KnowBe4

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

WARNING: Your Head of Finance May Be 1 of 50,000 Execs Targeted in BEC Scams

Dec 13, 2018 3:42:59 PM By Stu Sjouwerman
According to a report from email security & protection vendor Agari, the cybercriminal group dubbed London Blue are directing their latest scams at very specific finance execs.
Continue Reading

Giveaway Scam Offers Free Volkswagens to Generate Ad Revenue

Dec 12, 2018 5:34:58 PM By Stu Sjouwerman
A scam campaign is promising free Volkswagen car giveaways to trick social media users into visiting third-party ad servers, according to researchers at Sucuri.
Continue Reading

Hackbusters - Where Can You Discuss All Things Social Engineering?

Dec 11, 2018 3:19:07 PM By Stu Sjouwerman
The KnowBe4 Hackbuster’s Forum is an online community dedicated to stopping the bad guys that use social engineering to hack your organization.
Continue Reading

CEOs are Prime Targets for Social Engineering Attacks

Nov 20, 2018 4:46:20 PM By Stu Sjouwerman
CEOs can be the weakest link in an organization’s security posture, according to Mimecast’s Matthew Gardiner. Carole Theriault talked to Gardiner last week on The CyberWire’s Hacking ...
Continue Reading

Scammers Target 21 Social Media Users Every Minute

Nov 1, 2018 10:58:51 AM By Stu Sjouwerman
According to a new survey, social media sharing – and oversharing – provides cybercriminals with important personal details to commit identity theft, fraud, and more.
Continue Reading

On Facebook, Make Sure They Are Who They Say They Are Before You become Friends

Oct 11, 2018 1:54:22 PM By Stu Sjouwerman
You receive a message apparently from a Facebook friend telling you they received another friend request from you. They go on to diagnose the "situation," tell you that you’ve been ...
Continue Reading

Retail is Unprepared for Social Engineering

Oct 4, 2018 6:50:15 AM By Stu Sjouwerman
The latest data from SecurityScorecard shows the retail industry’s security stance is at an all-time low, and is particularly susceptible to social engineering attacks. The retail ...
Continue Reading

Hackers: Social Engineering is Easier

Oct 2, 2018 5:15:41 PM By Stu Sjouwerman
Despite the presence of application and OS vulnerabilities – both new and old – hackers prefer to leverage social engineering as their preferred attack method.
Continue Reading

[Heads-up] Now In The Wild: New Super Evil Rootkit Survives Even "Nuke From Orbit" And HD Swap

Sep 30, 2018 7:56:38 AM By Stu Sjouwerman
This thing is a nightmare that escaped into daylight. The Russian GRU—aka Fancy Bear—probably was riveted reading the Wikileaks CIA Vault 7 UEFI Rootkit docs (PDF) and built one of these ...
Continue Reading

Kevin Mitnick weighs in on Facebook's big security breach

Sep 29, 2018 9:58:59 AM By Stu Sjouwerman
It was all over the news, and CNBC interviewed KnowBe4's very own Chief Hacking Officer Kevin Mitnick (note the StreetCred box on the right).
Continue Reading

[InfoGraphic] 20 Ways to Block Mobile Attacks

Sep 28, 2018 5:14:43 PM By Stu Sjouwerman
To start your National Cyber Security Awareness Month (NCSAM) here is a goodie for your users to kick things off.
Continue Reading

The Cybercrime Economy Makes It Impossible to Stop

Sep 28, 2018 12:33:29 PM By Stu Sjouwerman
The operation run by botnet author Peter Levashov demonstrates how easy it is for would-be criminals to get into the business.
Continue Reading

Holiday Threat No. 1: Evil Twin Domains With A "Trusted" SSL/TSL Certificate

Sep 27, 2018 11:38:19 AM By Stu Sjouwerman
As the holiday season approaches, cybercriminals are set to scam your users out of their personal money but also your organizational budget.
Continue Reading

Brand-New Tool: Domain Doppelgänger Identifies Evil Twin Domains

Sep 27, 2018 10:56:40 AM By Stu Sjouwerman
I gave you a heads-up a few days ago, and now I'm excited to announce the actual release of a new tool to help protect your organization from the bad guys.
Continue Reading

Phone Scam Impersonates Sheriff’s Office Using Judge’s Name

Sep 26, 2018 5:42:04 PM By Stu Sjouwerman
The US Marshals Service has stated that a new phone scam is targeting residents of Marshall, Texas. The scammer claims to be from the local sheriff’s office and tells residents that the ...
Continue Reading

Reminder: In Spite of Windows Flaws, Hackers Prefer Social Engineering

Sep 24, 2018 7:13:06 AM By Stu Sjouwerman
Nearly half of hackers surveyed at the recent Black Hat conference in Las Vegas admitted easily compromising both Windows 8 and 10 in the past year.
Continue Reading

Looking at Cyber Attacks From the Inside Out, It’s All About Social Engineering

Sep 21, 2018 2:14:56 PM By Stu Sjouwerman
Frances Zelazny, Vice President of BioCatch, gave a recent Tech Republic interview to share some insight into how hackers can access your passwords. It's familiar but worth reviewing, ...
Continue Reading

Social Engineering, Just a Call Away

Sep 19, 2018 5:38:50 PM By Stu Sjouwerman
An email arrives, and you think it’s from your boss. Because it has your boss’s name on it, there's a huge psychological response, and you tend do what is requested. After a cordial ...
Continue Reading

When Does Effective Persuasion Become Manipulation and Social Engineering?

Sep 18, 2018 1:43:05 PM By Stu Sjouwerman
There’s a fine but clear line between ethical and unethical persuasion, says Joe Gray, a security consultant from the “Advanced Persistent Security” blog and podcast. Gray recently ...
Continue Reading

Universities Are Still Targeted With Phishing Attacks By Iranian Hackers

Aug 25, 2018 9:06:51 AM By Stu Sjouwerman
Secureworks® Counter Threat Unit™ (CTU) researchers reported that despite indictments in March 2018, the Iranian threat group is likely responsible for a large-scale campaign that ...
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews