The FBI's Public Service Warning of Business Email Compromise

Mar 29, 2023 8:01:52 AM By Stu Sjouwerman

The US FBI is warning of business email compromise (BEC) attacks designed to steal physical goods. While BEC attacks are typically associated with stealing money, criminals can use the ...

New Vendor Email Compromise Attack Seeks $36 Million

Mar 24, 2023 11:03:14 AM By Stu Sjouwerman

The details in this thwarted VEC attack demonstrate how the use of just a few key details can both establish credibility and indicate the entire thing is a scam.

Cyber Insurers Quietly Remove Coverage for Social Engineering and Fraudulent Instruction Claims

Mar 23, 2023 8:13:56 AM By Stu Sjouwerman

As cyber insurers become more experienced in what kinds of claims are being presented, and the threat action details therein, specific types of coverages are no longer being included.

The Future of Cyber Attacks? Speed, More Speed

Mar 22, 2023 8:46:51 AM By Roger Grimes

I get asked all the time to “predict” the future of cybercrime. What will be the next big cyber attack? What will be the next paradigm platform shift that attackers will target? And so on.

An Overview of Silicon Valley Bank Themed Social Engineering

Mar 21, 2023 10:21:00 AM By Stu Sjouwerman

Researchers at ReliaQuest warn that organizations should continue to be on the lookout for social engineering attacks related to Silicon Valley Bank (SVB).

Warning Customers About Social Engineering.

Mar 18, 2023 1:58:48 PM By Stu Sjouwerman

It’s a familiar story: scam artists impersonate a trusted brand, a trusted business or a trusted authority in emails and on bogus sites designed to exploit that very trust to commit ...

[FREE RESOURCE KIT] New Phishing Security Resource Kit Now Available!

Mar 16, 2023 9:06:29 AM By Stu Sjouwerman

Phishing emails increase in volume every month and every year, so we created this free resource kit to help you defend against attacks. Request your kit now to learn phishing mitigation ...

University of Sydney Gives Students and Staff Advice on Avoiding Social Engineering Scams

Mar 15, 2023 9:25:51 AM By Stu Sjouwerman

The University of Sydney has issued advice to help students and staff avoid falling for social engineering attacks.

Threat Actors are Using FINRA Impersonation For Their Attacks

Mar 13, 2023 1:13:47 PM By Stu Sjouwerman

DomainTools warns that a sophisticated West Africa-based fraud group is impersonating the Financial Industry Regulatory Authority (FINRA) to target users in the United States, according ...

Microsoft Warns of Business Email Compromise Attacks Taking Hours

Mar 13, 2023 1:13:45 PM By Stu Sjouwerman

According to Microsoft's Security Intelligence team, a recent business email compromise attack (BEC) has shown that threat actors are quickening the pace of these attacks, with certain ...

[Heads Up] The SVB Bankruptcy Is A Social Engineering Bonanza

Mar 12, 2023 7:53:43 AM By Stu Sjouwerman

Saturday March 11, 2023 -- Over the last 24 hours, the Federal Deposit Insurance Corporation has established the FDIC Bank of Santa Clara and insured depositors will have access to funds ...

One-Quarter of Users Fall for Online Scams Despite an Overconfidence in an Ability to Spot Them

Mar 10, 2023 9:46:46 AM By Stu Sjouwerman

A new survey of individuals across seven countries shows that users may have had luck on their side, as a majority aren’t sure about their device security or how to spot malicious sites ...

Customer Care Numbers as Phishbait

Mar 2, 2023 8:50:50 AM By Stu Sjouwerman

Researchers at CloudSEK have published a report looking at fraudulent customer service phone numbers in India. The researchers found around 20,000 of these phone numbers targeting users ...

[Eye Opener] Businessweek: The Satellite Hack Everyone Is Finally Talking About

Mar 2, 2023 7:09:33 AM By Stu Sjouwerman

This morning, Bloomberg News pointed at a brand new article at BusinessWeek, one of their media properties. This is an excellent article that exposes the vulnerabilities when ...

Business Email Compromise Gang Gets Jail Time for Stealing Millions

Feb 28, 2023 11:52:14 AM By Stu Sjouwerman

An international cybercriminal operation responsible for millions of dollars in business email compromise (BEC) scams has finally been dismantled.

Blind Eagle Goes Phishing

Feb 28, 2023 11:52:11 AM By Stu Sjouwerman

BlackBerry has published a report on a threat actor, Blind Eagle, also known as APT-C-36, which has been operating against targets in Ecuador and Colombia since at least 2019. Its most ...

GLBA and Other Regulations Wake Up to the Importance of Security Awareness Training With June 9, 2023 Deadline

Feb 27, 2023 4:15:26 PM By Roger Grimes

Most computer security practitioners have understood for many years the importance of having an aggressive security awareness training program. As social engineering is involved in 70% to ...

W-2s Are Just the Beginning of Tax-Related Scams This Year

Feb 23, 2023 11:28:23 AM By Stu Sjouwerman

Email scammers can’t pass up a tried and true theme that is almost guaranteed to produce results. And with W-2 forms being sent out, it marks the start of this year’s expected campaigns.

Coinbase Attack Used Social Engineering

Feb 22, 2023 8:48:30 AM By Stu Sjouwerman

Coinbase describes a targeted social engineering attack that led to the theft of some employee data. The attacker first sent smishing messages to several Coinbase employees, urging them ...

Do Not Let Ransomware Steal the Show – Business Email Compromise Is the Biggest Threat You Must Prepare For!

Feb 21, 2023 10:12:12 AM By Javvad Malik

When it comes to cybersecurity, ransomware is the rockstar of threats. But taking a peek behind the curtain, business email compromise (BEC) causes huge financial losses.

Security Awareness Training Blog

Social Engineering Blog

View Topics