Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

[Feet on the Ground] Stepping Carefully When Making an AI Your BFF

May 2, 2023 1:40:51 PM By Stu Sjouwerman
Bloomberg's Brad Stone wrote an op-ed covering this topic. In the past month, a chatbot called "My AI" or "Sage" has appeared as a new friend for several hundred million Snapchat users. ...
Continue Reading

The Two Best Things You Can Do To Protect Yourself and Organization

May 2, 2023 8:22:23 AM By Roger Grimes
Since the beginning, two types of computer attacks (known as initial root cause exploits) have composed the vast majority of successful attacks: social engineering and exploiting ...
Continue Reading

Automate Reporting for Security Awareness Training Events and Suspicious Email Remediation Management with Cortex XSOAR and KnowBe4

May 1, 2023 8:00:00 AM By Stu Sjouwerman
Security teams face unique challenges in today’s rapidly-changing landscape of phishing, malware, and other social engineering and cybersecurity threats. Collaboration across disparate ...
Continue Reading

Heart of the Matter: How LLMs Can Show Political Bias in Their Outputs

Apr 28, 2023 6:59:09 AM By Stu Sjouwerman
Wired just published an interesting story about political bias that can show up in LLM's due to their training. It is becoming clear that training an LLM to exhibit a certain bias is ...
Continue Reading

[Eyes Wide Shut] Fed Powell's Call with Russian Pranksters Exposed as Social Engineering

Apr 28, 2023 6:17:37 AM By Stu Sjouwerman
It was all over the news. Fed's Jerome Powell was social engineered by Russian pranksters posing as Zelensky.
Continue Reading

Does ChatGPT Have Cybersecurity Tells?

Apr 27, 2023 8:46:59 AM By Stu Sjouwerman
Poker players and other human lie detectors look for “tells,” that is, a sign by which someone might unwittingly or involuntarily reveal what they know, or what they intend to do. A ...
Continue Reading

Latest QBot Attacks Use a Mixture of PDF Attachments and Windows Scripting Host Files to Infect Victims

Apr 27, 2023 8:08:22 AM By Stu Sjouwerman
QBot malware seems to be outliving its competitors through innovative new ways to socially engineer victims into helping install it.
Continue Reading

Recruiting Money Mules

Apr 26, 2023 4:28:05 PM By Stu Sjouwerman
Money mules play a subordinate but important role in the criminal economy. They’re used to move stolen funds around, a low-level version of illicit remittance and money laundering. ...
Continue Reading

Another Perspective on ChatGPT's Social Engineering Potential

Apr 24, 2023 3:54:51 PM By Stu Sjouwerman
We’ve had occasion to write about ChatGPT’s potential for malign use in social engineering, both in the generation of phishbait at scale and as a topical theme that can appear in lures. ...
Continue Reading

FBI Warns of Sextortion Scams that Yield a New Equally Scam-Like Service: Sextortion Assistance

Apr 21, 2023 3:45:11 PM By Stu Sjouwerman
A FBI bulletin highlights a new twist in the sextortion game: companies claiming to assist with addressing sextortion who use deceptive social engineering tactics to coerce victims into ...
Continue Reading

Guarding Against AI-Enabled Social Engineering: Lessons from a Data Scientist's Experiment

Apr 19, 2023 1:26:59 PM By Stu Sjouwerman
The Verge came out with an article that got my attention. As artificial intelligence continues to advance at an unprecedented pace, the potential for its misuse in the realm of ...
Continue Reading

That Email Isn’t from the New Jersey Attorney General

Apr 19, 2023 9:07:12 AM By Stu Sjouwerman
Earlier this month, state employees in the US state of New Jersey began receiving emails that falsely represented themselves as originating with the state’s attorney general.
Continue Reading

[Arm and a Leg] Cyber Insurers Are Worried About The Long-tail Cost of Attacks

Apr 18, 2023 2:43:56 PM By Stu Sjouwerman
[BUDGET AMMO] James Rundle at The Wall Street Journal today published a very interesting article about the long-term costs of cyber attacks and the fact that cyber insurers are getting ...
Continue Reading

London NatWest Bank Warns Customers of Alarming Impersonation Scams

Apr 18, 2023 10:08:43 AM By Stu Sjouwerman
National Westminster Bank, the London-based bank familiarly known as NatWest, has warned its customers to be on the alert for emails pretending to be from NatWest, but which in fact are ...
Continue Reading

Indian Rail Passenger Ticketing Platform Warns of Online Fraud

Apr 17, 2023 11:39:56 AM By Stu Sjouwerman
The Indian Railway Catering and Tourism Corporation (IRCTC), described as “a popular platform used by a significant number of Indians for booking train tickets,” has cautioned users about ...
Continue Reading

[Head Start] Effective Methods How To Teach Social Engineering To An AI

Apr 14, 2023 3:57:40 PM By Stu Sjouwerman
Remember The Sims? Well Stanford created a small virtual world with 25 ChatGPT-powered "people". The simulation ran for 2 days and showed that AI-powered bots can interact in a very ...
Continue Reading

Affinity Phishing Attacks Use Social Engineering Tactics to Prey on Victims

Apr 13, 2023 9:14:14 AM By Stu Sjouwerman
Affinity phishing scams are ones in which criminals cultivate trust in their prospective victims by trading on common background, either real or feigned. Thus a fraudster might claim a ...
Continue Reading

That’s Not Actually Mr. Musk, That's a Scam

Apr 5, 2023 11:43:02 AM By Stu Sjouwerman
A school principal in Volusia County, Florida has resigned after sending $100,000 to a scammer posing as Elon Musk, WESH 2 News reports. Dr. Jan McGee from the Burns Science and ...
Continue Reading

Social Engineering Attacks Utilizing Generative AI Increase by 135%

Apr 4, 2023 8:08:53 AM By Stu Sjouwerman
New insights from cybersecurity artificial intelligence (AI) company Darktrace shows a 135% increase in novel social engineering attacks from Generative AI.
Continue Reading

Ukrainian Police Take Down Cybercrime Ring

Apr 3, 2023 11:51:13 AM By Stu Sjouwerman
The Cyber Police of Ukraine have arrested twelve alleged members of an organized cybercrime group that’s stolen approximately $4.3 million from users across Europe, the Hacker News ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews