Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
A simple social engineered Business Email Compromise attack resulted in fraud that the cyber insurer contended was not covered under the policy.
Scammers are using shortened LinkedIn URLs to disguise phishing links, according to Jeremy Fuchs at Avanan. LinkedIn automatically shortens links that are longer than 26 characters. The ...
Scammers are taking advantage of the launch of iPhone 13, according to researchers at Zscaler. The launch event was streamed live last week on Apple’s official YouTube channel, and ...
Researchers at Tessian have published a report looking at recent trends in spear phishing attacks. The researchers found that 45% of employees said that they clicked on a phishing email ...
The seemingly benign quizzes asking personal details take advantage of individuals’ willingness to share and could be used to establish passwords, password hints, and more.
Representing a new evolution of banking trojan, QakBot proves to be a formidable adversary against security defenses with its’ ability to steal emails – your users.
People in the US lost $133,400,000 to romance scams between January 1st and July 31st of 2021, according to the FBI. The average amount lost was in the tens of thousands of dollars. The ...
Business Email Compromise is a multi-billion dollar business, representing 43% of all cybercrime last year. Despite it being dwarfed in the news by ransomware, it represents a growing ...
Researchers at AirEye have discovered a vulnerability in the way in which devices connect to wireless networks that could allow an attacker to trick a user into connecting to a malicious ...
Researchers at ESTsecurity warn that a North Korean threat actor known as “Kumsong 121” is using compromised social media accounts to launch spear phishing attacks, the Daily NK reports. ...
Social engineering is at the heart of this attack, where scammers successfully tricked a town into redirecting not just one but several bank transfers.
People need to work to overcome their inherent biases in order to avoid falling for social engineering attacks, according to Heidi Mitchell at the Wall Street Journal.
Social engineering can come in many different forms: via email, websites, voice calls, SMS messages, social media and even fax. If it is a communication method, scammers and criminals are ...
Researchers at Intel 471 have observed cybercriminals outsourcing talent for business email compromise (BEC) attacks. This tactic lowers the bar of entry for BEC attacks, which are ...
Lax verification around what company is offering a given job on LinkedIn allows attackers to create bogus job postings for malicious purposes.
The use of employees as insider accomplices potentially changes how social engineering is being used in exchange for a direct request for internal assistance.
Police in Romania, the Netherlands, and Ireland have arrested and charged twenty-three people accused of conducting sophisticated social engineering attacks. The organized crime group ...
The FBI is warning Silicon Valley companies to be wary of insider threats, Protocol reports. FBI special agent Nick Shenkin told Protocol in an interview that authoritarian ...
Lax security policies, a lack of security measures and solutions in place, and an expectation that Microsoft will address any security issues is putting organizations at risk.
In the wake of the FBI’s warning about more deepfake-based cyber attacks coming in the next year, organizations should remain vigilant against this compelling form of social engineering.
