Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

Cyber Incidents Are the Top Concern Among Executives

Businesses are finally realizing the continually present threat that hackers, scammers, and cybercrime organizations pose, according to new data from insurer Allianz.
Continue Reading

Bad Guys Built A Completely Fake News Website For A Bitcoin Phishing Scam

The Central Bank of Malta has issued a statement warning people about a bitcoin phishing scam being pushed by a spoofed news website, the Times of Malta reports. The site imitated a ...
Continue Reading

Texas School District Loses $2.3 Million In BEC Scam

Texas’s Manor Independent School District was the victim of a costly 2.3 million dollar Business Email Compromise (BEC) scam in November of 2019.
Continue Reading

An Overview of Phishing from the Accounting Sector

Employee training is an essential long-term defense against phishing attacks, according to David Barton and Kimberly Anderson at UHY Advisors. In an article for Accounting Today, Barton ...
Continue Reading

[Scam Of The Week] Don't Fall For This Tricky: “Start your 2020 with a gift from us”

Paul Ducklin at Naked Security warned us about a scam that just surfaced and promises a gift by courier from overseas where the other person hasn’t told you what they’re sending – the ...
Continue Reading

The Top 5 Eyeopener Strategies To Improve Your IT Defenses And Keep Bad Guys Out Of Your Network

Last year, in 2019 according to CVEdetails, there were 12,174 new, publicly announced vulnerabilities. If that sounds like a high number, it’s a lot less than the previous two years. We ...
Continue Reading

Scammer Who Tricked Facebook and Google Out of $120 Million Gets 5 Years in Jail

The Lithuanian hacker who ran the most notorious, simplest, and most lucrative email-based social engineering fraud scam has been brought to justice and will be serving time and paying ...
Continue Reading

Smishing 101 and Defenses

Smishing is phishing via Short Message Service (SMS) on a participating device, usually a cell phone. Long neglected by phishers and spammers, smishing has recently become a very common ...
Continue Reading

Encryption Isn’t Your Only Ransomware Problem - There Are Some Other Nasty Issues

Ransomware has become one of the most dreaded problems in the cyber world and it’s only getting worse. Much worse!
Continue Reading

Phishing Emails on the Rise as Spear Phishing Continues to Return Bigger Payouts

New data from Microsoft Security Insights sheds some needed light on exactly what the bad guys are doing and how they’re shifting tactics. Sometimes it feels like the bad guys are ...
Continue Reading

Penn State Warns of Spear Phishing Attacks

Penn State is warning its community about a recent spike in phishing attacks targeting the university’s employees. Attackers are sending emails posing as real Penn State employees and ...
Continue Reading

Announcing A New 8-Minute Training Module - Social Media: Staying Secure in a Connected World

As you probably know, social media is the number one place that attackers can get intel about your organization to make their "hacking of your humans" more effective. We have been hearing ...
Continue Reading

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. ...
Continue Reading

Seven Kinds of Malware, and all Arrive by Social Engineering

Naked Security outlines seven different categories of malware and describes how each of them through social engineering techniques can affect your organization. Some or all of these ...
Continue Reading

Phishing Remains the Most Widespread Risk

As organizations look to improving their defenses, it’s worth remembering that attackers usually get through those defenses by manipulating the human beings those security measures are in ...
Continue Reading

Tax Season Warning: the IRS on Social Engineering

We have had occasion to warn of this before, but as 2020 begins and April 15th approaches, it may be worth another mention. The US Internal Revenue Service wants taxpayers to keep a sharp ...
Continue Reading

PayPal Scammers Want More than Just Your PayPal Credentials

Researchers at ESET have come across phishing sites that try to steal PayPal logins along with a wide range of personal and financial information. The scam begins with phishing emails ...
Continue Reading

Veterans are High-Payoff Social Engineering Targets for Scammers

Veterans are particularly valuable targets for various types of social engineering attacks, according to Mary K. Talbot at the Providence Journal. Veterans are often respected leaders in ...
Continue Reading

Star Wars Rogue One: A Phish Story

We’ve heard that scammers are exploiting the release of the new Star Wars movie by distributing malware disguised as free copies of the film. But what if we turned this on its head and ...
Continue Reading

These Aren't the Droids You're Looking For

Researchers at Kaspersky have identified sixty-five malicious files masquerading as online copies of Star Wars: The Rise of Skywalker, TechRepublic reports. The files are spread via ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews