Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

[Heads up] FBI Warns About Attacks That Bypass Your Multi-factor Authentication (MFA)

Oct 8, 2019 7:01:47 AM By Stu Sjouwerman
Last month, the FBI sent a special alert called a Private Industry Notification (PIN) to industry partners about the rising threat of attacks that bypass their multi-factor authentication ...
Continue Reading

New Instagram Phishing Scam Uses Familiar (But Fake) 2FA Codes to Trick Victims

Oct 7, 2019 6:55:43 AM By Stu Sjouwerman
Scammers use familiar verification methods to establish credibility and lull the victim into a false sense of security to compromise Instagram accounts.
Continue Reading

Cybersecurity Awareness Is Not Just For October!

Oct 4, 2019 6:59:02 AM By Stu Sjouwerman
By Joanna Huisman, KnowBe4's new SVP Strategic Insights & Research.  I have a big birthday coming up, and as you can probably guess, I’m less than thrilled about it. I tell myself it’s ...
Continue Reading

[VIDEO] CEO Stu Sjouwerman Interviewed by Dark Reading

Oct 3, 2019 4:15:00 PM By Stu Sjouwerman
This year at Black Hat 2019, our CEO Stu was interviewed by Dark Reading on regularly training users. Take a look at what we have in store in this video: 
Continue Reading

North Koreans Spear Phish U.S. Victims With Social Engineering Hidden In Obscure Kodak FlashPix Format

Oct 1, 2019 7:23:44 PM By Stu Sjouwerman
A suspected North Korean threat actor has been sending spear phishing emails targeting US organizations, according to Prevailion researchers Danny Adamitis and Elizabeth Wharton. Adamitis ...
Continue Reading

"Mishperceptions": The Five Most Common Phishing Myths Busted!

Oct 1, 2019 7:58:24 AM By Stu Sjouwerman
By Joanna Huisman, KnowBe4's new SVP Strategic Insights & Research.  The bad guys know that the easiest way into your organization is through your employees. This is not an opinion. Of ...
Continue Reading

Social Engineering via the US Mail

Sep 26, 2019 6:47:28 AM By Stu Sjouwerman
 
Continue Reading

Disgusting Fake Employment Site Targets Veterans And Installs Remote Access Trojan

Sep 24, 2019 4:59:04 PM By Stu Sjouwerman
Just when you think they could not sink any lower, you see something like this. A fake website pretending to be an organization that offers job opportunities for U.S. veterans is ...
Continue Reading

A Short, Very Useful Guide to Social Engineering

Sep 24, 2019 6:50:34 AM By Stu Sjouwerman
Knowing how to identify indicators of social engineering can alert you when someone tries to manipulate you, according to Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist. In an ...
Continue Reading

No, Really, They're Just Not That Into You

Sep 24, 2019 6:44:40 AM By Stu Sjouwerman
There are numerous ways to check the authenticity of someone on a dating site so you don’t fall for a romance scam, according to HackRead. You should always be cautious when interacting ...
Continue Reading

The Emotet Trojan Botnet is Back in Business

Sep 23, 2019 10:11:44 AM By Stu Sjouwerman
The Emotet botnet is up and running again after four months of inactivity, according to Ars Technica. Multiple security firms have reported seeing phishing emails delivering the malware ...
Continue Reading

CEO Fraud Attacks Now Use Deepfake Audio and AI to Mimic Executives Over the Phone

Sep 19, 2019 2:54:32 PM By Stu Sjouwerman
While deepfake video gets most of the attention on social media, it’s deepfake audio that is quickly becoming the cybercriminal’s tools of choice for committing fraud.
Continue Reading

Amazon Phishing Scam in Progress

Sep 19, 2019 7:49:14 AM By Stu Sjouwerman
HackRead has come across a phishing scam that’s trying to trick Amazon customers into handing over their account credentials, personal information, and financial details. The phishing ...
Continue Reading

The U.S. Cybersecurity and Infrastructure Security Agency Lays Out Strategic Vision and Priorities in the Wake of Texas Ransomware Attacks.

Sep 18, 2019 7:27:45 AM By Stu Sjouwerman
This new document, entitled Strategic Intent highlights ways to “defend today, secure tomorrow” and comes out as the CISA director admits that ransomware is “only getting worse.”
Continue Reading

Oklahoma Pension Fund Robbed of $4.2 million via Compromised Email

Sep 17, 2019 6:56:45 AM By Stu Sjouwerman
Attackers stole millions of dollars from Oklahoma’s pension fund for retired law enforcement officers, the Oklahoman reports. The Oklahoma Law Enforcement Retirement System (OLERS) said ...
Continue Reading

Video Becomes the Next Big Bait for Social Engineering

Sep 16, 2019 7:00:00 AM By Stu Sjouwerman
Scammers are always looking for new ways to get potential victims to engage. It appears that the latest trend is to leverage our familiarity with watching video to spawn an attack.
Continue Reading

Phishing Nightmare? New "Deadline" Email From Equifax Settlement Administrator Notifies of Changes in Filing.

Sep 12, 2019 3:10:42 PM By Stu Sjouwerman
You’d better check your email queue for a new email from The Equifax Breach Settlement Administrator that was sent out several days ago to those who previously filed a claim. It will ...
Continue Reading

FBI Cyber Warning: Attacks On Key Employees Up 100%, As 281 Are Arrested

Sep 12, 2019 6:21:21 AM By Stu Sjouwerman
Zak Doffman, contributor at Forbes reported: "There is a cyberattack epidemic hitting businesses around the world, targeting individuals responsible for requesting fund transfers or ...
Continue Reading

The Legal Profession's Catfishing Problem

Sep 11, 2019 8:25:59 AM By Stu Sjouwerman
Scammers frequently impersonate lawyers in fraudulent emails in order to get recipients to take those emails seriously, according to Victoria Hudgins at Legaltech News. Legal threats or ...
Continue Reading

Cybersecurity: 99% of email attacks rely on victims clicking links

Sep 10, 2019 6:57:48 AM By Stu Sjouwerman
Danny Palmer at ZDNet had the scoop: "Social engineering is by far the biggest factor in malicious hacking campaigns, warn researchers – so how can it be stopped?"
Continue Reading
Subscribe

Search Our Blog


2019 National Cybersecurity Awareness Month Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews