McAfee informing the ...
Continue Reading

[Mastering Minds]  China's Cognitive Warfare Ambitions Are Social Engineering At Scale

May 26, 2023 1:40:02 PM By Stu Sjouwerman
As the world continues to evolve, so does the nature of warfare. China's People's Liberation Army (PLA) is increasingly focused on "Cognitive Warfare," a term referring to artificial ...
Continue Reading

Verizon Sends New Smishing Warning

May 25, 2023 2:38:23 PM By Stu Sjouwerman
Verizon has renewed its warnings to customers about the threat of smishing, a social engineering approach that relies upon texts as opposed to other communication channels like the email ...
Continue Reading

[Hands-On Defense] Unpatched Software Causes 33% of Successful Attacks

May 23, 2023 9:55:26 AM By Stu Sjouwerman
As you all know, KnowBe4 frequently promotes security awareness training and we also mention that unpatched software is a distant number two issue after social engineering.
Continue Reading

[Microsoft Warning] A 38% Spike In Business Email Compromise with new Cybercrime-as-a-Service

May 23, 2023 8:50:06 AM By Stu Sjouwerman
Microsoft has observed a thirty-eight percent increase in cybercrime-as-a-service (CaaS) offerings for launching business email compromise (BEC) attacks between 2019 and 2022.
Continue Reading

AI-generated Disinformation Dipped The Markets Yesterday

May 23, 2023 6:52:11 AM By Stu Sjouwerman
The Insider reported that an apparently AI-generated photo faking an explosion near the Pentagon in D.C. went viral. The Arlington Police Department confirmed that the image and ...
Continue Reading

[Free Tool] Find out who falls victim to QR code phishing attacks with our QR Code Phishing Security Test

May 22, 2023 11:00:00 AM By Stu Sjouwerman
According to QRTIGER, an online QR code generator company, dynamic QR code scans increased 433% globally from 2021 to 2022. In 2022, the FBI released a warning that QR codes may be ...
Continue Reading

The Face Off: AI Deepfakes and the Threat to the 2024 Election

May 15, 2023 6:22:35 PM By Stu Sjouwerman
The Associated Press warned this week that AI experts have raised concerns about the potential impact of deepfake technology on the upcoming 2024 election. Deepfakes are highly convincing ...
Continue Reading

Business Email Compromise and “Confidential” Mergers and Acquisitions

May 10, 2023 10:07:25 AM By Stu Sjouwerman
A newly identified criminal organization has been observed running a large number of business email compromise (BEC) scams. Since February 2021, Abnormal Security reports the gang has ...
Continue Reading

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

May 9, 2023 4:43:09 PM By Stu Sjouwerman
The Five Eyes member nations' cybersecurity and intelligence agencies dismantled the infrastructure of the Snake cyber-espionage malware that was operated by Russia's Federal Security ...
Continue Reading

Blocking Social Engineering by Foreign Bad Actors: The Role of the New Foreign Malign Influence Center

May 8, 2023 7:02:01 AM By Stu Sjouwerman
The U.S. government created a new office to block disinformation. The new Foreign Malign Influence Center (FMIC) oversees efforts that span U.S. military, law enforcement, intelligence, ...
Continue Reading

[Eye Opener] HTML Phishing Attacks Surge by 100% in 12 Months

May 7, 2023 11:57:55 AM By Stu Sjouwerman
The Cyberwire reported: "Barracuda released a study this morning indicating that HTML attacks have doubled since last year.
Continue Reading

Response-Based Business Email Compromise Contributes to 97% of Attacks

May 4, 2023 8:39:58 AM By Stu Sjouwerman
The malwareless and seemingly benign nature of business email compromise emails, mixed with impersonation techniques, are difficult to spot as being malicious, making them even more ...
Continue Reading

Malware Downloads Facilitated by Social Engineering

May 4, 2023 8:28:47 AM By Stu Sjouwerman
The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated ...
Continue Reading

[Feet on the Ground] Stepping Carefully When Making an AI Your BFF

May 2, 2023 1:40:51 PM By Stu Sjouwerman
Bloomberg's Brad Stone wrote an op-ed covering this topic. In the past month, a chatbot called "My AI" or "Sage" has appeared as a new friend for several hundred million Snapchat users. ...
Continue Reading

The Two Best Things You Can Do To Protect Yourself and Organization

May 2, 2023 8:22:23 AM By Roger Grimes
Since the beginning, two types of computer attacks (known as initial root cause exploits) have composed the vast majority of successful attacks: social engineering and exploiting ...
Continue Reading

Automate Reporting for Security Awareness Training Events and Suspicious Email Remediation Management with Cortex XSOAR and KnowBe4

May 1, 2023 8:00:00 AM By Stu Sjouwerman
Security teams face unique challenges in today’s rapidly-changing landscape of phishing, malware, and other social engineering and cybersecurity threats. Collaboration across disparate ...
Continue Reading

Heart of the Matter: How LLMs Can Show Political Bias in Their Outputs

Apr 28, 2023 6:59:09 AM By Stu Sjouwerman
Wired just published an interesting story about political bias that can show up in LLM's due to their training. It is becoming clear that training an LLM to exhibit a certain bias is ...
Continue Reading

[Eyes Wide Shut] Fed Powell's Call with Russian Pranksters Exposed as Social Engineering

Apr 28, 2023 6:17:37 AM By Stu Sjouwerman
It was all over the news. Fed's Jerome Powell was social engineered by Russian pranksters posing as Zelensky.
Continue Reading

Does ChatGPT Have Cybersecurity Tells?

Apr 27, 2023 8:46:59 AM By Stu Sjouwerman
Poker players and other human lie detectors look for “tells,” that is, a sign by which someone might unwittingly or involuntarily reveal what they know, or what they intend to do. A ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews