Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
This week Marriott International, one of the largest hotel chains, suffered their second data breach of 2022. The attack by a group named 'Group with No Name' (GNN) took place in early ...
This is a great example of how even the simplest of social engineering tactics can be used as the first step in a likely-larger scam. In a recent short post on LinkedIn, Rahul Sasi, CEO ...
A new article in Bloomberg focused on new sky-high online fraud numbers, they are horrendous. Here is a short summary and I recommend you read the whole article.
Shakespeare said it first, and things haven’t changed: suffering and desire continue to drive victims to the social engineers. Researchers at Bitdefender have observed a phishing campaign ...
Amazon Prime Days this year are July 12 - 13th 2022. As a result, cybercriminals are taking every step to capitalize on the holiday with new phishing attacks. I have been getting asked ...
Researchers at Abnormal Security have observed an increase in vendor impersonation in business email compromise (BEC) attacks.
The US FBI has warned that scammers on LinkedIn are a “significant threat,” CNBC reports. Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento field offices, ...
New data shows a rise in the use of text messages as an effective vehicle to connect with potential victims for social engineering scams as Americans increase their preference of the ...
Security researchers have discovered a cunning PDF-based phishing attack that leverages social engineering and PDF prompt specifics to trick users into opening malicious Office docs.
Thousands of members of cybercriminal groups were arrested in a sting that lasted 2 months and involved coordinated efforts of the law enforcement departments of 76 countries.
Cybercriminals are continuing to bypass the use of malware in favor of response-based and credential-centric social engineering attacks, according to new data from Agari and PhishLabs.
Threat actors are targeting HR employees who are looking to hire new people, according to Lisa Vaas at Contrast Security. As part of their job, HR employees frequently interact with ...
An Iranian threat actor is conducting a spear phishing operation against Israeli officials, according to researchers at Check Point. The targets have included the former Foreign Minister ...
Attackers are taking advantage of the current news about monkeypox to trick people into clicking on malicious links, Pickr reports. Researchers at Mimecast have spotted a phishing ...
The US Federal Trade Commission (FTC) has warned that people have reported losing over $1 billion in crypto to scams since the beginning of 2021. The vast majority of these losses were ...
Bitdefender warns that Microsoft Office applications are vulnerable to phishing tactics that exploit international domain names (IDNs). Affected applications include Outlook, Word, Excel, ...
A smishing campaign is impersonating the UK-based delivery company Evri with text messages informing recipients that their package couldn’t be delivered, according to Paul Ducklin at ...
The India-aligned APT SideWinder is using a variety of social engineering techniques to target Pakistani government and military entities, according to researchers at Group-IB. The threat ...
Accounting software provider Intuit has warned of a phishing scam targeting its customers, BleepingComputer reports. The phishing campaign affected users of Intuit’s QuickBooks product, ...
One of the most important things I have tried to communicate to audiences since at least the 1990s is how prevalent a role social engineering plays in cybersecurity attacks. I have ...
