Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

Phishing Attacks Go Mobile as Cybercriminals Leverage Push Notifications

Taking advantage of the inherent trust in mobile content, the bad guys are using a mixture of phishing text messages and look-alike sites to trick users into giving up credentials.
Continue Reading

[Heads-up] The U.S. Launched A Cyber Attack On Iran, And We're Expecting Spear Phishing Strike Backs

The tension in the Middle-East apparently prompted a game-changing move by the U.S. President.  Washington Post sources say exactly 10 years after Stuxnet, the President approved a ...
Continue Reading

UK Forensic Crime Labs Shut Down Due To Ransomware Attack

Every police force across England and Wales has been forced to prioritize evidence for forensic testing following a criminal cyber attack affecting one of the primary forensic service ...
Continue Reading

FBI Alert: Last Week Conflict With Iran Can Cause Spear Phishing Retaliation

This blog post has been superseded by a more recent one.  You can find this new post here.
Continue Reading

The Fake French Minister In A Silicone Mask Who Stole Millions

Identity theft is said to be the world's fastest-growing crime, but in sheer chutzpah there can be few cons to match the story of the fake French minister and his silicone mask.
Continue Reading

How Hackers Emptied Church Coffers with a Phishing Attack and Social Engineering Phone Call

Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
Continue Reading

Hit by Ransomware Attack, Florida City Agrees to Pay Hackers $600,000

It was all over the press, and even made it in the New York Times: "The leaders of Riviera Beach, Fla., looking weary, met quietly this week for an extraordinary vote to pay nearly ...
Continue Reading

Subdomain Scam Hits Australian Government Seeking Money to “Register” Bogus Domain Names

Employees of agencies within the Australian government have been receiving targeted emails offering to register what amounts to a subdomain of a legitimate look-alike domain.
Continue Reading

Social Engineering is at the Root of Nearly all Fraud Attacks

According to the latest fraud report from RSA, all four of the documented fraud attack methods use some form of social engineering to trick victims into giving up their money.
Continue Reading

[On-Demand Webinar] Open Source Intelligence (OSINT) Hacking Data Sources That Bad Guys Use

Ever wonder how hackers, spies, and con-artists gather such detailed and convincing intel on their targets?KevinMitnick, the world's most famous hacker and KnowBe4's Chief Hacking ...
Continue Reading

Biometrics Can’t Replace Passwords: A Cybercriminal's Dream

In the quest to create a more secure environment, new ways to authenticate that replace the password are being sought. But it’s looking like passwords are here to stay.
Continue Reading

Red Flags Warn of Social Engineering

The easiest way to avoid falling for scams and other social engineering attacks is to have an understanding of the tactics employed by attackers, according to Roger A. Grimes, writing in ...
Continue Reading

Account Takeover Attacks Increase as Cybercriminals Fine-Tune Their Brand Impersonation, Social Engineering, and Phishing Skills

The latest Spear Phishing Report from Barracuda highlights how cybercriminals are systematically improving their game… and are becoming more successful for it. The capturing of user ...
Continue Reading

[Heads-Up] If This Is True It's A Disaster. Three Major US Antivirus Companies Breached? ***UPDATED

ARSTECHNICA is getting me worried here. We were all at KB4-CON in Orlando the last few days, and during the conference word got to me that security researchers found out that high-profile ...
Continue Reading

[Spoiler!] That Free Avengers: Endgame Download You Found Online? It’s a Scam!

The lure of watching the latest Avengers movie is enough motivation for some to fall for this scam aimed at collecting your credit card data.
Continue Reading

IT and Executives are (Mostly) in Alignment and Both Fear the Phish

According to the latest from AT&T Cybersecurity, enterprise IT and boardrooms largely see eye-to-eye… and those eyes are watching some very common, yet pervasive, threats.
Continue Reading

Brunswick Church Falls For Phishing Scam Of Almost $2 Million

Staff at St. Ambrose Roman Catholic Church in Brunswick say the church was scammed out of nearly $2 million. The church said a phishing email led it to believe that a construction firm ...
Continue Reading

PSA: How To Recognize Disinformation

One of the skills everyone needs to prevent social engineering attacks is to recognize disinformation. False information that is intended to mislead people has become an epidemic on the ...
Continue Reading

Evil TeamViewer Attacks Under the Guise of the U.S. State Department

A targeted, email-borne attack against embassy officials and government finance authorities globally is making use of a malicious attachment disguised as a top-secret U.S. document. It ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews