Social Engineering

Social Engineering news, information, and how-to advice

Phishing with Benjamin

Happy New Year and welcome to XSS

CSO has launched a new blog geared towards consumers

phishing linkedin

Ham-fisted phishing attack seeks LinkedIn logins

The emails contain an HTML attachment that seems to be slipping past spam filters

00 title

Six Social Engineering tricks that can be avoided if you're careful

Social Engineers work on multiple levels. The key to their success is to target human nature and emotion.

social media

Social Engineering: The dangers of positive thinking

CSO Online recently spoke to a person working in the security field with a rather unique job. He's paid to break into places, such as banks and research facilities (both private and government), in order to test their resistance to...

security phishing hook

ICANN targeted by Spear Phishing attack, several systems impacted

ICANN posted details of a recent network intrusion on Tuesday, which originated from a Spear Phishing attack. Those responsible spoofed the ICANN domain, and fooled several employees into revealing their network credentials.

low tech threats

3 low-tech threats that lead to high-profile breaches

It seems like almost daily that we find a new front-page article about a sophisticated data breach. But, more often than not, data breaches are initiated by low tech means. Here are three common low-tech attack vectors, and...

credit card caught on a fishing hook concept for addiction to spending with credit or phishing 9178

Phishing spam gets 'Big Box Retailer' holiday makeover

Spam phishing emails have been updated for the holidays, with new themed emails pretending to update users on their order status from Costco, Target, Walmart, Walgreens, and Home Depot

oops keyboard

Do you create stupid users?

A week doesn’t go by where we read about some attack that is precipitated by bad user actions.

00 title

8 holiday scams and mistakes to avoid

You're not the only one feeling merry and bright this holiday season - so are the criminals! This time of year provides them with plenty of opportunities for Scrooge-worthy scams. Here's how to ensure all they'll get is coal in their...

holiday scams

Watch out for these 3 holiday shopping scams

The holiday shopping season is also the holiday scamming season. Whether you shop online or at the mall, be mindful of these three types of scams.

holiday scams

Hack the halls: Watch out for Cyber Monday scamathon

Cyber Monday is the biggest online shopping day of the year, which means it is also the single biggest opportunity for criminals to steal cash, personal information and credit card numbers, and they’ve got an imposing arsenal to carry...


Scammers move from Ebola phishing to fundraising

Scammers routinely try to take advantage of humanitarian disasters to get people to open phishing emails, or to donate money to fake organizations. This month, they combined the two approaches, sending out approximately 700,000 spam...


Amazon phishing attacks pick up for holiday shopping season

Using brands such as Amazon and eBay, hackers are gearing up for the big holiday shipping season with a new collection of emails that are just too good not to click on.

colored flags

Social Engineers work in teams to harness the power of information

Proving once again that information viewed as harmless can often enable an attacker, the contestants in this years Social Engineering Capture the Flag (SECTF) contest at DEF CON 22 worked in teams of two in order to collect vital...

ransom note

Ransomware takes malware from bad to worse

To thwart attacks like CryptLocker, you need a multipronged defense; new technology doesn't hurt either

dropbox phishing

Dropbox used for Phishing expedition

Symantec says they've recently uncovered a Phishing scam targeting Dropbox users, where many of the elements needed to complete the scam are being hosted on Dropbox directly. Such a move helps lower resistance and bypass some network...


The human OS: Overdue for a social engineering patch

Security experts have been saying for years that humans are the weakest link in the security chain. They still are. Why haven't things improved? Training has to get a lot more frequent, and more effective, they say.

tv satellite dish

Ransomware attack knocks TV station off air

On Monday, The ABC had to suspend programming out of Sydney, Australia and move broadcasting to Melbourne after their network was targeted by Ransomware. The malware prevented normal operations, resulting in ABC News 24 going off air...

Phishing for passwords.

What to do in the aftermath of the JPMorgan breach

The compromise of 10s of millions of JPMorgan Chase accounts poses the greatest risk of phishing attacks on consumers and small businesses, experts say.

Load More