Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Answer 4 Simple Questions To Avoid a Social Engineering Attack

Dec 14, 2021 2:19:57 PM By Roger Grimes
I am usually not a man of a few words. I am the opposite. I write hundreds of pages a month and talk non-stop in person. But lately, I have been trying to be better at saying more with ...
Continue Reading

Socially Engineering Your Way to Customer Data

Dec 13, 2021 9:09:38 AM By Stu Sjouwerman
US telecommunications company Cox Communications has disclosed a data breach that exposed some customers’ information, BleepingComputer reports. The company said in a breach notification ...
Continue Reading

2021 Security Hints & Tips for Holiday Travels

Dec 9, 2021 4:00:15 PM By Stu Sjouwerman
The holiday season may be closer to "normal" this year, and that means your users will be even more focused on holiday activities - including travel. Cybercriminals will undoubtedly be ...
Continue Reading

New Phishing Campaign has Fake DHL Shipping

Dec 6, 2021 4:14:40 PM By Stu Sjouwerman
Researchers at Avanan have spotted a new phishing campaign that’s impersonating DHL with phony shipping notifications. The emails inform the recipients that they need to update their ...
Continue Reading

Bitcoin Scam Videos on Instagram are Part of an Elaborate Account Takeover Scam

Nov 30, 2021 10:55:20 AM By Stu Sjouwerman
This elaborate scam uses social engineering to trick victims into sending the hacker Bitcoin while holding Instagram accounts hostage.
Continue Reading

FBI: Cyber Attacks Target Organizations Involved in Mergers and Acquisitions

Nov 25, 2021 8:55:55 AM By Stu Sjouwerman
A new notification from the FBI warns organizations of attacks at the perfect time when organizations are spending money, new people are being introduced, and operations are in flux.
Continue Reading

Avoid Donating to Charity Scammers During Giving Tuesday 2021

Nov 23, 2021 5:07:27 PM By Stu Sjouwerman
Giving Tuesday is a great way for organizations and people to give back. However, this gives cybercriminals opportunities to take advantage of you with charity scams.
Continue Reading

[FREE Resource Kit] Stay Safe This Holiday Season with KnowBe4

Nov 23, 2021 5:05:00 PM By Stu Sjouwerman
Are your users aware of the holiday phishing scams cybercriminals will be sending them? This holiday season may be closer to "normal" this year, and that means users will be even more ...
Continue Reading

SEC Warns of Spoofed Emails Impersonating Their Employees

Nov 23, 2021 10:08:11 AM By Stu Sjouwerman
Scammers are impersonating the US Securities and Exchange Commission (SEC) with spoofed phone calls and other communications that attempt to steal money and personal information from ...
Continue Reading

Phishing Campaign Targets TikTok Influencers

Nov 22, 2021 1:23:42 PM By Stu Sjouwerman
Phishing emails are targeting large TikTok accounts with phony copyright warnings or offers for account verification, according to researchers at Abnormal Security.
Continue Reading

'Fake Ransomware' as a Form of Social Engineering

Nov 18, 2021 10:45:53 AM By Stu Sjouwerman
Attackers are exploiting a vulnerability in a WordPress plugin to deface several hundred websites with phony warnings of ransomware, the Record reports. Researchers at Sucuri found that ...
Continue Reading

Social Engineering, Persistence, and a Few Phone Calls is All it Takes to Steal $1 Million

Nov 18, 2021 9:00:45 AM By Stu Sjouwerman
The story of a Swiss investor who was convinced they were purchasing pre-IPO shares of AirBnB is the cautionary tale of how little it really takes to turn someone into a victim.
Continue Reading

Trends in Cybercrime Report Phishing, Non-Payment Scams, and Extortion

Nov 16, 2021 8:50:23 AM By Stu Sjouwerman
Social engineering attacks account for the vast majority of cybercrime in the US, according to researchers at SEON. The security firm found that phishing, non-payment or non-delivery ...
Continue Reading

[HEADS UP] Popular Stock Trading Platform Becomes Next Victim of Data Breach

Nov 9, 2021 8:57:32 AM By Stu Sjouwerman
Bleeping Computer recently reported a data breach from popular stock trading platform Robinhood. This breach has impacted over 7 million of their customers.
Continue Reading

New Browser Cookie “Smash and Grab” Attack Targets YouTube Creators

Nov 8, 2021 2:24:31 PM By Stu Sjouwerman
New attack details from Google’s Threat Analysis Group show how cybercriminals are innovating ways to use an initial attack to aid in additional crypto scams.
Continue Reading

Enabling and Securing Remote Workers are Top Concerns as 80% of Organizations Experience Cyberattacks as Often as Once per Hour

Nov 8, 2021 2:24:27 PM By Stu Sjouwerman
Organizations appear to be overconfident in their ability to protect themselves, despite glaring gaps in security, according to new data from cyber protection vendor, Acronis.
Continue Reading

Preparing for Black Friday Scams

Nov 8, 2021 8:56:54 AM By Stu Sjouwerman
Researchers at Tessian caution that people should be wary of scams as Black Friday approaches. The researchers found that thirty percent of people in the US reported receiving a phishing ...
Continue Reading

How Not To Get Phished: It Is the Message Not the Medium

Nov 5, 2021 8:45:10 AM By Roger Grimes
Back in the early 1990s, when I was first getting into the IT field as a full-time network administrator, I was tasked with writing up our corporation’s new email policy. Email was just ...
Continue Reading

FBI Warns that Financial Events are Occasions for Extortion

Nov 3, 2021 10:29:36 AM By Stu Sjouwerman
The US Federal Bureau of Investigation (FBI) has warned that ransomware operators are targeting companies that are going through financial events. The timing is designed to elicit and ...
Continue Reading

Not that You Would, but Looking for a Sugar Daddy's a Bad Idea

Nov 2, 2021 8:56:59 AM By Stu Sjouwerman
Scammers are using social media to target young women with offers to be their “sugar daddy,” according to Laura Josepha Zimmermann at Avast. Zimmermann received a message on Instagram ...
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews