Social Engineering

Social Engineering news, information, and how-to advice

07 amy schumer
diverse group seated in a circular classroom with professor in the middle

bitcoin on keyboard

BitPay insurance claim rejected due to contract wording

BitPay, a Bitcoin payment processor, was hacked in 2014. When it came to filing their insurance claim with Massachusetts Bay Insurance Company (MBIC), they rejected the filing, because the initial incident that led to the $1.85M theft...

russian military

Russian military attacked, possibly by Chinese cyber group

Members of the Russian military have been receiving well-crafted phishing emails since mid-summer from attackers that use Chinese-language tools and Chinese command-and-control installations, according to a report released yesterday

 taxes calclulator IRS 1040

Call recording on: Listen as an IRS scammer threatens us with arrest if money isn't paid

This story starts with an automated call. One that if answered, plays a poorly recorded message informing you it's "the final notice" from the IRS. The recording goes on to state that the IRS is planning a lawsuit against you, and if...

paypal headquarters

PayPal helpfully disables two-factor authentication via Twitter DM

Images posted to Imgur, by an unknown PayPal customer, show support reps disabling two-factor authentication on request, in order to resolve a support issue. However, the level of authentication that was established during the support...

golf sand trap

Think your security strategy is up to par? Think again!

The strategies that protected our organizations in the past are no longer relevant today. Attackers will leverage trust relationships, human weakness, and technology to subvert our defenses. Our security strategies must reflect the...

ashley madison app

Ashley Madison still a top lure for scammers and crooks

The Ashley Madison breach has been a Christmas-in-August present for spammers and scammers of all kinds, and your company could be the next target.

black hat 2015

Black Hat survey reveals a disconnect between losses and security program focus

The recently published Black Hat Attendee Survey primarily focused on the concerns of practitioners, including how they actually spent their times and the losses that they incurred. For now though, the most notable statistic is the...

cyberinsurance thinkstock

Cybercrime by wire fraud – what’s covered?

Perhaps the only thing worse than falling victim to a business email compromise or “CEO fraud” that results in millions of dollars in wire fraud theft – is wondering whether your insurance will cover any of the loss.

fbi seal

FBI issues supplier scam warning to businesses

The FBI's Internet Complaint Center (IC3) issued a warning last week about a type of scam that has exposed businesses to a total of $1.2 billion in losses, once the numbers from October 2013 until August 2015 are added up.

Phishing key

Phishing is a $3.7-million annual cost for average large company

The average 10,000-employee company spends $3.7 million a year on dealing with phishing attacks, according to a new report from the Ponemon Institute

too close darwin award

Most corporate risk due to just 1% of employees

Just 1 percent of employees are responsible for 75 percent of cloud-related enterprise security risk, and companies can dramatically reduce their exposure at very little additional cost by paying extra attention to these users.

hotel hp

Darkhotel expands targets, ups sophistication, leverages Hacking Team exploit

Darkhotel -- the elite spying group discovered luxury hotels' Wi-Fi networks last year -- is back with new targets, new defensive capabilities, and a new zero-day exploit courtesy of the Hacking Team leak

false identity

Ubiquiti Networks victim of $39 million social engineering attack

Ubiquiti Networks Inc in its SEC filings reveal they were the victim of a social engineering attack resulting in the loss of $39 million

1 title

Social Engineering: 6 commonly targeted data points that are poorly protected

It's the little things that cause the biggest problemsImage by ThinkstockThis week, thousands of hackers have traveled to Las Vegas to learn about the latest in security research and techniques during BSides Las Vegas and Black Hat....

google drove logo

Google Drive phishing is back -- with obfuscation

If you have a Google account and a stranger sends you a link to a document on Google Drive, think twice before clicking -- it could be a phishing scam designed to harvest your Google credentials

Hacking the Gibson in the movie “Hackers”

Modern APTs start at your corporate website

Have you ever though which role your corporate web applications may play in an APT attack against your company?

hackingteam hacked logo

Phishing attacks targeting government agencies linked to Hacking Team breach

In an alert on Friday, the FBI has issued a warning about an active phishing campaign targeting various government agencies in the U.S. The alert says that recent phishing emails and those from June targeted the Adobe Flash...

globe chess geopolitics

Cybersecurity and geopolitics are intertwined

Have you ever thought how the global economy and geopolitics influence cybersecurity and cybercrime? Some people may think that these are two completely different domains, however they are strongly and permanently related.

Load More