Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
Business Email Compromise is a multi-billion dollar business, representing 43% of all cybercrime last year. Despite it being dwarfed in the news by ransomware, it represents a growing ...
Researchers at AirEye have discovered a vulnerability in the way in which devices connect to wireless networks that could allow an attacker to trick a user into connecting to a malicious ...
Researchers at ESTsecurity warn that a North Korean threat actor known as “Kumsong 121” is using compromised social media accounts to launch spear phishing attacks, the Daily NK reports. ...
Social engineering is at the heart of this attack, where scammers successfully tricked a town into redirecting not just one but several bank transfers.
People need to work to overcome their inherent biases in order to avoid falling for social engineering attacks, according to Heidi Mitchell at the Wall Street Journal.
Social engineering can come in many different forms: via email, websites, voice calls, SMS messages, social media and even fax. If it is a communication method, scammers and criminals are ...
Researchers at Intel 471 have observed cybercriminals outsourcing talent for business email compromise (BEC) attacks. This tactic lowers the bar of entry for BEC attacks, which are ...
Lax verification around what company is offering a given job on LinkedIn allows attackers to create bogus job postings for malicious purposes.
The use of employees as insider accomplices potentially changes how social engineering is being used in exchange for a direct request for internal assistance.
Police in Romania, the Netherlands, and Ireland have arrested and charged twenty-three people accused of conducting sophisticated social engineering attacks. The organized crime group ...
The FBI is warning Silicon Valley companies to be wary of insider threats, Protocol reports. FBI special agent Nick Shenkin told Protocol in an interview that authoritarian ...
Lax security policies, a lack of security measures and solutions in place, and an expectation that Microsoft will address any security issues is putting organizations at risk.
In the wake of the FBI’s warning about more deepfake-based cyber attacks coming in the next year, organizations should remain vigilant against this compelling form of social engineering.
A phishing campaign is using morse code to encode malicious attachments in order to slip past security filters, according to researchers at Microsoft. The phishing emails contain HTML ...
Cybercriminals and nation-state actors continue to launch smishing attacks to steal credentials and distribute malware, according to Michael Marriott, Senior Strategy and Research Analyst ...
US military personnel and veterans have lost more than $822 million to scams since 2017, according to researchers at AtlasVPN. The researchers analyzed data from the US Federal Trade ...
A new Android Trojan has hijacked more than 10,000 Facebook accounts by stealing session cookies, according to researchers at Zimperium. The malware uses social engineering to trick users ...
With threat actors honing their trickery skills to craft the perfect email used to fool a would-be victim recipient, new data shows cybercriminals are stepping up their game on a number ...
Because of ransomware attacks, I have been covering the cybersecurity insurance industry for a few years, including here. I even have a whole chapter dedicated to cybersecurity insurance ...
A new report from Barracuda found that most business email compromise (BEC) attacks are now targeting employees who aren’t in executive or financial roles.
