Social Engineering

Social Engineering news, information, and how-to advice

dropbox mac icon
xmas malware

scam opener

Holiday scams that will be donning your inbox soon

Every year someone falls for something that is just too good to be true. Make sure your users are up to date on the latest social engineering scams this holiday season.

Scam definition

Patreon users threatened by Ashley Madison scammers

Over the last few days, the group responsible for extortion attempts and death threats against Ashley Madison users has turned to a new set of targets – Patreon users.

letter santa

Holiday messaging tips for the security team

Early November is a good time to lean-in on security messaging from the security team. Rebrand and re-message your October Cybersecurity month content into November pre-holiday messaging or put together new messaging. Also do not...

lizard squad

Cox to pay $595,000 for Lizard Squad data breach

Cox Communications has agreed to pay US$595,000 and submit to seven years of computer security compliance monitoring by the Federal Communications Commission to settle an investigation into whether the cable TV and Internet operator...

death skulls

Scammers switch from Ashley Madison extortion to death threats

Last week, Salted Hash reported on the extortion attempts by a group of scammers targeting the leaked Ashley Madison email list. Since that report, the extortion attempts have continued, but on Friday, the latest emails shifted from...

paypal logo

From start to finish, inside a PayPal Phishing scam

Phishing remains one of the fastest and easiest methods of personal compromise.

lightbulb genius

How long does it take for employees to be security conscious?

How much security awareness training is enough?

office man woman working

Social engineering: Employees could be your weakest link

Business leaders should be aware of the risks that social engineering can pose to their operations, reputation and customers.

ashley madison

DDoS scammers collect $20,000 with Ashley Madison extortion

Since September, Salted Hash has followed the extortion attempts from a group of scammers overseas who are targeting the leaked Ashley Madison email list. Most of the emails threaten exposure, but others threatened DDoS, as well as...

SSL padlock icon

Phishing websites look more legit with SSL certs from major companies

The Web is full of deception, and it's sometimes still hard for people to figure out if the website they're viewing really is what it says it is.

green paper glasses with fake black paper mustache

Fake LinkedIn profiles lure unsuspecting users

No doubt you've received a LinkedIn invitation from someone you don't know -- or you're not sure you know. Next time, you might want to think a little harder before accepting.

outlook attack

Near-flawless Social Engineering attack spoiled by single flaw

A reader recently shared an email that was sent to their comptroller, which by all accounts was a near-perfect social engineering attempt. However, awareness training, combined with full executive support to question any suspect...

07 amy schumer

2015's most dangerous celebrity web searches

Intel Security names DJ Armin van Buuren as the most dangerous cyber celebrity of 2015.

diverse group seated in a circular classroom with professor in the middle

Does security awareness training even work?

If even well-educated security experts mess up when it comes to security, can we really educate average employees to be more security aware?

bitcoin on keyboard

BitPay insurance claim rejected due to contract wording

BitPay, a Bitcoin payment processor, was hacked in 2014. When it came to filing their insurance claim with Massachusetts Bay Insurance Company (MBIC), they rejected the filing, because the initial incident that led to the $1.85M theft...

russian military

Russian military attacked, possibly by Chinese cyber group

Members of the Russian military have been receiving well-crafted phishing emails since mid-summer from attackers that use Chinese-language tools and Chinese command-and-control installations, according to a report released yesterday

 taxes calclulator IRS 1040

Call recording on: Listen as an IRS scammer threatens us with arrest if money isn't paid

This story starts with an automated call. One that if answered, plays a poorly recorded message informing you it's "the final notice" from the IRS. The recording goes on to state that the IRS is planning a lawsuit against you, and if...

paypal headquarters

PayPal helpfully disables two-factor authentication via Twitter DM

Images posted to Imgur, by an unknown PayPal customer, show support reps disabling two-factor authentication on request, in order to resolve a support issue. However, the level of authentication that was established during the support...

Load More