Vendor Impersonation Competing with CEO Fraud

Jun 23, 2022 9:09:21 AM By Stu Sjouwerman

Researchers at Abnormal Security have observed an increase in vendor impersonation in business email compromise (BEC) attacks.

FBI Warns of Fraudsters on LinkedIn

Jun 21, 2022 9:15:06 AM By Stu Sjouwerman

The US FBI has warned that scammers on LinkedIn are a “significant threat,” CNBC reports. Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento field offices, ...

Smishing Text Scams Have Doubled in the Last Three Years

Jun 20, 2022 10:12:52 AM By Stu Sjouwerman

New data shows a rise in the use of text messages as an effective vehicle to connect with potential victims for social engineering scams as Americans increase their preference of the ...

New PDF-Based Phishing Attack Demonstrates that Office Docs Aren’t Passé – They are Just Obfuscated!

Jun 20, 2022 10:12:11 AM By Stu Sjouwerman

Security researchers have discovered a cunning PDF-based phishing attack that leverages social engineering and PDF prompt specifics to trick users into opening malicious Office docs.

Over 2000 Social Engineering Scammers Arrested in Multi-Country Crackdown on Fraud, BEC, and Money Laundering

Jun 20, 2022 10:12:04 AM By Stu Sjouwerman

Thousands of members of cybercriminal groups were arrested in a sting that lasted 2 months and involved coordinated efforts of the law enforcement departments of 76 countries.

Vishing Attacks Increase 550% Over Last Year as the Financial Sector Continues to be a Primary Target

Jun 20, 2022 10:11:58 AM By Stu Sjouwerman

Cybercriminals are continuing to bypass the use of malware in favor of response-based and credential-centric social engineering attacks, according to new data from Agari and PhishLabs.

A Closer Look at HR Scams: Does Niceness Have a Downside?

Jun 16, 2022 8:43:51 AM By Stu Sjouwerman

Threat actors are targeting HR employees who are looking to hire new people, according to Lisa Vaas at Contrast Security. As part of their job, HR employees frequently interact with ...

Spear Phishing Campaign Targets Former Israeli Officials

Jun 15, 2022 9:20:03 AM By Stu Sjouwerman

An Iranian threat actor is conducting a spear phishing operation against Israeli officials, according to researchers at Check Point. The targets have included the former Foreign Minister ...

Monkeypox Scams Continue to Increase

Jun 14, 2022 9:19:28 AM By Stu Sjouwerman

Attackers are taking advantage of the current news about monkeypox to trick people into clicking on malicious links, Pickr reports. Researchers at Mimecast have spotted a phishing ...

FTC Warns that Scammers are Turning to Cryptocurrencies

Jun 7, 2022 8:44:38 AM By Stu Sjouwerman

The US Federal Trade Commission (FTC) has warned that people have reported losing over $1 billion in crypto to scams since the beginning of 2021. The vast majority of these losses were ...

Homographic Domain Name Phishing Tactics

Jun 6, 2022 1:00:22 PM By Stu Sjouwerman

Bitdefender warns that Microsoft Office applications are vulnerable to phishing tactics that exploit international domain names (IDNs). Affected applications include Outlook, Word, Excel, ...

Smishing and Home Delivery

Jun 2, 2022 9:10:57 AM By Stu Sjouwerman

A smishing campaign is impersonating the UK-based delivery company Evri with text messages informing recipients that their package couldn’t be delivered, according to Paul Ducklin at ...

SideWinder Targets Pakistani Entities With Phishing Attacks

Jun 2, 2022 9:09:56 AM By Stu Sjouwerman

The India-aligned APT SideWinder is using a variety of social engineering techniques to target Pakistani government and military entities, according to researchers at Group-IB. The threat ...

Phishing Campaign Targets QuickBooks Users

Jun 1, 2022 8:23:44 AM By Stu Sjouwerman

Accounting software provider Intuit has warned of a phishing scam targeting its customers, BleepingComputer reports. The phishing campaign affected users of Intuit’s QuickBooks product, ...

We Do Not Talk Enough About Social Engineering and It’s Hurting Us

May 27, 2022 8:04:40 AM By Roger Grimes

One of the most important things I have tried to communicate to audiences since at least the 1990s is how prevalent a role social engineering plays in cybersecurity attacks. I have ...

The $44 Million Smishing Problem and How to Not Be a Victim

May 27, 2022 8:04:11 AM By Stu Sjouwerman

Consumer Affairs reported on how big of a problem SMS phishing scams have become, and how it's about to get a lot worse. According to a recent FBI report, more than 320,000 Americans were ...

Collaring the (Alleged) Leader of a BEC Gang

May 26, 2022 8:44:12 AM By Stu Sjouwerman

A joint operation by INTERPOL and the cybercrime unit of the Nigeria Police Force have concluded a yearlong investigation into the SilverTerrier business email compromise gang by ...

That’s Not Actually Elon Musk

May 25, 2022 8:55:58 AM By Stu Sjouwerman

Scammers are using deepfake videos of Elon Musk in an attempt to trick people into handing over cryptocurrency, BleepingComputer reports. The scammers set up a phony cryptocurrency ...

FBI Director Warns of “Unprecedented” Cyberespionage Attacks Originating in China

May 24, 2022 9:53:06 AM By Stu Sjouwerman

FBI Director Christopher Wray highlighted China’s role in cyberespionage in a recent 60-Minutes news segment, saying the level of attacks the U.S. is seeing is “unprecedented in history.”

Why People Fall for Scams

May 16, 2022 1:51:27 PM By Stu Sjouwerman

Scammers use a variety of tried-and-true tactics to trick people, according to André Lameiras at ESET. For example, they can easily find open-source information about people on the ...

Security Awareness Training Blog

Social Engineering Blog

View Topics