Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

A Widespread, Multistage Investment Scam

Aug 1, 2022 8:44:56 AM By Stu Sjouwerman
A complex and ambitious investment scam has used more than 10,000 domains to induce speculators to give up not just funds, but personal information as well. Researchers at security firm ...
Continue Reading

Phishing-Based Data Breaches Take 295 Days to Contain and Breach Costs Soar to $4.91 Million

Jul 28, 2022 12:33:36 PM By Stu Sjouwerman
Fresh data on data breach costs from IBM show phishing, business email compromise, and stolen credentials take the longest to identify and contain.
Continue Reading

Beware of Sophisticated Malicious USB Keys

Jul 28, 2022 12:33:33 PM By Roger Grimes
Malicious USB keys have always been a problem. There is almost no professional penetration testing team that does not drop a handful of USB keys outside of any targeted organization and ...
Continue Reading

Spear Phishing Campaign Targets Facebook Business Accounts

Jul 28, 2022 9:03:57 AM By Stu Sjouwerman
Researchers at WithSecure have discovered a spear phishing campaign targeting employees who have access to Facebook Business accounts. The attackers are targeting specific employees, and ...
Continue Reading

Nearly Half of Organizations Have Experienced Vishing

Jul 27, 2022 8:50:32 AM By Stu Sjouwerman
Forty-seven percent of organizations have experienced voice phishing (vishing) attacks over the past year, according to researchers at Mutare. Additionally, the researchers found that ...
Continue Reading

[Heads Up] Huge Losses Caused By Epidemic of ‘Pig Butchering’ Scams

Jul 21, 2022 1:43:18 PM By Stu Sjouwerman
Investigative reporter Brian Krebs reported today that U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of ...
Continue Reading

FBI Warns of Phony Cryptocurrency Investment Apps

Jul 20, 2022 10:32:58 AM By Stu Sjouwerman
Cryptocurrency investors have lost nearly $43 million to fraudulent cryptocurrency investment apps, according to the US Federal Bureau of Investigation (FBI).
Continue Reading

New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials

Jul 15, 2022 3:25:55 PM By Stu Sjouwerman
A new wave of social media phishing attacks are now using scare tactics to lure victims into sending their logins.
Continue Reading

Phishing Attacks are the Most Prevalent Source of Identity-Related Breaches

Jul 14, 2022 4:27:06 PM By Stu Sjouwerman
Cybercriminals almost always need to leverage credentials as part of just about any kind of cyberattack. To no surprise, phishing and social engineering play a dominant role.
Continue Reading

Facebook-Themed Scam Aims to Steal Your Credentials

Jul 14, 2022 4:27:03 PM By Stu Sjouwerman
A creative mix of phishing emails, solid social engineering, use of Facebook Messenger, brand and site impersonation, and a sense of urgency all add up to a believable attack.
Continue Reading

Phishing Attack Steals $8 Million Worth of Cryptocurrency

Jul 13, 2022 9:09:08 AM By Stu Sjouwerman
Scammers stole $8 million worth of Ethereum from users of the Uniswap cryptocurrency exchange, according to Sujith Somraaj at Decrypt. Notably, the attackers relied purely on social ...
Continue Reading

KnowBe4’s 2022 Phishing By Industry Benchmarking Report Reveals that 32.4% of Untrained End Users Will Fail a Phishing Test

Jul 13, 2022 7:00:00 AM By Joanna Huisman
Once again, the human layer continues to be the most desirable attack vector for cybercriminals. 2022 marks the 5th year KnowBe4 has analyzed hundreds of millions of elements of data in ...
Continue Reading

Callback Malware Campaigns Impersonate CrowdStrike and Other Cybersecurity Companies

Jul 11, 2022 3:26:04 PM By Stu Sjouwerman
CrowdStrike sent the following Tech Alert to their customers
Continue Reading

[Scam of the Week] Amazon Prime Day or Amazon Crime Day? Don’t Fall Victim to Phishing

Jul 8, 2022 2:36:20 PM By Stu Sjouwerman
As Amazon Prime Day approaches, Checkpoint research is sending a warning that Amazon Prime Day scams will ramp up very soon.
Continue Reading

[Eye Opener] Lessons Learned from a Big Hotel's Recent Data Breach Caused By Social Engineering

Jul 8, 2022 8:55:07 AM By Stu Sjouwerman
This week Marriott International, one of the largest hotel chains, suffered their second data breach of 2022. The attack by a group named 'Group with No Name' (GNN) took place in early ...
Continue Reading

New WhatsApp Scam Uses Call Forwarding Social Engineering to Hijack Accounts

Jul 7, 2022 9:01:00 AM By Stu Sjouwerman
This is a great example of how even the simplest of social engineering tactics can be used as the first step in a likely-larger scam. In a recent short post on LinkedIn, Rahul Sasi, CEO ...
Continue Reading

[Heads Up] Online Fraud Now Sky-high With 'Tinder Swindler' Romance Scams Costing Hundreds of Millions

Jun 30, 2022 10:19:27 AM By Stu Sjouwerman
A new article in Bloomberg focused on new sky-high online fraud numbers, they are horrendous. Here is a short summary and I recommend you read the whole article.
Continue Reading

Wars and Lechery, Nothing Else Holds Fashion for Phishing Attacks

Jun 29, 2022 10:03:52 AM By Stu Sjouwerman
Shakespeare said it first, and things haven’t changed: suffering and desire continue to drive victims to the social engineers. Researchers at Bitdefender have observed a phishing campaign ...
Continue Reading

Amazon Prime Day 2022 is Coming: Here are Quick Cybersecurity Tips to Help You Stay Safe

Jun 23, 2022 1:56:47 PM By Erich Kron
Amazon Prime Days this year are July 12 - 13th 2022. As a result, cybercriminals are taking every step to capitalize on the holiday with new phishing attacks. I have been getting asked ...
Continue Reading

Vendor Impersonation Competing with CEO Fraud

Jun 23, 2022 9:09:21 AM By Stu Sjouwerman
Researchers at Abnormal Security have observed an increase in vendor impersonation in business email compromise (BEC) attacks.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews