That Email from President Trump? Yeah, That’s a Phishing Scam

May 14, 2020 11:45:00 AM By Stu Sjouwerman

New phishing scams impersonating President Trump and Vice President Pence are designed to install malware or be the start of an extortion scam.

World's Largest Sovereign Wealth Fund Falls For $10m Social Engineering Attack

May 14, 2020 8:29:08 AM By Stu Sjouwerman

The Norwegian Investment Fund has been swindled out of 10 million dollars by fraudsters who pulled off a social engineering attack that the Norfund called "an advanced data breach" but ...

Watch Out for the Coming Tsunami of Mortgage Rescue Phishing Scams

May 13, 2020 8:22:43 AM By Stu Sjouwerman

At this point in time, with 10 years of phishing attack analysis under our belt, we can predict with a high reliability level what will be showing up in the near future. We see two scams ...

Why Does Someone Click and Become a Victim of a Scam?

May 12, 2020 11:25:03 AM By Stu Sjouwerman

One of the keys to thwarting social engineering attacks is knowing what makes us want to click on links or respond to emails, according to cybersecurity expert Raef Meeuwisse. In an ...

[Scam of The Week] Unemployed Americans Are Now Deceived Into Grabbing ‘Remote Jobs’ As Money Mules

May 8, 2020 2:29:50 PM By Stu Sjouwerman

There are now tens of millions of people suddenly unemployed, looking for ways to make ends meet.

Cybercriminals Lean Heavily on Social Engineering Tactics to Gain Access to Bank Accounts

May 7, 2020 10:30:09 AM By Stu Sjouwerman

A series of attack anecdotes shared by Brian Krebs shows how persistent and sophisticated scammers are in using social engineering tactics to gain access to their victim’s bank account ...

What is the Right Password Policy?

May 7, 2020 8:15:00 AM By Roger Grimes

What is the right password policy? Conventional password policies say you must have a password at least 8-12 characters long…16 characters or longer if it belongs to an elevated ...

Q&A With Data-Driven Evangelist Roger Grimes on the Great Password Debate

May 6, 2020 10:03:21 AM By Roger Grimes

I get asked a lot about password policy during my travels around the globe giving presentations and from people who email after webinars. Many of the questions are the same and I’ve ...

Reuters: 'State-backed hackers targeting coronavirus responders'

May 5, 2020 11:25:35 AM By Stu Sjouwerman

LONDON/WASHINGTON (Reuters) - Government-backed hackers are attacking healthcare and research institutions in an effort to steal valuable information about efforts to contain the new ...

PerSwaysion: Convincing Executives to Act Against Their Own Interest

May 4, 2020 8:26:14 AM By Stu Sjouwerman

Researchers at Group-IB have discovered a sophisticated spear phishing campaign that’s targeted executives at more than 150 companies around the world since mid-2019. The researchers have ...

GitHub is the Latest Target of Social Engineering Phishing Attacks

May 4, 2020 7:15:00 AM By Stu Sjouwerman

Using simple alert-style email notices, scammers look to steal credentials to gain access to development code, intellectual property, and project details.

Half of all Breaches Start with Phishing and Social Engineering

May 4, 2020 7:03:00 AM By Stu Sjouwerman

New data shows successful attacks on internal networks, cloud environments, and POS systems all are very susceptible to this common attack vector.

Is That COVID-19 Email Legitimate or a Phish?

May 1, 2020 8:39:23 AM By Roger Grimes

It’s no surprise that phishers and scammers are using the avalanche of new information and events involving the global coronavirus pandemic as a way to successfully phish more victims. ...

Scammers Can Use Recent Transactions to Trick You

Apr 30, 2020 8:53:09 AM By Stu Sjouwerman

KrebsOnSecurity reports that scammers are using caller ID spoofing to impersonate their victims, and then socially engineering victims’ banks into divulging information about recent ...

[Heads Up] Microsoft: Ransomware Gangs That Don't Threaten To Leak Your Data Steal It Anyway

Apr 29, 2020 3:34:37 PM By Stu Sjouwerman

That means you can from now on count a ransomware infection as a data breach with all the consequences that this brings. Moreover, the so-called "human-operated" ransomware gangs have ...

[Click Alert] So, What Is The Phish-prone Percentage On Recent Coronavirus Phishing Tests?

Apr 28, 2020 4:37:47 PM By Stu Sjouwerman

I had some numbers run on the usage of our new, dedicated COVID-19 phishing templates to find out what the Phish-prone percentage was, since this is an unprecedented worldwide event. ...

Postcards from a Film Director. The challenges of creating a sitcom during COVID-19 Lockdown

Apr 23, 2020 10:23:22 AM By Stu Sjouwerman

By Jim Shields, Managing Director of U.K.-based Twist & Shout - a KnowBe4 company. When we first created Restricted Intelligence over seven years ago, we had no idea it would be so ...

COVID-19 Emails go From Zero to Half a Million a Day in Just Three Months

Apr 22, 2020 9:44:08 AM By Stu Sjouwerman

According to new data from security researchers at Forcepoint, the interest in coronavirus-themed emails and websites by cybercriminals is cause for concern.

New COVID-19 Malware Variants Render Your Endpoints Useless

Apr 20, 2020 8:37:09 AM By Stu Sjouwerman

Forget cybercriminals out to steal your money and credentials. Security researchers are now finding more malware intent on rewriting master boot records and wiping file systems.

Netflix Scams Target People Sheltering in Place

Apr 20, 2020 8:23:54 AM By Stu Sjouwerman

With people sheltering in place during the pandemic emergency, they’re both teleworking and finding their entertainment online. Google searches for Netflix jumped 142% since the advice to ...

Security Awareness Training Blog

Social Engineering Blog

View Topics