Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Cybercriminals Set Sights on Digital Identities of Singapore Citizens

Jun 27, 2024 1:46:23 PM By Stu Sjouwerman
Singapore has become the latest target for cybercriminals looking to steal digital identities and exploit them for nefarious purposes.
Continue Reading

The Double-Edged Sword of AI: Empowering Cybercriminals and the Need for Heightened Cybersecurity Awareness

Jun 26, 2024 2:33:03 PM By Javvad Malik
The BBC recently reported that Booking.com is warning that AI is driving an explosion in travel scams. Up to 900% in their estimation - making it abundantly clear that while AI can be a ...
Continue Reading

BEC Attacks Accounted for More Than One in Ten Social Engineering Attacks in 2023

Jun 24, 2024 9:21:30 AM By Stu Sjouwerman
A new report from Barracuda has found that email conversation hijacking attacks have risen by 70% since 2022. Additionally, business email compromise (BEC) attacks accounted for 10.6% of ...
Continue Reading

The Indispensable World of Red Teaming

Jun 20, 2024 11:35:56 AM By Javvad Malik
In this mad, mad world of breaches, organizations are scrambling to keep their heads above water. It's like trying to navigate a minefield while blindfolded and riding a unicycle — one ...
Continue Reading

[Heads Up] Tricky Fake Invoice Phishing Attack Uses Search to Deliver Malware

Jun 17, 2024 3:16:07 PM By Stu Sjouwerman
Researchers at Trustwave warn that a phishing campaign is distributing malware via HTML attachments disguised as invoices. Notably, the HTML files abuse the Windows Search protocol to ...
Continue Reading

No Politician Too Small: School Board Candidates Targeted By Phishing and BEC Scams

Jun 17, 2024 3:15:49 PM By Stu Sjouwerman
Cybercriminals are broadening their targets to include even local political candidates, as an escalating series of phishing attacks was recently directed at school board candidates in ...
Continue Reading

Phishing With Deepfakes for HK$200 Million

Jun 13, 2024 2:29:59 PM By Martin Kraemer
My hacker story occurred not too long ago at the Hong Kong office of an undisclosed multinational corporation. The hackers pulled off a first-of-its-kind scam that leveraged a phishing ...
Continue Reading

New Research Shows An Alarming Trend of Phishing Attacks Doubling For US and European Organizations

Jun 12, 2024 3:25:33 PM By Stu Sjouwerman
Cybercriminals never sleep, and their aim keeps getting better. According to new research from Abnormal Security, phishing attacks targeting organizations in Europe shot up by a ...
Continue Reading

Everything You Can Do to Fight Social Engineering and Phishing

Jun 10, 2024 8:00:00 AM By Stu Sjouwerman
Social engineering and phishing are not just IT buzzwords; they are potent threats capable of devastating damage to your organization.
Continue Reading

Nearly Three-Quarters of Organizations Were the Target of Attempted Business Email Compromise Attacks

Jun 7, 2024 2:20:40 PM By Stu Sjouwerman
New data highlights just how dangerous Business Email Compromise attacks are.
Continue Reading

Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing

Jun 7, 2024 8:16:24 AM By Roger Grimes
I have created a comprehensive webinar, based on my recent book, “Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing”. It contains everything that KnowBe4 ...
Continue Reading

Social Engineering Scams Can Come in the Mail, Too

Jun 6, 2024 8:27:18 AM By Roger Grimes
Social engineering scams can come through any communications channel (e.g., email, web, social media, SMS, phone call, etc.). They can even come in the mail as the Nextdoor warning below ...
Continue Reading

“Operation Endgame” Ends with the Arrest of 4 Cybercriminal Suspects and 100 Servers

Jun 6, 2024 8:27:15 AM By Stu Sjouwerman
Coordinated efforts between law enforcement agencies across nine countries has resulted in a major disruption of a threat group’s malware and ransomware operations.
Continue Reading

26% of Global Organizations Lack Security Training Programs

Jun 6, 2024 8:26:39 AM By Stu Sjouwerman
More than a quarter (26%) of organizations around the world provide no security awareness training for their employees, according to a survey by Hornetsecurity. The researchers found that ...
Continue Reading

[NEW RESEARCH]: KnowBe4’s 2024 Phishing by Industry Benchmarking Report Reveals that 34.3% of Untrained End Users Will Fail a Phishing Test

Jun 4, 2024 8:00:00 AM By Joanna Huisman
The prevalence of cyber crime continues to soar, victimizing individuals in both their work and private lives. Cybercriminals are indiscriminate, targeting around the clock and across the ...
Continue Reading

Criminals Abuse Cloud Storage Platforms to Host Phishing Sites

May 29, 2024 2:42:32 PM By Stu Sjouwerman
Threat actors are abusing cloud storage platforms to host phishing sites that can more easily evade detection by security scanners, according to researchers at Enea. Criminals are ...
Continue Reading

Threat Actor Void Manticore Uses Cyber Weapon “Wipers” to Destroy Data and Systems

May 29, 2024 2:42:27 PM By Stu Sjouwerman
This Pro-Hamas hacktivist group has updated their payload arsenal to include updated versions of their BiBi Wiper malware, and two new wiper variants.
Continue Reading

New Research Finds Phishing Scams Targeting Popular PDF Viewer

May 23, 2024 2:40:28 PM By Stu Sjouwerman
Several phishing campaigns are targeting users of the Foxit PDF Reader, according to researchers at Check Point. Foxit is a popular alternative to Adobe Acrobat Reader for viewing PDF ...
Continue Reading

Don't Let Criminals Steal Your Summer Fun

May 22, 2024 3:18:33 PM By Javvad Malik
Summer has finally arrived in certain parts of the world, and with it come many exciting events — from the grandeur of the Olympics to the grass courts of Wimbledon, from the electrifying ...
Continue Reading

Malicious Use of Generative AI Large Language Models Now Comes in Multiple Flavors

May 22, 2024 3:18:20 PM By Stu Sjouwerman
Analysis of malicious large language model (LLM) offerings on the dark web uncovers wide variation in service quality, methodology and value – with some being downright scams.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews