Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

Customers of Cryptocurrency FTX are Target of  Phishing Emails

Customers of the bankrupt cryptocurrency exchange FTX are already receiving phishing emails following a breach of personal data held by several crypto companies, CoinDesk reports.
Continue Reading

Top 10 Trends in Business Email Compromise for 2023

Researchers at Trustwave have published a report outlining trends in business email compromise (BEC) attacks, finding that these attacks spiked in February of 2023.
Continue Reading

Use KnowBe4’s New Callback Phishing Feature to Boost Your Organization's Security Awareness

What's the Deal with Callback Phishing?
Continue Reading

Data Breaches Involving Social Engineering Attacks Take Longer to Identify and Contain

Continuing coverage of IBM’s recently-released Cost of a Data Breach report, we focus on the impact attacks involving social engineering have on data breach costs.
Continue Reading

Social Engineering Is the Number One Cybersecurity Problem by Far

The number one way that hackers and malware compromise people, devices, and networks is social engineering. No one argues that anymore, but it was not always known or discussed that way. ...
Continue Reading

LinkedIn Deception: How a Chinese Spy Tricked Thousands of UK Officials

In last few years, cyber espionage has taken a new form. A recent investigation by The Times has unveiled a Chinese intelligence officer's extensive use of LinkedIn to target UK ...
Continue Reading

[FREE RESOURCE KIT] Cybersecurity Awareness Month Kit 2023 Now Available

Get the resources you need to help keep your users safe from malicious social engineering attacks during this year's Cybersecurity Awareness Month with our free resource kit.
Continue Reading

Beware of Clickbait PDF Phishing Attacks Lurking in Search Results

We previously reported independently on PDF-based phishing attacks skyrocketing and the rise of SEO attacks. A recent research study found that the combination of both is quite common. ...
Continue Reading

Gootloader Malware Uses Social Engineering to Target Law Firms (or their Clients)

Law firms are being targeted by a large number of social engineering attacks involving the Gootloader malware delivery tool, according to researchers at Trustwave.
Continue Reading

[GUIDE] Scary SEO and Waterhole Attacks: What You Need to Know Now

Most social engineering scams search out their potential victims, often sending emails to known email addresses, sending chat messages to them or calling known phone numbers. The ...
Continue Reading

KnowBe4’s Interactive Phishing Analysis Center: Keep Your Finger On The Pulse

As a security awareness practitioner, keeping your pulse on industry - and geographical - benchmarking data and best practices is always a good way to measure your organization’s security ...
Continue Reading

Most Organizations Using Weak Multifactor Authentication

Most organizations are still using weak forms of multi-factor authentication (MFA), a survey by Nok Nok has found. These forms of MFA can be bypassed if an employee falls for a social ...
Continue Reading

GitHub Warns of Social Engineering Campaign Targeting Employees in the Technology Industry

A few weeks ago, GitHub posted on their blog a recent security alert that should have any organization in the tech industry worried.
Continue Reading

Boarding Pass Selfies and Cybersecurity Don't Mix

There is no such thing as a vacation for cybercriminals. We recently released our top summer cybersecurity travel tips to help keep you safe. Earlier this year, we posted about ...
Continue Reading

Advanced Phishing Campaign Exploits 3rd Parties

Researchers at BlueVoyant warn that attackers are increasingly adding an extra step to their phishing campaigns, impersonating third-parties to lend credibility to the scams.
Continue Reading

How KnowBe4 Can Help You Fight Spear Phishing

This blog was co-written by KnowBe4's Data-Driven Defense Evangelist Roger A. Grimes and Chief Learning Officer John Just. Social engineering is involved in 70% to 90% of successful ...
Continue Reading

Beware of the Barbie Scam: What You Need to Know After the Recent Movie Release

Scammers are taking advantage of the popularity of the Barbie movie, according to researchers at McAfee.
Continue Reading

Phony Browser Updates Deliver NetSupport Trojan Using Social Engineering Tactics

A new social engineering campaign tracked as “FakeSG” is distributing the NetSupport remote access Trojan (RAT) via phony browser updates, according to researchers at Malwarebytes. The ...
Continue Reading

[INFOGRAPHIC] KnowBe4’s Content Library by the Numbers

KnowBe4 offers the world’s largest library of always-fresh security awareness and compliance training content that includes assessments, interactive training modules, videos, games, ...
Continue Reading

[HEADS UP] See WormGPT, the new "ethics-free" Cyber Crime attack tool

A new generative AI model called “WormGPT” is being offered on cybercrime forums, according to researchers at SlashNext. While other AI tools, such as ChatGPT, have safeguards in place ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews