Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

Why Use Malware When Cybercriminals Can Use Social Engineering?

Researchers at Malwarebytes warn that a malvertising campaign they call “malsmoke” has stopped deploying exploit kits and is now using social engineering attacks to trick users into ...
Continue Reading

Scammers Target Singles Day Shoppers

Shoppers need to be on the lookout for scammers as Singles Day begins in China and other countries around the world, the BBC reports. Singles Day is the world’s largest online shopping ...
Continue Reading

University Research Shows Security Awareness Training is a Necessary Layer of Defense

A research paper in the Journal of Computer Information Systems says that security awareness training is a necessary complement to technical defenses and security policies, SC Magazine ...
Continue Reading

Twitter Hack Only Took 24 Hours from Start to Takeover

A report from the New York Department of Financial Services covering the high-profile Twitter account hack from earlier in the year reveals how little time an attack takes to be ...
Continue Reading

BEC Incidents Intent on Invoice or Payment Fraud Increase 155% Across All Industries

Business Email Compromise appears to be back in the saddle again, as attackers use simple social engineering and domain impersonation to trick victims into paying up.
Continue Reading

Malicious Macros Remain Highly Effective

Microsoft Office documents with malicious macros are still one of the top choices for attackers of all skill levels, according to Craig Williams from Cisco Talos. On the CyberWire’s ...
Continue Reading

Cannabis Company GrowDiaries Suffers Data Breach of 3.4 Million Users

A recent report from SiliconANGLE released information that cannabis company GrowDiaries suffered a data breach with details of 3.4 million users being exposed online. 
Continue Reading

Famous VC Firm: "The New Attack Surface is Your Life"

As a CEO with VC investors, I follow what happens in the venture capital space and what things VCs are interested in regarding their investment strategies. I was happily surprised to see ...
Continue Reading

Learn to Combat These Three Cybersecurity Monsters This Halloween and Beyond

It’s that time of year again. The air feels a bit crisper; the days are a bit shorter; and children around the world prepare to go trick or treating. Even as an adult, Halloween is ...
Continue Reading

New Ransomware, OldGremlin, Coming Soon to an Organization Near You!

Pay attention to this one. Despite only targeting Russian companies, the use of custom self-made malware and decidedly creative phishing campaigns makes them a potential danger.
Continue Reading

Here Are Some Truly Scary Social Media Stats!

Scamming incidents have increased by 519% in 2020 compared to last year, according to researchers at Baltimore-based ZeroFOX. The researchers compared their own data to a recent report ...
Continue Reading

Fraud Attacks Targeting the Mid-Market Organization Increase 129%

New data from U.K. cyberinsurer Beazley highlights the growing trend of mid-market organizations being the target of social engineering attacks and fraud.
Continue Reading

New Qbot Phishing Attack Pretends to be Windows Defender to Trick Its Victims

One of the most dangerous pieces of malware is back with a new campaign that takes advantage of social engineering techniques to look convincing enough to fool your users.
Continue Reading

Researchers Discover Most Microsoft 365 Admins Don't Enable Multi-Factor Authentication

Researchers from CoreView recently discovered that 97% of all total Microsoft 365 users do not utilize multi-factor authentication (MFA). A staggering 78% of Microsoft 365 admins do not ...
Continue Reading

Couple Avoids Becoming a Victim to Publishers Clearing House Scam

An elderly couple in Tennessee avoided falling victim to a scam by recognizing the signs of social engineering, WREG reports. Kay and Bill Pritchett received six different phone calls ...
Continue Reading

[HEADS UP] Cybercriminals Threaten Patients in Clinic Data Breach

In a recent report by BBC News, patients in a large clinic in Finland have been blackmailed using social engineering after their data was stolen.
Continue Reading

[HEADS UP] Cybercriminal Sells Info on 186 Million U.S. Voters

In a recent report by NBC News, cybersecurity company TrustWave found a bad guy selling voter registration data on 186 million Americans.
Continue Reading

The Ultimate Cyber Security Tip

It’s Cyber Security Awareness Month, and the security advice is flowing out from all corners of the web to advise your users on remaining secure. However, all this information can be ...
Continue Reading

Middle Management is the Next Target for Phishing Attacks

Mid-level managers need to be particularly wary of targeted phishing attacks, according to Jenn Gast at INKY. Gast explains that criminals can easily conduct open-source research on a ...
Continue Reading

Notes on Social Engineering, and What to Do About It

Phishing attacks are growing in prevalence during the pandemic, according to David Dufour, Vice President of Engineering and Cybersecurity at Webroot. Webroot’s recent threat report ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews