Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Job Recruitment Scams Rising Due to Social Engineering

Jul 10, 2023 10:52:29 AM By Stu Sjouwerman
Job scams are a rising form of socially engineered cybercrime. And while it’s easy to imagine the trouble they cause individuals who innocently fall for them (lost opportunities, identity ...
Continue Reading

Amazon Prime Day Alert: Beware of Fake Logins, Gift Card Scams

Jul 7, 2023 11:39:18 AM By Stu Sjouwerman
A new threat alert from ConsumerAffairs and TrendMicro proves more than just shoppers will take advantage of Amazon’s upcoming Prime Day.
Continue Reading

U.K. Twitter Impersonation Hacker Sentenced to Prison in the U.S.

Jul 7, 2023 11:00:00 AM By Stu Sjouwerman
The British national responsible for hacking into and impersonating high-profile individuals as part of a crypto theft scheme has been sentenced to five years in prison.
Continue Reading

Microsoft Teams Cyber Attack Exploit Tool Relies on Social Engineering to Deliver Malware

Jul 7, 2023 8:00:00 AM By Stu Sjouwerman
If your organization uses Microsoft Teams, then you definitely want to hear about a new way bad actors are exploiting this newly discovered cyber attack tool.
Continue Reading

New Report Shows Social Engineering and Business Email Compromise Attacks Have Drastically Increased in 2023

Jul 6, 2023 8:45:53 AM By Stu Sjouwerman
Email-based social engineering attacks have risen by 464% this year compared to the first half of 2022, according to a report by Acronis. Business email compromise (BEC) attacks have also ...
Continue Reading

National Cyber Security Centre Notes UK Law Firms are Main Target for Cybercriminals

Jun 28, 2023 11:16:46 AM By Stu Sjouwerman
In the most recent Cyber Threat report from the National Cyber Security Centre (NCSC), it is clear that UK law firms are a gold mine for cybercriminals.
Continue Reading

Russian Threat Actor Targets Ukraine Government And Military With Spear Phishing Emails

Jun 27, 2023 8:54:25 AM By Stu Sjouwerman
Russia’s APT28 (also known as “Fancy Bear” or “BlueDelta”) is using spear phishing to compromise Ukrainian government and military entities, according to researchers at Recorded Future. ...
Continue Reading

New Cryptocurrency Coinbase Phishing Campaign Uses Social Engineering

Jun 26, 2023 9:12:26 AM By Stu Sjouwerman
A phishing campaign is impersonating cryptocurrency trading platform Coinbase, Tech.co reports. Crypto trader Jacob Canfield described the campaign in a Twitter thread, stating that the ...
Continue Reading

Want To Stop All Scams? Here Is How!

Jun 23, 2023 2:25:52 PM By Roger Grimes
There are many ways to be socially engineered and phished, including email, websites, social media, SMS texts, chat services, phone calls and in-person. These days, it is hard to sell ...
Continue Reading

Extremely Persistent Threat Group Demonstrates a Strong Understanding of the Modern Incident Response Frameworks

Jun 22, 2023 9:44:42 AM By Stu Sjouwerman
A threat actor tracked as “Muddled Libra” is using the 0ktapus phishing kit to gain initial access to organizations in the software automation, business process outsourcing, ...
Continue Reading

Is AI-Generated Disinformation on Steroids About To Become a Real Threat for Organizations?

Jun 21, 2023 9:49:39 AM By Martin Kraemer
A researcher was alerted to a fake website containing fake quotes that appeared to be written by himself. The age of generative artificial intelligence (AI) toying with our public ...
Continue Reading

KnowBe4’s 2023 Phishing By Industry Benchmarking Report Reveals that 33.2% of Untrained End Users Will Fail a Phishing Test

Jun 20, 2023 9:07:42 AM By Joanna Huisman
Cybercriminals still know that the easiest way to successfully infiltrate an organization is through its people.
Continue Reading

New Social Engineering Tactic Uses PDFs in Business Email Compromise Attacks

Jun 20, 2023 8:46:31 AM By Stu Sjouwerman
Legitimate services can be exploited in social engineering, including business email compromise (BEC) attacks.  Researchers at Check Point describe one current BEC campaign that’s using ...
Continue Reading

New Survey Shows 40% of People Searching for a Job Encountered a Scam

Jun 15, 2023 8:47:35 AM By Stu Sjouwerman
A survey by PasswordManager.com has found that one in three job seekers has fallen for, and responded to, fake job scams over the past two years.
Continue Reading

[INFOGRAPHIC] KnowBe4’s SecurityCoach: Top 10 Risky Behaviors

Jun 14, 2023 4:08:25 PM By Stu Sjouwerman
Real-time security coaching helps improve your organization’s security culture by enabling real-time coaching of your users in response to risky security behaviors.
Continue Reading

France Accuses Russia of Spoofing Foreign Ministry Website in ‘Typosquatting’ Campaign

Jun 14, 2023 2:10:17 PM By Stu Sjouwerman
The French government is taking a stand against the increasing threat of digital warfare. Publicly accusing Russia of conducting an extensive online manipulation campaign, France is ...
Continue Reading

Half of U.K. Companies Have Been a Cyber Attack Victim in the Last Three Years

Jun 12, 2023 9:18:26 AM By Stu Sjouwerman
New data puts the spotlight on the human factor in U.K. cyber attacks, where users continue to be susceptible to social engineering, creating the so-called “Human Risk.”
Continue Reading

How NK's Cyber Criminals Stole 3 Billion in Crypto To Fund Their Nukes

Jun 11, 2023 8:01:42 PM By Stu Sjouwerman
The Wall Street Journal today revealed that North Korea's hacker army managed to steal a huge amount of cryptocurrency amounting to $3 billion to finance their nuclear program. US ...
Continue Reading

Verizon: Stolen Credentials Tops the List of Threat Actions in Breaches

Jun 9, 2023 10:00:18 AM By Stu Sjouwerman
Verizon's DBIR always has a lot of information to unpack, so I’ll continue my review by covering how stolen credentials play a role in attacks.
Continue Reading

Verizon: Pretexting Now Tops Phishing in Social Engineering Attacks

Jun 8, 2023 7:10:48 AM By Stu Sjouwerman
The New Verizon DBIR is a treasure trove of data. As we covered here, and here, people are one of the most common factors contributing to successful data breaches. Let’s drill down a bit ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews