Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

That’s Not Actually Mr. Musk, That's a Scam

A school principal in Volusia County, Florida has resigned after sending $100,000 to a scammer posing as Elon Musk, WESH 2 News reports. Dr. Jan McGee from the Burns Science and ...
Continue Reading

Social Engineering Attacks Utilizing Generative AI Increase by 135%

New insights from cybersecurity artificial intelligence (AI) company Darktrace shows a 135% increase in novel social engineering attacks from Generative AI.
Continue Reading

Ukrainian Police Take Down Cybercrime Ring

The Cyber Police of Ukraine have arrested twelve alleged members of an organized cybercrime group that’s stolen approximately $4.3 million from users across Europe, the Hacker News ...
Continue Reading

The FBI's Public Service Warning of Business Email Compromise

The US FBI is warning of business email compromise (BEC) attacks designed to steal physical goods. While BEC attacks are typically associated with stealing money, criminals can use the ...
Continue Reading

New Vendor Email Compromise Attack Seeks $36 Million

The details in this thwarted VEC attack demonstrate how the use of just a few key details can both establish credibility and indicate the entire thing is a scam.
Continue Reading

Cyber Insurers Quietly Remove Coverage for Social Engineering and Fraudulent Instruction Claims

As cyber insurers become more experienced in what kinds of claims are being presented, and the threat action details therein, specific types of coverages are no longer being included.
Continue Reading

The Future of Cyber Attacks? Speed, More Speed

I get asked all the time to “predict” the future of cybercrime. What will be the next big cyber attack? What will be the next paradigm platform shift that attackers will target? And so on.
Continue Reading

An Overview of Silicon Valley Bank Themed Social Engineering

Researchers at ReliaQuest warn that organizations should continue to be on the lookout for social engineering attacks related to Silicon Valley Bank (SVB).
Continue Reading

Warning Customers About Social Engineering.

It’s a familiar story: scam artists impersonate a trusted brand, a trusted business or a trusted authority in emails and on bogus sites designed to exploit that very trust to commit ...
Continue Reading

[FREE RESOURCE KIT] New Phishing Security Resource Kit Now Available!

Phishing emails increase in volume every month and every year, so we created this free resource kit to help you defend against attacks. Request your kit now to learn phishing mitigation ...
Continue Reading

University of Sydney Gives Students and Staff Advice on Avoiding Social Engineering Scams

The University of Sydney has issued advice to help students and staff avoid falling for social engineering attacks.
Continue Reading

Threat Actors are Using FINRA Impersonation For Their Attacks

DomainTools warns that a sophisticated West Africa-based fraud group is impersonating the Financial Industry Regulatory Authority (FINRA) to target users in the United States, according ...
Continue Reading

Microsoft Warns of Business Email Compromise Attacks Taking Hours

According to Microsoft's Security Intelligence team, a recent business email compromise attack (BEC) has shown that threat actors are quickening the pace of these attacks, with certain ...
Continue Reading

[Heads Up] The SVB Bankruptcy Is A Social Engineering Bonanza

Saturday March 11, 2023 -- Over the last 24 hours, the Federal Deposit Insurance Corporation has established the FDIC Bank of Santa Clara and insured depositors will have access to funds ...
Continue Reading

One-Quarter of Users Fall for Online Scams Despite an Overconfidence in an Ability to Spot Them

A new survey of individuals across seven countries shows that users may have had luck on their side, as a majority aren’t sure about their device security or how to spot malicious sites ...
Continue Reading

Customer Care Numbers as Phishbait

Researchers at CloudSEK have published a report looking at fraudulent customer service phone numbers in India. The researchers found around 20,000 of these phone numbers targeting users ...
Continue Reading

[Eye Opener] Businessweek: The Satellite Hack Everyone Is Finally Talking About

This morning, Bloomberg News pointed at a brand new article at BusinessWeek, one of their media properties. This is an excellent article that exposes the vulnerabilities when ...
Continue Reading

Business Email Compromise Gang Gets Jail Time for Stealing Millions

An international cybercriminal operation responsible for millions of dollars in business email compromise (BEC) scams has finally been dismantled.
Continue Reading

Blind Eagle Goes Phishing

BlackBerry has published a report on a threat actor, Blind Eagle, also known as APT-C-36, which has been operating against targets in Ecuador and Colombia since at least 2019. Its most ...
Continue Reading

GLBA and Other Regulations Wake Up to the Importance of Security Awareness Training With  June 9, 2023 Deadline

Most computer security practitioners have understood for many years the importance of having an aggressive security awareness training program. As social engineering is involved in 70% to ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews