Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
Attackers are taking advantage of the current news about monkeypox to trick people into clicking on malicious links, Pickr reports. Researchers at Mimecast have spotted a phishing ...
The US Federal Trade Commission (FTC) has warned that people have reported losing over $1 billion in crypto to scams since the beginning of 2021. The vast majority of these losses were ...
Bitdefender warns that Microsoft Office applications are vulnerable to phishing tactics that exploit international domain names (IDNs). Affected applications include Outlook, Word, Excel, ...
A smishing campaign is impersonating the UK-based delivery company Evri with text messages informing recipients that their package couldn’t be delivered, according to Paul Ducklin at ...
The India-aligned APT SideWinder is using a variety of social engineering techniques to target Pakistani government and military entities, according to researchers at Group-IB. The threat ...
Accounting software provider Intuit has warned of a phishing scam targeting its customers, BleepingComputer reports. The phishing campaign affected users of Intuit’s QuickBooks product, ...
One of the most important things I have tried to communicate to audiences since at least the 1990s is how prevalent a role social engineering plays in cybersecurity attacks. I have ...
Consumer Affairs reported on how big of a problem SMS phishing scams have become, and how it's about to get a lot worse. According to a recent FBI report, more than 320,000 Americans were ...
A joint operation by INTERPOL and the cybercrime unit of the Nigeria Police Force have concluded a yearlong investigation into the SilverTerrier business email compromise gang by ...
Scammers are using deepfake videos of Elon Musk in an attempt to trick people into handing over cryptocurrency, BleepingComputer reports. The scammers set up a phony cryptocurrency ...
FBI Director Christopher Wray highlighted China’s role in cyberespionage in a recent 60-Minutes news segment, saying the level of attacks the U.S. is seeing is “unprecedented in history.”
Scammers use a variety of tried-and-true tactics to trick people, according to André Lameiras at ESET. For example, they can easily find open-source information about people on the ...
Months after the MailChimp data breach targeting 102 companies in the crypto sector, a new lawsuit has been filed seeking millions of dollars in damages.
While Russia consistently denies any launching of cyberattacks, attack details point to reasonable intent by and cybercriminal ties to the Russian government.
Researchers at Varonis warn that attackers are using customizable URLs (also known as vanity URLS) on SaaS services to craft more convincing phishing links. The attackers have used this ...
The FBI last week published a public service announcement updating its warnings about the continuing threat of business email compromise (BEC, also called CEO fraud). The problem has ...
I recently attended a customer’s annual security awareness training employee event. I have attended a bunch of these over the years and I have loved them all. But this particular customer ...
New data shows IT leadership believes users outside of IT create a “continued significant risk to organizations” despite having a layered security strategy to prevent attacks.
New data from the Identity Theft Resource Center shows rises in the number of data compromises following 2021’s record-setting year, all stemming from cyber attacks.
Threat actors are sending out the stealthy “more_eggs” malware in spear phishing emails that target hiring managers, according to researchers at eSentire’s Threat Response Unit (TRU).
