Even ‘Unsubscribe’ Emails Can Put the Organization at Risk

Aug 26, 2019 8:05:24 AM By Stu Sjouwerman

Social Engineering tactics seek to use any means that’s familiar to the intended victim – and unsubscribing is perceived as being so benign, it may just be the perfect way to fool your ...

Social Engineering Used To Establish Shady Bulletproof Hosting

Aug 22, 2019 6:49:31 AM By Stu Sjouwerman

Brian Krebs has reported that a dubious Internet provider, “Resnet,” was renting out tens of thousands of residential IP addresses to be used as proxies by fraudsters and spammers. ...

Are Local Government and Municipalities Part of a Coordinated Attack on the U.S.?

Aug 15, 2019 3:17:12 PM By Stu Sjouwerman

There are too many ransomware attacks to ignore the similarities. It’s either government networks are easy prey, or someone is trying to cash out on the U.S., one attack at a time.

Social Engineering Testing is Necessary to Fend off Phishing Attacks

Aug 15, 2019 3:14:23 PM By Stu Sjouwerman

The success of social engineering as part of phishing and spear phishing attacks has caused organizations to realize they need an effective tactic to make employees vigilant.

The Unusual Activity Would be the Warning Itself

Aug 15, 2019 7:01:40 AM By Stu Sjouwerman

BleepingComputer has come across a phishing campaign that’s spoofing “Unusual sign-in” warnings from Microsoft to steal users’ credentials. The emails look nearly identical to Microsoft’s ...

Still Dodging that Sextortion Bullet

Aug 13, 2019 5:27:18 PM By Stu Sjouwerman

It has long been true that sextortionists really had nothing on their intended victims. No video, no screen captures, nothing at all beyond shame and an uneasy conscience. Unfortunately ...

Security warning for software developers: You are now prime targets for phishing attacks

Aug 13, 2019 11:25:00 AM By Stu Sjouwerman

Danny Palmer at ZDNet wrote: "Software developers are the people most targeted by hackers conducting cyberattacks against the technology industry, with the hackers taking advantage of the ...

Scam Of The Week: See Jeffrey Epstein Last Words On Video

Aug 12, 2019 8:47:51 AM By Stu Sjouwerman

This weekend, news broke that Jeffrey Epstein was found dead in his cell, apparently a suicide. This is a celebrity death that the bad guys are going to be exploiting in a variety of ways ...

Three Lessons from a Recent MegaCortex Ransomware Phishing Attack

Aug 12, 2019 6:55:16 AM By Stu Sjouwerman

The MegaCortex strain of ransomware has been used in criminal campaigns targeting businesses as opposed to private individuals. The QuickBooks cloud-hosting firm iNSYNQ, has sustained ...

Varieties of Extortion Experience

Aug 10, 2019 11:26:07 AM By Stu Sjouwerman

We are all familiar with ransomware and its increasingly dangerous cousin, wiper malware. The first encrypts your files and demands ransom payments in exchange for the decryption key. The ...

Here Are Some Interesting Headlines I Found During Black Hat

Aug 10, 2019 10:45:01 AM By Stu Sjouwerman

Black Hat 2019 - The Craziest, Most Terrifying Things We Saw: I ran into Neil Rubenking when I went to the Qualys party which was in the Foundation Room all the way on top of the ...

CEO Fraud hits B.C. lawyers for $2 million

Aug 9, 2019 3:12:16 PM By Stu Sjouwerman

Two B.C. law firms were targets of so-called social engineering frauds causing almost $2 million in real estate and investment funds to be wired to people other than clients the firms ...

New UK Study: "3 out of 4 phishing scams get to your inbox untouched"

Aug 5, 2019 7:10:08 AM By Stu Sjouwerman

Chris Matyszczyk wrote: "Apple sends me so many invoices every week that I scarcely know what I've gone and bought. This appears to have also crossed the minds of researchers at the UK's ...

Why School Districts are Targets of Social Engineering

Aug 5, 2019 6:56:36 AM By Stu Sjouwerman

School districts are becoming increasingly popular targets for ransomware, with at least five of these attacks occurring in July, according to the New York Times.

Freight Forwarding Email Scams are Business Killers

Aug 1, 2019 7:13:06 AM By Stu Sjouwerman

The Australian Cyber Security Centre (ACSC) has warned that multiple Australian IT suppliers have permanently closed their doors after falling victim to procurement scams, CRN reports. ...

Schools In Both The US And UK Victim Of Recent Phishing Attacks

Jul 29, 2019 6:42:38 AM By Stu Sjouwerman

A number of educational institutions have recently fallen victim to cyberattacks, highlighting the need for increased awareness training for students and faculty. SC Media UK has ...

OSINT – a Hacker’s First Asset in Targeted Attacks

Jul 25, 2019 5:19:19 PM By Stu Sjouwerman

Before a cybercriminal wants to engage in a targeted attack against a particular organization or individual, they’d like to know a few things first. That’s where OSINT comes into play.

Netflix's New "The Great Hack" Reminds Us -- If you Don't Pay For the Product You Are The Product

Jul 25, 2019 5:11:46 PM By Stu Sjouwerman

Last night, Netflix premiered “The Great Hack” which is based on the Cambridge Analytica scandal. They reminded us of the golden expression: “If you don't pay for the product you are the ...

HoneyTrap, The Oldest In The World Now As Iranian Catphish on LinkedIn

Jul 24, 2019 6:48:59 AM By Stu Sjouwerman

Iranian state-sponsored hackers are increasing their targeting of civilian targets amid escalating tensions between the US and Iran, according to Zak Doffman at Forbes. Doffman cites a ...

[Scam of The Week] New 'US State Police' Phishing Extortion Scam Includes Contact Numbers

Jul 20, 2019 11:26:21 AM By Stu Sjouwerman

Our friend Larry Abrams at Bleeping computer warned: "A new extortion scam is underway that pretends to be from a US State Police detective who is willing to delete child porn evidence if ...

Security Awareness Training Blog

Social Engineering Blog

View Topics