Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Scam Of The Week: Ebola Phishing Grows In Volume

Oct 19, 2014 9:52:00 AM By Stu Sjouwerman
I have been warning here before that Ebola phishing attacks would be more and more prevalent, as a result of the mass-media spending increasing amounts of time covering this threat.
Continue Reading

Poll: Employees Clueless About Social Engineering

Oct 2, 2014 2:20:00 PM By Stu Sjouwerman
Fresh from Dark reading: "When it comes to social engineering, Pogo, the central character of a long-running American comic strip, said it best. "We have met the enemy and he is us."
Continue Reading

New Android Ransomware Strain Locks The Device Twice

Sep 22, 2014 3:07:00 PM By Stu Sjouwerman
Researchers in Russia discovered a new Android ransomware strain which does not lock the device just once but twice. It spreads by using a social engineering trick, disguising itself as a ...
Continue Reading

Home Depot, Target Breaches Exploited Old WinXP Flaw

Sep 20, 2014 2:12:00 PM By Stu Sjouwerman
The massive security breaches and theft of credit card information at The Home Depot and Target have something in common. They were both allowed by a vulnerability in XP embedded that was ...
Continue Reading

Regular Facebook Users Are More Likely To Fall For Phishing Scams

Sep 19, 2014 3:32:00 PM By Stu Sjouwerman
Techcrunch was the first one to report on some very interesting findings:
Continue Reading

New KnowBe4 Whitepaper: A Short History of Ransomware

Sep 18, 2014 5:57:00 PM By Stu Sjouwerman
Continue Reading

Cyber Criminals Use AEA-256 Crypto To Obfuscate Phishing Sites

Sep 10, 2014 10:47:00 AM By Stu Sjouwerman
The Register said: "Well, at least someone listened to Snowden about privacy... Phishing fraudsters have begun using industry-standard AES-256 encryption to disguise the content of ...
Continue Reading

Five Reasons Why Clicking "Unsubscribe" May Be A Bad Idea

Sep 8, 2014 9:47:00 AM By Stu Sjouwerman
When you get on a mailing list you don't want to be on, it's easy to get off – just click on the "unsubscribe" link. But should you? Sophos Naked Security says maybe not. When you ...
Continue Reading

Scam Of The Week: Jennifer Lawrence Nude Pictures Phishing

Sep 2, 2014 10:00:00 AM By Stu Sjouwerman
There is a new (true) Current Event which unfortunately is the ultimate click bait. A hacker got into the Apple iCloud and hacked the account of Jennifer Lawrence and many other celebs.
Continue Reading

Chase Is Asking For Phishing Trouble

Aug 29, 2014 3:43:00 PM By Stu Sjouwerman
Chase bank says to click links if you suspect phishing. Huh? Yup, they do. Check out this email from Chase, scratch your head, and do not make this error in your own organization. If you ...
Continue Reading

J.P. Morgan Hacked Because Malware Infects Employee PC

Aug 28, 2014 9:19:00 AM By Stu Sjouwerman
This morning, the Wall Street Journal reported on the front page that J.P. Morgan was hacked and suffered a cyberheist called "a significant breach of corporate computer security".
Continue Reading

Bitcoin Phishing Click Rate Higher Than Regular Scams

Aug 27, 2014 8:41:00 AM By Stu Sjouwerman
The Proofpoint Threatinsight blog reported on something curious. They called their posting "Curiosity Clicks: Using Bitcoin’s hype for phishing fun" and came up with some interesting ...
Continue Reading

Not news: Windows Store is full of scam apps

Aug 22, 2014 1:42:00 PM By Stu Sjouwerman
Paul Thurrott over at WindowsIT Pro wrote:
Continue Reading

Workers At U.S. Nuclear Regulator Fooled By Phishing

Aug 21, 2014 11:34:00 AM By Stu Sjouwerman
Antone Gonsalves at CSO reported something that worries me, and this SHOULD NOT BE at this day and age.
Continue Reading

Cryptolocker Being Spread On YouTube Ads

Aug 21, 2014 11:12:00 AM By Stu Sjouwerman
VirusBulletin reported that cyber criminals now spread around Cryptolocker / CryptoWall via YouTube. The cyber criminals purchase advertising space and use exploit kits to infect ...
Continue Reading

Phishing: 4.5 million Community Health patients records stolen

Aug 18, 2014 1:44:00 PM By Stu Sjouwerman
n">(Reuters) - Community Health Systems Inc, one of the biggest U.S. hospital groups, said it was the victim of a cyber attack that originated in China, resulting in the theft of ...
Continue Reading

New CryptoLocker copycat: TorrentLocker

Aug 15, 2014 3:55:00 PM By Stu Sjouwerman
iSIGHT partners discovered a new ransomware strain, which uses components of CryptoLocker and CryptoWall but underneath the surface, the code is completely different from these two ...
Continue Reading

As Expected: Robin Williams 'Goodbye Video' Facebook Phishing Message

Aug 15, 2014 3:09:00 PM By Stu Sjouwerman
The scammers are at it, as expected. There is now a Facebook phishing message that invites users to click a link and see an "exclusive" video of Robin Williams saying goodbye through his ...
Continue Reading

Scam Of The Week: See Robin Williams Last Words On Video

Aug 12, 2014 9:23:00 AM By Stu Sjouwerman
Last night, news broke that Robin Williams was found dead in his home in Marin County, CA. It is suspected that it was either a suicide or an overdose. This is a celebrity death that the ...
Continue Reading

Security Awareness Training blocked Ransomware Infection

Aug 1, 2014 11:48:00 AM By Stu Sjouwerman
ComputerWorld in Australia reported on a very nice success where security awareness training prevented a major ransomware infection. They started out with: "People like to ask the ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews