Social Engineering

Social Engineering news, information, and how-to advice

Social Engineer example
Phishing for passwords

GrandPad Senior Tablet

Security awareness: Training moms and end users to spot a scam

Char Yarema is of the generation of parents who did not grow up using technology, so her son, Jonathan Yarema, security consultant at Trustwave, has impressed upon her the importance of using caution and patience when surfing the web....

social engineering

Social engineering: 7 signs that something is just not right

Here is a list of some of the gotchas that should make your employees back away from the incoming email.

Password entry

ShmooCon: LastPass design elements create perfect Phishing opportunity

At ShmooCon on Saturday, Sean Cassidy, the CTO of Praesidio, demonstrated a clever attack against LastPass, which is possible thanks to a security trade off and easily spoofed UX elements.

U.S. Congress Washington DC

ShmooCon: Hackers and frozen hotel rooms (Day 0)

Washington, D.C. – This weekend, hundreds of hackers will head to the Washington Hilton for ShmooCon - the annual conference that for many is the first security event they’ll attend this year. Be sure to watch the blog this weekend...

no evil

5 sins cybersecurity executives should avoid

With the advent of 2016, I was tempted to touch upon my thoughts on what the future of the cyber landscape will hold, prognosticating trends and shifts and what the next big threat would be. However, upon deeper reflection and...

dropbox smartphone mobile

Phishing blast uses Dropbox to target Hong Kong journalists

Researchers at FireEye have disclosed an ongoing Phishing campaign that's using Dropbox as a delivery platform. The campaign is ran by a group that researchers have named "admin@338" and it's targeting media organizations in Hong Kong...

xmas malware

Tis the season…of malware

Every year cybercriminals find the time to give out holiday malware. It is their way of giving back to the community, so instead of look out for these pieces of malware coal.

scam opener

Holiday scams that will be donning your inbox soon

Every year someone falls for something that is just too good to be true. Make sure your users are up to date on the latest social engineering scams this holiday season.

Scam definition

Patreon users threatened by Ashley Madison scammers

Over the last few days, the group responsible for extortion attempts and death threats against Ashley Madison users has turned to a new set of targets – Patreon users.

letter santa

Holiday messaging tips for the security team

Early November is a good time to lean-in on security messaging from the security team. Rebrand and re-message your October Cybersecurity month content into November pre-holiday messaging or put together new messaging. Also do not...

lizard squad

Cox to pay $595,000 for Lizard Squad data breach

Cox Communications has agreed to pay US$595,000 and submit to seven years of computer security compliance monitoring by the Federal Communications Commission to settle an investigation into whether the cable TV and Internet operator...

death skulls

Scammers switch from Ashley Madison extortion to death threats

Last week, Salted Hash reported on the extortion attempts by a group of scammers targeting the leaked Ashley Madison email list. Since that report, the extortion attempts have continued, but on Friday, the latest emails shifted from...

paypal logo

From start to finish, inside a PayPal Phishing scam

Phishing remains one of the fastest and easiest methods of personal compromise.

lightbulb genius

How long does it take for employees to be security conscious?

How much security awareness training is enough?

office man woman working

Social engineering: Employees could be your weakest link

Business leaders should be aware of the risks that social engineering can pose to their operations, reputation and customers.

ashley madison

DDoS scammers collect $20,000 with Ashley Madison extortion

Since September, Salted Hash has followed the extortion attempts from a group of scammers overseas who are targeting the leaked Ashley Madison email list. Most of the emails threaten exposure, but others threatened DDoS, as well as...

SSL padlock icon

Phishing websites look more legit with SSL certs from major companies

The Web is full of deception, and it's sometimes still hard for people to figure out if the website they're viewing really is what it says it is.

green paper glasses with fake black paper mustache

Fake LinkedIn profiles lure unsuspecting users

No doubt you've received a LinkedIn invitation from someone you don't know -- or you're not sure you know. Next time, you might want to think a little harder before accepting.

Load More