Teach Two Things to Decrease Phishing Attack Success

Aug 24, 2022 8:25:03 AM By Roger Grimes

We know everyone is busy. Everyone already has too much on their plate and is trying to learn as much as they can every day.

Vishing is a Rising Threat to the Enterprise

Aug 23, 2022 10:05:48 AM By Stu Sjouwerman

Most of us are all too familiar with vishing, the scam voice calls that offer to erase your credit card debt, to extend your automobile warranty, to get you to donate to that worthy cause ...

Piggybacking: Social Engineering for Physical Access

Aug 18, 2022 11:37:37 AM By Stu Sjouwerman

Tailgating or piggybacking is an old but effective social engineering technique to gain physical access to restricted areas, according to Rahul Awati at TechTarget. Tailgating is when a ...

Social Engineering for Espionage and Influence

Aug 17, 2022 9:20:19 AM By Stu Sjouwerman

Microsoft has disrupted operations carried out by a Russian government-aligned threat actor tracked as “SEABORGIUM.” The threat actor uses phishing and credential harvesting to conduct ...

Massive Network of Over 10,000 Fake Investment Sites Targets Europe

Aug 12, 2022 8:47:44 AM By Stu Sjouwerman

Using a mix of compromised social media accounts, social engineering, call center agents, and some convincing websites, this latest scam seeks to get victims to repeatedly “invest”.

New Research Shows Social Engineering and Phishing are the Top Threats

Aug 9, 2022 8:56:10 AM By Stu Sjouwerman

According to the CS Hub Mid-Year Market Report 2022, new findings shows that 75% of survey respondents believe that social engineering and phishing attacks are the top threat vector to ...

Twilio hacked by phishing campaign targeting internet companies

Aug 8, 2022 3:38:47 PM By Stu Sjouwerman

Communications giant Twilio has confirmed hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials.

Cybercriminals Go to College with New Phishing Attacks

Aug 8, 2022 9:23:42 AM By Stu Sjouwerman

The summer is winding up, and the traditional academic year is approaching. And amid the welcomes from the deans of students, the activities coordinators, the academic advisors and so on, ...

Labor Market Social Engineering: Supply-Side and Demand-Side

Aug 3, 2022 8:50:05 AM By Stu Sjouwerman

We’re accustomed to social engineering being used for credential theft and business email compromise. We’re also accustomed to hearing about the increase in remote work during the ...

A Widespread, Multistage Investment Scam

Aug 1, 2022 8:44:56 AM By Stu Sjouwerman

A complex and ambitious investment scam has used more than 10,000 domains to induce speculators to give up not just funds, but personal information as well. Researchers at security firm ...

Phishing-Based Data Breaches Take 295 Days to Contain and Breach Costs Soar to $4.91 Million

Jul 28, 2022 12:33:36 PM By Stu Sjouwerman

Fresh data on data breach costs from IBM show phishing, business email compromise, and stolen credentials take the longest to identify and contain.

Beware of Sophisticated Malicious USB Keys

Jul 28, 2022 12:33:33 PM By Roger Grimes

Malicious USB keys have always been a problem. There is almost no professional penetration testing team that does not drop a handful of USB keys outside of any targeted organization and ...

Spear Phishing Campaign Targets Facebook Business Accounts

Jul 28, 2022 9:03:57 AM By Stu Sjouwerman

Researchers at WithSecure have discovered a spear phishing campaign targeting employees who have access to Facebook Business accounts. The attackers are targeting specific employees, and ...

Nearly Half of Organizations Have Experienced Vishing

Jul 27, 2022 8:50:32 AM By Stu Sjouwerman

Forty-seven percent of organizations have experienced voice phishing (vishing) attacks over the past year, according to researchers at Mutare. Additionally, the researchers found that ...

[Heads Up] Huge Losses Caused By Epidemic of ‘Pig Butchering’ Scams

Jul 21, 2022 1:43:18 PM By Stu Sjouwerman

Investigative reporter Brian Krebs reported today that U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of ...

FBI Warns of Phony Cryptocurrency Investment Apps

Jul 20, 2022 10:32:58 AM By Stu Sjouwerman

Cryptocurrency investors have lost nearly $43 million to fraudulent cryptocurrency investment apps, according to the US Federal Bureau of Investigation (FBI).

New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials

Jul 15, 2022 3:25:55 PM By Stu Sjouwerman

A new wave of social media phishing attacks are now using scare tactics to lure victims into sending their logins.

Phishing Attacks are the Most Prevalent Source of Identity-Related Breaches

Jul 14, 2022 4:27:06 PM By Stu Sjouwerman

Cybercriminals almost always need to leverage credentials as part of just about any kind of cyberattack. To no surprise, phishing and social engineering play a dominant role.

Facebook-Themed Scam Aims to Steal Your Credentials

Jul 14, 2022 4:27:03 PM By Stu Sjouwerman

A creative mix of phishing emails, solid social engineering, use of Facebook Messenger, brand and site impersonation, and a sense of urgency all add up to a believable attack.

Phishing Attack Steals $8 Million Worth of Cryptocurrency

Jul 13, 2022 9:09:08 AM By Stu Sjouwerman

Scammers stole $8 million worth of Ethereum from users of the Uniswap cryptocurrency exchange, according to Sujith Somraaj at Decrypt. Notably, the attackers relied purely on social ...

Security Awareness Training Blog

Social Engineering Blog

View Topics