Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
Security researchers have discovered a cunning PDF-based phishing attack that leverages social engineering and PDF prompt specifics to trick users into opening malicious Office docs.
Thousands of members of cybercriminal groups were arrested in a sting that lasted 2 months and involved coordinated efforts of the law enforcement departments of 76 countries.
Cybercriminals are continuing to bypass the use of malware in favor of response-based and credential-centric social engineering attacks, according to new data from Agari and PhishLabs.
Threat actors are targeting HR employees who are looking to hire new people, according to Lisa Vaas at Contrast Security. As part of their job, HR employees frequently interact with ...
An Iranian threat actor is conducting a spear phishing operation against Israeli officials, according to researchers at Check Point. The targets have included the former Foreign Minister ...
Attackers are taking advantage of the current news about monkeypox to trick people into clicking on malicious links, Pickr reports. Researchers at Mimecast have spotted a phishing ...
The US Federal Trade Commission (FTC) has warned that people have reported losing over $1 billion in crypto to scams since the beginning of 2021. The vast majority of these losses were ...
Bitdefender warns that Microsoft Office applications are vulnerable to phishing tactics that exploit international domain names (IDNs). Affected applications include Outlook, Word, Excel, ...
A smishing campaign is impersonating the UK-based delivery company Evri with text messages informing recipients that their package couldn’t be delivered, according to Paul Ducklin at ...
The India-aligned APT SideWinder is using a variety of social engineering techniques to target Pakistani government and military entities, according to researchers at Group-IB. The threat ...
Accounting software provider Intuit has warned of a phishing scam targeting its customers, BleepingComputer reports. The phishing campaign affected users of Intuit’s QuickBooks product, ...
One of the most important things I have tried to communicate to audiences since at least the 1990s is how prevalent a role social engineering plays in cybersecurity attacks. I have ...
Consumer Affairs reported on how big of a problem SMS phishing scams have become, and how it's about to get a lot worse. According to a recent FBI report, more than 320,000 Americans were ...
A joint operation by INTERPOL and the cybercrime unit of the Nigeria Police Force have concluded a yearlong investigation into the SilverTerrier business email compromise gang by ...
Scammers are using deepfake videos of Elon Musk in an attempt to trick people into handing over cryptocurrency, BleepingComputer reports. The scammers set up a phony cryptocurrency ...
FBI Director Christopher Wray highlighted China’s role in cyberespionage in a recent 60-Minutes news segment, saying the level of attacks the U.S. is seeing is “unprecedented in history.”
Scammers use a variety of tried-and-true tactics to trick people, according to André Lameiras at ESET. For example, they can easily find open-source information about people on the ...
Months after the MailChimp data breach targeting 102 companies in the crypto sector, a new lawsuit has been filed seeking millions of dollars in damages.
While Russia consistently denies any launching of cyberattacks, attack details point to reasonable intent by and cybercriminal ties to the Russian government.
Researchers at Varonis warn that attackers are using customizable URLs (also known as vanity URLS) on SaaS services to craft more convincing phishing links. The attackers have used this ...
