Social Engineering

Social Engineering news, information, and how-to advice

1 rsa opener

phishing

Russian hackers used State Dept. systems to Phish White House staffers

U.S. officials briefed on the investigation have told CNN that Russian hackers used their access after compromising the U.S. State Department to target sensitive information on the unclassified White House network.

shoulder surfing

Beware the ‘visual hack’

Social engineering is by far the largest security threat to most organizations. But recent research showed that a "surgical strike" from a hacker strolling through an office as a "part-time worker" can yield a small amount of very...

Google logo fisheye

Google error leaks website owners' personal information

A Google software problem inadvertently exposed the names, addresses, email addresses and phone numbers used to register websites after people had chosen to keep the information private.

030415blog hillary clinton checks her email

Why the Hillary Clinton email story is a big deal

A security-only look into why using a personal email address for business communication is an all-around bad idea, regardless if you are a CSO or the Secretary of State (but an extremely bad idea if you are the Secretary of State).

telephone operators 1952

Call recording on: Listen to an actual Microsoft support scam as it happened

The scam starts with a call that warns of problems, and immediately offers to connect you with a Microsoft support staffer. Their goal is to remotely control your system and install malware and rogue anti-Virus software.

security phishing hook

Domain keywords used to spot phishing sites

Criminals setting up fake domains for phishing are prone to use the same words over and over and spotting those words can help identify malicious sites, according to a new threat detection model from OpenDNS.

slide to unlock

iPhone theft victims tricked into unlocking devices

Symantec has discovered a campaign that aims to unlock Apple devices after they've been lost, which requires either the device's passcode or the credentials for a person's iCloud account.

apple pay

Crooks targeting call centers to further Apple Pay fraud

According to mobile payments expert, Cherian Abraham, fraud on Apple's mobile payment platform – Apple Pay – is rampant. However, Apple's hardware and software security measures remain intact; the issue at the heart of most fraud...

medical records healthcare medicine file document claim form doctors office hospital 000000399129

Anthem: 78.8 million affected, FBI close to naming suspect

On Tuesday, Anthem, the nation's second largest health insurer, said that 8.8 to 18.8 million people who were not customers could be impacted by their recent data breach, which at last count is presumed to affect some 78.8 million...

clean desk

Low tech 'visual hacking' successful nine times out of ten

Researchers were able to get sensitive corporate information just by looking around corporate offices in 88 percent of attempts, according to a new study

funeral hearse

Scammers using obituary notices to acquire new victims

It's a low, ruthless way to make a living, but criminals rarely have a conscience to speak of, if at all. Still, it takes a special type of person to target those already suffering form the sudden and tragic loss of a loved one; but...

hackers

7 social engineering scams and how to avoid them

Even the most savvy IT professionals can fall victim to social engineering attacks. Here’s how to recognize these threats and avoid falling prey to them.

04 phishing

Omaha's Scoular Co. loses $17 million after spearphishing attack

Fraudsters targeting an Omaha company last summer used extremely well-targeted emails to convince its controller to send a series of wires totaling $17.2 million to a bank in China.

paypal headquarters

Many PayPal lookalike phishing websites taken offline

PayPal has worked to shut down a handful of phishing websites that sought to steal people's login credentials by appearing to be the company's real website, according to a security company.

security phishing hook

Warning: Anthem data breach used as lure in Phishing campaigns

Hours after the nation's second largest health insurer announced that they've suffered a data breach that could impact millions of people; criminals started sending Phishing emails related to the incident, seeking personal...

super bowl crash

Social Engineering at the Superbowl

Two Irish men easily defeated the complex, coordinated security efforts at the Superbowl with nothing more than a smile. What can security leaders learn from their sneak-in success?

ransomware man pointing gun out of computer security

Ransomware isn't a serious threat says threat intelligence firm

Emails containing malicious links are spreading under the pretense that they offer access to updated versions of Google's Chrome browser. But instead of a new browser, victims are being directed to copies of a Ransomware variant known...

phishing

The worst of the worst phishing scams

The depths a phishing scammer will stoop to in order to gain a buck are remarkable. Here are some of the bottom feeders to guard against in your inbox.

Load More