Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

94% of U.K. Businesses Aren’t Adequately Prepared for AI-Driven Phishing Scams

Dec 13, 2024 12:31:54 PM By Stu Sjouwerman
A new report makes it clear that U.K. organizations need to do more security awareness training to ensure their employees don’t fall victim to the evolving use of AI.
Continue Reading

Sophisticated Phishing Campaign Attempts to Bypass SEGs

Dec 13, 2024 12:31:28 PM By Stu Sjouwerman
A widespread phishing campaign is attempting to steal credentials from employees working at dozens of organizations around the world, according to researchers at Group-IB.
Continue Reading

Mobile Phishing Campaign Targets Job Seekers

Dec 12, 2024 11:39:42 AM By Stu Sjouwerman
Researchers at Zimperium warn that a phishing campaign is targeting Android phones to deliver the Antidot banking trojan.
Continue Reading

Nearly Half a Billion Emails in 2024 Were Malicious

Dec 11, 2024 10:29:07 AM By Stu Sjouwerman
A new report from Hornetsecurity has found that 427.8 million emails received by businesses in 2024 contained malicious content.
Continue Reading

Unwrapping Cybersecurity: A Festive "Die Hard" Guide

Dec 6, 2024 9:37:45 AM By Javvad Malik
It is the holiday season. Think twinkling lights, the scent of pine, and cyber threats lurking in the shadows, waiting to pounce quicker than Bruce Willis can say, “Yippee ki yay.”
Continue Reading

FBI Warns of Cybercriminals Using Generative AI to Launch Phishing Attacks

Dec 6, 2024 9:37:42 AM By Stu Sjouwerman
The US Federal Bureau of Investigation (FBI) warns that threat actors are increasingly using generative AI to increase the persuasiveness of social engineering attacks.
Continue Reading

Malicious Loan Apps Target Android Users in Africa, South America and Asia

Nov 27, 2024 12:19:49 PM By Stu Sjouwerman
Researchers at McAfee warn of a surge in malicious loan apps targeting Android users across South America, Southern Asia, and Africa.
Continue Reading

Chinese Threat Actor Targets Black Friday Shoppers With Phishing Campaign

Nov 26, 2024 9:39:08 AM By Stu Sjouwerman
Researchers at EclecticIQ warn that the financially motivated Chinese threat actor “SilkSpecter” has launched a phishing campaign targeting Black Friday shoppers across Europe and the US.
Continue Reading

U.K. Residents are Victims of the Latest Phishing Scam Targeting Starbuck Customer Credentials

Nov 26, 2024 9:38:48 AM By Stu Sjouwerman
Analysis of a new phishing attack highlight just how easy it can be to spot these kinds of attacks if recipients were properly educated.
Continue Reading

Phishing Emails Use SVG Files to Avoid Detection

Nov 22, 2024 11:39:14 AM By Stu Sjouwerman
Phishing emails are increasingly using Scalable Vector Graphics (SVG) attachments to display malicious forms or deliver malware, BleepingComputer reports.
Continue Reading

[Heads Up] Bad Actor Uses Deepnude AI Image Generator to Lure And Infect Users

Nov 22, 2024 11:39:11 AM By Stu Sjouwerman
The threat group FIN7 is using the lure of generating nude images of favorite celebrities to get victims to download their NetSupport RAT.
Continue Reading

Phishing Attacks Exploits the Open Enrollment Period

Nov 22, 2024 9:18:17 AM By Stu Sjouwerman
A phishing campaign is impersonating HR to target employees who are making annual insurance changes during the open enrollment period, according to researchers at Abnormal Security.
Continue Reading

Out of 29 Billion Cybersecurity Events, Phishing was the Primary Method of Initial Attack

Nov 20, 2024 2:22:11 PM By Stu Sjouwerman
The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access.
Continue Reading

Nation-State Threat Actors Rely on Social Engineering First

Nov 12, 2024 3:38:33 PM By Stu Sjouwerman
A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.
Continue Reading

[FREE RESOURCE KIT] Stay Cyber Safe this Holiday Season with Our Free 2024 Resource Kit!

Nov 12, 2024 7:24:00 AM By Stu Sjouwerman
Isn’t it typical for bad actors to strike when we’re distracted and busy during this time of year?
Continue Reading

Criminals Use Search Engine Poisoning to Boost Phishing Pages

Nov 11, 2024 4:46:36 PM By Stu Sjouwerman
Researchers at Malwarebytes warn that cybercriminals are using search engine poisoning to boost phishing pages to the top of Bing’s search results.
Continue Reading

[Eye Opener] Attackers Don’t Hack, They Log In. Can You Stop Them?

Nov 9, 2024 8:58:57 AM By Stu Sjouwerman
The latest trend in cybercrime is that attackers don't really focus on “hacking” in; they’re logging in.
Continue Reading

BlackBasta Ransomware Gang Uses New Social Engineering Tactics To Target Corporate Networks

Nov 5, 2024 2:13:18 PM By Stu Sjouwerman
ReliaQuest warns that the BlackBasta ransomware gang is using new social engineering tactics to obtain initial access within corporate networks.
Continue Reading

If Social Engineering Is 70% - 90% of Attacks, Why Aren’t We Acting Like It?

Nov 4, 2024 1:37:53 PM By Roger Grimes
Over a decade ago, I noticed that social engineering was the primary cause for all malicious hacking. It has been that way since the beginning of computers, but it took me about half of ...
Continue Reading

QR Code Phishing is Growing More Sophisticated

Oct 30, 2024 1:31:53 PM By Stu Sjouwerman
Sophos describes a QR code phishing (quishing) campaign that targeted its own employees in an attempt to steal information.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews