Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

Cybercrime uses hidden file extensions to trick users

Symantec contributor Fred Gutierrez shows clearly in this blog post why it can be deadly to click on a .JPG file: "Cybercriminals have continuously evolved their methods throughout the ...
Continue Reading

Omaha cast net that caught cyberthieves

Matthew Hansen, World-Herald Staff Writer just wrote a great article that illustrates what I have been warning about these last years. It starts out like this: "Imagine for a moment that ...
Continue Reading

How to Start an IT Security Awareness Program

Mike Chapple is an IT professional and assistant professor of computer applications at the University of Notre Dame. He wrote at biztechmagazine:"Are your users aware of their ...
Continue Reading

Check Out This NY Traffic Ticket Phish!

Kevin Mitnick sent this phish over. It's a classic attempt to get you to avaid a problem, but the moment you click this link, life will become a lot more painful. So... Stop. Look. Think ...
Continue Reading

Antivirus 10-Second Flash Survey: Is this bonus attractive?

You're in the market to replace your existing Antivirus. One of the vendors on your shortlist has a Special Bonus they are offering. They are going to give you a free high-quality ...
Continue Reading

Bogus Olympics 2012 Email Warning Blindside Users With Malware

The upcoming London Olympics is undoubtedly one of the most highly-anticipated sports event of the year. It is also a favorite social engineering ploy among cybercriminals. Just recently, ...
Continue Reading

Scam Of The Week: 'The Evil Unsub'

An ordinary piece of spam slips through the filters, and you see a gorgeous sandy beach with palm trees. It's an enticing ad for a vacation to a tropical island, basically a big picture ...
Continue Reading

Six Steps To Successful Security Awareness Training

Continue Reading

SMS-controlled Malware Hijacks Android Phones

Researchers at NQ Mobile, working alongside researchers at North Carolina State University, have discovered new Android malware that is controlled via SMS that can do a number of things ...
Continue Reading

Finally Defined: 'Advanced Persistent Threat'

[caption id="" align="alignleft" width="650" caption="Advanced Persistent Threat"][/caption]
Continue Reading

Global Payment Hack: Almost 340 Million Drop in Value

[caption id="" align="alignleft" width="290" caption="Global Payment Hacked"][/caption] This is what they said in their press release: “Global Payments Inc. (NYSE: GPN), a leader in ...
Continue Reading

Malicious Office documents target Mac OS X

Trendmicro reported: "We have recently analyzed a series of emails sent to specific users that leverage a certain prominent socio-political issue. One of these messages is about the ...
Continue Reading

Shield your business from cybercrooks

Anne Fisher, Editor of New York's Executive Inbox wrote: "Can you recognize a potentially disastrous breach of your computer system’s security when you see it? Let’s find out with two ...
Continue Reading

Look Ma, malware without files!

Wow, instead of an exploit dropping a file onto the file system and running it... a DLL is injected straight into memory from the exploit, leaving nothing to scan on the harddrive. Writen ...
Continue Reading

The Top 5 Executive Spear-phishing Scams

We recommend you copy and paste this section, and send it to your executive team, with a warning that they might be targeted with spear-phishing attacks. They need to 'Stop, Look, Think' ...
Continue Reading

RSA Post-mortem: Massive Human Component To Security

George Hulme wrote on the CSO site: "There was an unusual level of gloom at the RSA Conference this year, and for good reason: a number of the biggest and most respected security firms ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews