Social Engineering

Social Engineering news, information, and how-to advice

10 new social media scams to watch out for

Scams on social networks are nothing new, but they're constantly changing to keep up with and take advantage of the latest apps, trends, and news. Here are some of the most recent scams that are making the rounds.

internet gavel keyboard


Nigerian scammers move from gullible consumers to businesses

Nigerian scammers known for grammatically challenged emails promising riches in return for a small up-front payment are moving into the business of launching malware attacks against companies

serverskulls header

URL redirect flaw on NBC News website a spammer's dream

A URL redirection flaw on the NBC News website could be used by scammers to give links a false sense of added trust. This is in addition to ongoing abuse of MSNBC's publicly available Bitly API key, which is being used in an active...

stack of documents

Study examines the problems with metadata and file sharing

A study by Workshare, a company focused on secure file sharing applications, says that 68 percent of the 800 professionals surveyed failed to remove metadata before sharing documents. Due to this oversight, potentially sensitive...


Criminals target Flight 17 (MH17) discussions on Twitter

The tragedy that is Malaysia Airlines Flight 17 has sparked plenty of outrage, grief, and dismay on Twitter. Seeing an opportunity, criminals have targeted those discussions in order to spread malware.

binary hard drive

CryptoWall blamed for possible data breach at Benjamin F. Edwards & Co.

Warning of a potential data breach, Benjamin F. Edwards & Co. (BFE) says that CryptoWall, a variant of CryptoLocker, infected an employee's computer on May 27.

security awareness

No money, no problem: Building a security awareness program on a shoestring budget

Implementing a security awareness program seems rather straightforward, until you actually start to implement one - factoring in things like resources and the people (users) to be trained. At that point, it can seem complicated,...

security phishing

E-ZPass drivers warned about Phishing scam

E-ZPass Group, a toll collection program consisting of 25 agencies in 15 states, has issued a warning to customers concerning a Phishing scam that is posing as a collection notice.

security phishing

Campaign targeting user credentials discovered after five years

Researchers at Cyphort Labs have discovered a campaign that is actively targeting usernames and passwords, and has done so undetected since 2009.

Bitcoin and other currency

Phishing victim loses $60,000 in Bitcoin scam

A Phishing attack targeting people interested in bidding on the Silk Road Bitcoins has been successful, leading to a $60,000 loss for one firm.


Court summons scam makes a comeback

Researchers at AppRiver have been tracking an uptick in the number of emails containing the Zortob Trojan. The surge seems to be focused on an old scam, which warns the victim that they've been ordered to appear in court.

credit card caught on a fishing hook concept for addiction to spending with credit or phishing 9178

New banking malware spotted with Phishing attack

Researchers have discovered a previously unknown banking Trojan attached to an active Phishing campaign that started earlier this month.

FIFA Brazil 2014

Phishing, football and frauds: 15 ways to safeguard yourself during the World Cup

The 2014 FIFA World Cup in Brazil promises amazing football, frantic fans around the globe, and a playground for fraudsters

Brazil Mexico World Cup 2014

5 summer scams to watch out for this season

CSO presents a "Top Five" list of social engineering scams to beware of this summer. Not all of them are brand new, but they keep being used because they are successful.

Syrian Electronic Army

Inside an attack by the Syrian Electronic Army

The Syrian Electronic Army (SEA) has become a bit of a name brand as far as low-level hacking groups are concerned. Their methods are simple, but effective. They spend most of their energy on propaganda and self-promotion, but lately...

Phishing key

Scammers still using Google Drive for Phishing attacks

Criminals are back to using Google Drive for their Phishing campaigns, taking advantage of the service to present a seemingly legitimate website to victims.

mobile security phones

Five new threats to your mobile device security

Relentless cyber criminals are always looking for the next big hack, and mobile devices are the new frontier

binary hard drive

Purchase order scams now targeting construction suppliers

Earlier this year, Salted Hash reported on a wave of purchase order scams targeting university suppliers. Recently, scammers have expanded their scheme, by targeting industrial construction contractors and suppliers.

iran flag

Ajax Security Team: Are they Iran's latest threat?

FireEye released a report on Tuesday, focusing on a group from Iran known as the Ajax Security Team (AST). Are they the latest threat from the region, or something else entirely?

Load More