Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

Scam Of The Week: Ransomware Uses Child Porn Threat

Getting caught viewing child porn is a huge deal and instantly makes you an outcast in most western countries. Cybercriminals have cooked up a new way to blackmail people out of their ...
Continue Reading

Scam Of The Week: "U.S. Starts Bombing Syria"

This one is crafty. There is a fake CNN spam being sent with a subject that reads: "The United States began bombing!" in Syria, but clicking on it will likely result in the workstation ...
Continue Reading

Kevin Mitnick Security Awareness Training 2014

Continue Reading

Kevin Mitnick Details Modern IT Threats; spear phishing and more

One of the most infamous hackers of all time talks about Website security and what users should do to protect themselves. In the world of computer security hackers, few are as well-known ...
Continue Reading

Cybercrime Automates Fake ID's For Spear-phishing

Today it was reported through several sources that a new Cybercrime-as-a-Service option is available: creation of fake scanned passports, ID cards, driver's licenses and fake scanned ...
Continue Reading

Are Your Email Addresses On A Russian Phishing Site?

We are finding many U.S. commercial email addresses at the Russianemailsworld.boommer.ru website. It is really a 'staging' area for emails to be posted by the criminal underground. They ...
Continue Reading

Spear-phishing attackers vandalize CNN, TIME and Wash Post

You would think that by now journalists and people in media and advertising would be on the alert for social engineering red flags. But no. Syrian hacktivists sent a spear-phishing attack ...
Continue Reading

Hackers put a bull's-eye on small business

Less than 500 employees? You’ve got a 20 percent chance of being hacked, and if it happens there’s a good chance your business is finished.
Continue Reading

We started trusting bad code from Day One

Vint Cerf – Photo by Charles Haynes
Continue Reading

Scam Of The Week: "Held For Ransom"

You should alert your users that a particularly effective scam is growing by leaps and bounds recently. It's not new, but it's bursting into mainline cybercrime these last few weeks. The ...
Continue Reading

Watching Porn on a Mobile …Risky?

The Internet has its own Red Light District, and it is one of the most unsafe areas you can browse. Online porn is a profitable sideline for the adult industry, but a mainline business ...
Continue Reading

Scam Of The Week: Christian Singles

Continue Reading

Employees the Weakest Link of Cyber Security, Report Finds

Antivirus company Bitdefender reported something important. Here is their blog post of July 17, 2003.
Continue Reading

Congressional Aides Targeted By Spear-phishing Attacks

Reuters just reported that Congressional aides in the Senate and House of Representatives said on Thursday that they were notified of a potential security risk involving email and other ...
Continue Reading

Why help desk employees are a social engineer's favorite target

Steve Rangan over at the The CSO site wrote:
Continue Reading

Phishing Attack: Your Twitter friend may not really be your friend

There is a new phishing campaign doing the rounds trying to get your Twitter login credentials. The scam arrives as a direct messages to prospective victims from one of their contacts. ...
Continue Reading

7 reasons for security awareness failure

Ira Winkler and Samantha Manke just wrote a great article at the CSO site about why security awareness programs fail. They started out with: "There is a great dichotomy in Security ...
Continue Reading

CTO of media company faked-out employees with "phishing" emails

There is a fascinating article in SC Magazine dated July 3, 2013 which tells the story of Atlantic Media Chief Technology Officer Tom Cochran, who blasted out a simulated phishing email ...
Continue Reading

Five Ways Your Employees Can Kill Your Company

One - Insider Threat: Stealing valuable information for either profit or idealistic motives. Examples: Software developers taking home code for their next job, sales people downloading ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews