Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

This social engineering attack starts with a fake customer-service call

Michael Kan at CSO reported on a TrustWave blog post with some troublesome news: "Hotel and restaurant chains, beware. A notorious cybercriminal gang is tricking businesses into ...
Continue Reading

The New Posterboy of CyberInsecurity: John Podesta Fell For Social Engineering Attack

Motherboard has a great article explaining just how Podesta, Chairman of the 2016 Hillary Clinton presidential campaign got hacked. (Podesta previously served as Chief of Staff to ...
Continue Reading

AI-powered ransomware is coming, and it's going to be terrifying

Business Insider started an article with the following: "Imagine you've got a meeting with a client, and shortly before you leave, they send you over a confirmation and a map with ...
Continue Reading

Gang Uses Social Engineering To Steal 147 Million Dollars

Police have arrested a 147 million international fraud and money laundering ring, and jailed nine fraudsters jailed for over 27 years The gang targeted thousands of Lloyds and RBS ...
Continue Reading

Don't Make These Two Major Multi-Factor Security Mistakes

An employee sent this recent horror story to me (thanks Rachel). Remember there are three ways of learning. :-D Read it in a book, blog (or training session) understand it and apply it ...
Continue Reading

July 2016 Ransomware Roundup: New Strains And New Nasty Features

The ransomware market is rapidly maturing, we start seeing upgraded strains and rebranded versions sold cheaply in the Dark Web. And mainstream media have finally glommed on after years ...
Continue Reading

Wow, the bad guys are moving fast with CEO Fraud!

KnowBe4 is expanding fast, we now have 120 employees and we just hired a new controller late May to help out our very busy CFO. Part of the KnowBe4 onboarding is getting through our ...
Continue Reading

New Study Shows Your Apps Could Be Putting Your Personal Information At Risk

A recent study by Cloudlock, a cyber security company, revealed several popular apps that could allow hackers an easy gateway to access your personal information.
Continue Reading

"BadTunnel" Social Engineering Attack Hijacks Your Network Traffic

A researcher in China has discovered a design flaw in Microsoft Windows that affects all versions of the operating system using NetBIOS spoofing —including Windows 10— and lets an ...
Continue Reading

[INFOGRAPHIC] Don't Be The Victim Of A Cyberheist

We have created a new infographic for your users, as part of your ongoing security awareness training program. It's a few good reminders how to stay safe online, and to keep their ...
Continue Reading

How To Stop Your Ex-Girlfriend Sending Nude Photos To A Fake Facebook Profile

In a case of sophisticated social engineering, a fraudster created a fake profile of actor Vincent Gallo. He then proceeded to engage in a 2-month long scam, flirting online and sending ...
Continue Reading

Troy, Mich Investment Firm Loses $500,000 in CEO Fraud

An employee at a Troy, Mich., investment firm fell for a CEO Fraud attack and was social engineered into transferring almost $500,000 to a Hong Kong bank. The error was noticed eight days ...
Continue Reading

US Company Falls Victim To $100 Million CEO Email Fraud

An as yet unknown American company fell victim to nearly $100 million in CEO Fraud. Employees were social engineered by spoofed emails that claimed to be one of its legitimate vendors, ...
Continue Reading

Ransomware Attack Shuts Down Medstar Washington Hospital

The Washington Post reported that a ransomware infection penetrated the computer network of MedStar Health early Monday morning, forcing the Washington health care behemoth to shut down ...
Continue Reading

Scam Of The Week - Netflix For Free

Netflix’s popularity continues to grow fast, and they recently launched their streaming service globally. Obviously that makes them a hacker target. At the moment, there are active ...
Continue Reading

Scam Of The Week: Your Stolen iPhone Has Been Found

Between 3 and 4 million smartphones are stolen every year. It's your modern-day purse snatching. Many people put their entire private and work lives on these devices that can cost up to ...
Continue Reading

CEO Fraud Costs Boeing Vendor 54 Million Dollars

Effective security awareness training for your high-risk employees is becoming a major priority. The accounting team of FACC, who design and manufacture aircraft components for Boeing and ...
Continue Reading

Scam Of The Week: Phish With Hidden Sting

As you may have heard, KnowBe4 has released a no-charge Outlook Add-in that allows employees to report phishing attacks to their Incident Response team with just one click. It's called ...
Continue Reading

Scam Of The Week: Dell Tech Support Service Tag Hack

This is a real one. A number of people using Dell PCs have been contacted by scammers claiming to be Dell Tech Support who actually had specific data that only Dell could have had. We're ...
Continue Reading

Scam Of The Week: Enter To Win Tickets To Star Wars

It's "Scam Of The Week" time to warn your users against phishing attacks that try to trick them into winning movie tickets for the new Star Wars movie. For the next 2 months this is going ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews