Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

How Crime Pays, Ransomware Edition

The Ryuk ransomware operators have raked in more than $150 million from their attacks, researchers at Advanced Intelligence and HYAS have found. The researchers describe how these ...
Continue Reading

Social Media & Parler in Troubling Times: New Opportunities for Malicious Actors

As most readers are undoubtedly aware, President Donald Trump has been de-platformed by major social media companies, including Twitter and Facebook, following events at the U.S. Capitol ...
Continue Reading

[HEADS UP] Australian Cyber Security Centre is Being Used in Malware Campaign

A warning was recently issued by the Australian Government of cybercriminals impersonating the Australian Cyber Security Centre (ACSC) to infect with malware.
Continue Reading

Signs of Inbound Ransomware

Organizations need to monitor for common signs of imminent ransomware attacks, according to Peter Mackenzie from Sophos. In an article for the Saudi Gazette, Mackenzie outlines five ...
Continue Reading

Securing Remote Employees is the Top 2021 Cybersecurity Challenge for Organizations

Security vendor CheckPoint provides insight into what are the organizational cybersecurity priorities for next two years, as well as where cybersecurity is going to be challenging.
Continue Reading

2020 Top Phishing and Vishing Attacks And Trends

It’s an extra challenging year, harder than most, to choose the most impactful cybersecurity events. The year ended with a bang – the Solarwinds supply chain attack – which possibly ...
Continue Reading

Beware of Puppy Scams

Researchers at Anomali have discovered eighteen scam websites offering pets for sale. Most of the websites purport to be selling dogs, although some offer cats and birds as well. The ...
Continue Reading

Beware! The Holidays Bring the Worst Out in Cyber Scammers

With emotions running high, time running out to get that last needed gift, and a returned focus on family and what’s truly important, scammers are taking advantage at every turn.
Continue Reading

New Office 365 Credential Scam Uses a Received Fax to Trick Victims

A clever mix of brand impersonation, a supposedly received message, a thumbnail preview, and new spoofed Office 365 logon pages are all that’s needed to trick victims into giving up ...
Continue Reading

The Cost of Ransoms Demanded and Paid Double in 2020!

According to new data from UK cyber insurer Beazley shows ransomware claims have increased materially and calls for organizations to employ a layered cyber defense.
Continue Reading

Learning More on Social Engineering Tactics are the Key to Preventing Phishing Expeditions

Understanding social engineering attacks is the key to thwarting them, according to Juan Badell and Russell Petrich, content designers for Sophos’s phishing simulation service. Badell and ...
Continue Reading

Facebook Describes APT32 Social Engineering Campaign

Facebook’s security team has taken action against a phishing operation run by APT32 (also known as OceanLotus), a threat actor associated with the Vietnamese government. Facebook says the ...
Continue Reading

Shame! Shame! I Got Phished

I can’t be phished. At least that’s what I used to believe.
Continue Reading

GDPR Compliance Scams Rising

Organizations need to be on the lookout for GDPR-themed phishing lures, according to Mike Puglia, Chief Product Officer at Kaseya. In an article for ITProPortal, Puglia explains that GDPR ...
Continue Reading

Why Are You Being Phished?

People often wonder, why are they being phished? Why are they being phished by a hacker in the first place? What does their organization have that some hacker decided they were noteworthy ...
Continue Reading

Election-themed Phishing is Likely to Persist

The US elections have come and gone, but people should still be on the lookout for election-themed phishbait, according to Roger Kay at Inky. Emotions are still running high in the US, ...
Continue Reading

Think Tanks Targeted by APT Actors

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory warning that nation-state advanced persistent threat (APT) actors are targeting US ...
Continue Reading

Number of Phishing Websites Double and Unique Phishing Campaigns Triple in Q3

New data shows the bad guys have been working diligently to step up their game on both the front and back end of phishing attacks, despite still being mid-pandemic.
Continue Reading

Dutch Government Sees Phishing More Than Double in 2020

In an exclusive article, the Dutch IRS gave its perspective on the cyber threat landscape in the Netherlands. December is typically one of the busiest months of the year for cybercrime ...
Continue Reading

Giving Tuesday Means an Influx of Charity Scams

Giving Tuesday is a great idea for organizations and people to give back to people in need, especially during the COVID-19 pandemic. However, this causes concern for an increase in ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews