Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.
Attackers can launch SMS phishing attacks to remotely change settings on a victim’s Android device, researchers at Check Point have found. These attacks take advantage of weak ...
Falling for social media hoaxes indicates a deeper underlying need for online awareness, according to Ben Yelin from the University of Maryland Center for Health and Homeland Security.
The latest method of attack uses sender familiarity to lower victim defenses and increase the potential for scams, attacks, or fraud to succeed.
The decade-old malware traditionally used to capture banking details has been given new life and spotted in the wild, being distributed via malicious Word documents.
Attackers are going after cloud-based customer relationship management (CRM) providers in order to launch unusually convincing phishing campaigns, KrebsOnSecurity reports.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain vigilant for malicious cyber activity targeting Hurricane Dorian disaster victims and potential ...
Trend Micro researchers have published details about a sophisticated phishing campaign they’ve named “Heatstroke.” The attackers behind Heatstroke go after victims’ private email ...
CEO Fraud—also known as Business Email Compromise—related cyber-insurance claims accounted for nearly a quarter of all claims in the EMEA region, AIG said.
Aubrey Wieber at the DemocratHerald reported: "A phishing scheme succeeded in breaking into the email accounts of five Oregon Judicial Department employees, exposing personal information ...
Catherine Stupp at the Wall Street Journal reported on something we have predicted would happen in this blog. The article started out with:
This week, ProPublica published a report describing how insurance companies now prefer to fork over hundreds of thousands of dollars / pounds / Euros in ransom to minimize the detriment ...
More than 1900 new potential bank phishing sites were registered in the first half of 2019, according to researchers at NormShield. Based on the increase in new suspicious domains ...
The latest data from Malwarebyte’s report Cybercrime Tactics and Techniques: Ransomware Retrospective shows businesses are at risk of ransomware attack now more than ever.
Back in June, we discussed Vade Secure’s “Phisher’s Favorite” report for Q1 2019, which found that Microsoft had been the most impersonated brand used in phishing attacks for four ...
A lowlife Colorado bail bondsman named Matthew Marre repeatedly posed as a law enforcement officer to trick T-Mobile, Sprint, and Verizon into giving him GPS data for his targets’ phones, ...
Social Engineering tactics seek to use any means that’s familiar to the intended victim – and unsubscribing is perceived as being so benign, it may just be the perfect way to fool your ...
Brian Krebs has reported that a dubious Internet provider, “Resnet,” was renting out tens of thousands of residential IP addresses to be used as proxies by fraudsters and spammers. ...
There are too many ransomware attacks to ignore the similarities. It’s either government networks are easy prey, or someone is trying to cash out on the U.S., one attack at a time.
The success of social engineering as part of phishing and spear phishing attacks has caused organizations to realize they need an effective tactic to make employees vigilant.
BleepingComputer has come across a phishing campaign that’s spoofing “Unusual sign-in” warnings from Microsoft to steal users’ credentials. The emails look nearly identical to Microsoft’s ...
