Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

A Popular Fraud Combo is Back: Elon Musk and Bitcoin

May 26, 2021 1:56:37 PM By Stu Sjouwerman
Researchers at Bitdefender warn that cybercriminals continue to impersonate Elon Musk in Bitcoin scams. One campaign that started on May 15 involved sending thousands of emails telling ...
Continue Reading

Cybersecurity Insurance Landscape Is Fundamentally Changing Right Now

May 26, 2021 8:36:48 AM By Roger Grimes
By Roger Grimes. Ransomware is stealing so much money and interrupting so many businesses that it might be the beginning of their undoing. It is certainly radically changing the ...
Continue Reading

Low-Grade Ways of Bypassing Email Scanners

May 24, 2021 9:38:59 AM By Stu Sjouwerman
Cybercriminals are replacing common words in phishing scams with synonyms in order to bypass security filters, according to researchers at Avanan. For example, one phishing lure contained ...
Continue Reading

The FBI’s Internet Crime Complaint Center Marks Its 6 Millionth Complaint as Pace Accelerates

May 21, 2021 1:11:14 PM By Stu Sjouwerman
The rate at which cyberattacks are increasing are being noticed by both their victims and the FBI, who are seeing more people affected by online crimes and scams.
Continue Reading

When Cryptocurrency Investments Really Are Too Good To Be True

May 19, 2021 2:49:41 PM By Stu Sjouwerman
The US Federal Trade Commission (FTC) reports that victims have lost more than $80 million in cryptocurrency scams since October of last year, with about $2 million of that total going to ...
Continue Reading

Transparent Tribe Uses Spoofed Domains in Social Engineering Attacks

May 18, 2021 10:29:59 AM By Stu Sjouwerman
Researchers at Cisco Talos warn that the threat actor known as “Transparent Tribe” (also known as APT36 and Mythic Leopard) is using spoofed websites and malicious documents to deliver ...
Continue Reading

FBI Finds Phishing Sites Abusing Search Results and Ads to Steal Banking Credentials

May 13, 2021 8:56:37 AM By Stu Sjouwerman
The US Federal Bureau of Investigation has sent out a private industry notification (PIN) warning that cybercriminals are using search engine ads and search results to spread phishing ...
Continue Reading

A  New Smishing Trojan is Out and About

May 12, 2021 9:49:21 AM By Stu Sjouwerman
Researchers at Pradeo have observed a new Android malware campaign that uses text messages asking victims to pay a small fee for a delivery. The messages contain a link that will install ...
Continue Reading

Email-Based Threats Increase 64% as Attacks Grow in Sophistication and Volume

May 12, 2021 8:18:54 AM By Stu Sjouwerman
New data from Mimecast shows how email-based threats are not only the greatest perceived concern, but are proving to be the reason for increased experienced attacks.
Continue Reading

Your Organization Needs to Take Security Awareness Training More Seriously

May 11, 2021 4:08:50 PM By Roger Grimes
Your organization needs to take security awareness training (SAT) more seriously. I mean truly serious, really serious, and not relegated to some quasi-, semi-serious status that the vast ...
Continue Reading

Huge Business Email Compromise Campaign Targets More Than 120 Organizations

May 11, 2021 12:00:00 PM By Stu Sjouwerman
According to Bleeping Computer, Microsoft reported that a large business email compromise (BEC) campaign has targeted dozens of organizations. The industries targeted varied from real ...
Continue Reading

Fake Court Order Used to Take Over Domains

May 11, 2021 9:00:39 AM By Stu Sjouwerman
Motherboard reports that a scammer used a phony court order to trick a domain registrar into giving them control over a domain that posted links to dark web drug markets. The scammer then ...
Continue Reading

Cybersecurity Spend Is Now More Than 20% of the Average IT Budget As 91% of Organizations Suffering an Attack had Operations Impacted

May 6, 2021 8:58:25 AM By Stu Sjouwerman
The latest data from the Hiscox Cyber Readiness Report highlights how organizations are experiencing cyber threats and how they are responding to increase their readiness for next time.
Continue Reading

Genesis Market: a Study in the C2C Economy

May 5, 2021 8:55:19 AM By Stu Sjouwerman
Researchers at Digital Shadows describe Genesis Market, a criminal-to-criminal marketplace that aggregates and sells digital fingerprints to facilitate cyberattacks. The researchers say ...
Continue Reading

U.K. Royal Mail-related Phishing Scams Are Up 645%

Apr 30, 2021 12:25:08 PM By Stu Sjouwerman
New data from CheckPoint highlights how scammers are using simple shipping-related social engineering scams to trick victims into giving up personal information and credit card details.
Continue Reading

Ransomware Operators Threaten to Short Victims’ Stocks

Apr 29, 2021 10:33:38 AM By Stu Sjouwerman
The Darkside ransomware operators are now offering to tip off unscrupulous stock traders before they post the names of publicly traded victim companies, the Record reports. The criminals ...
Continue Reading

Scammers Target Rogers Customers With SMS Messages

Apr 29, 2021 10:33:17 AM By Stu Sjouwerman
Scammers are targeting Rogers customers with text messages offering $50 refunds, according to BleepingComputer. The Canadian telecommunications provider suffered a widespread outage last ...
Continue Reading

Researchers Warn of EtterSilent Facilitating Risky Malware Delivery

Apr 29, 2021 10:25:23 AM By Stu Sjouwerman
Cybercriminals are using a new malicious document builder dubbed “EtterSilent,” according to researchers at Intel 471. The builder is used to craft Microsoft Office documents with macros ...
Continue Reading

Phishing Campaign Abuses Contact Forms

Apr 29, 2021 10:00:00 AM By Stu Sjouwerman
Attackers are abusing websites’ contact forms to send malicious emails to the websites’ owners, according to researchers at Microsoft. The emails contain bogus copyright claims with a ...
Continue Reading

Cybercriminals Use Job-Specific Social Media Platforms to Target UK Citizens With Fake Accounts

Apr 29, 2021 4:55:00 AM By Stu Sjouwerman
At least 10,000 UK citizens have been targeted by nation-state actors via fake LinkedIn accounts over the past five years, the BBC reports. Ken McCallum, Director-General of MI5, said ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews