Social Engineering

Social Engineering news, information, and how-to advice

security phishing
low tech threats

credit card caught on a fishing hook concept for addiction to spending with credit or phishing 9178

Phishing spam gets 'Big Box Retailer' holiday makeover

Spam phishing emails have been updated for the holidays, with new themed emails pretending to update users on their order status from Costco, Target, Walmart, Walgreens, and Home Depot

oops keyboard

Do you create stupid users?

A week doesn’t go by where we read about some attack that is precipitated by bad user actions.

00 title

8 holiday scams and mistakes to avoid

You're not the only one feeling merry and bright this holiday season - so are the criminals! This time of year provides them with plenty of opportunities for Scrooge-worthy scams. Here's how to ensure all they'll get is coal in their...

holiday scams

Watch out for these 3 holiday shopping scams

The holiday shopping season is also the holiday scamming season. Whether you shop online or at the mall, be mindful of these three types of scams.

holiday scams

Hack the halls: Watch out for Cyber Monday scamathon

Cyber Monday is the biggest online shopping day of the year, which means it is also the single biggest opportunity for criminals to steal cash, personal information and credit card numbers, and they’ve got an imposing arsenal to carry...

spam

Scammers move from Ebola phishing to fundraising

Scammers routinely try to take advantage of humanitarian disasters to get people to open phishing emails, or to donate money to fake organizations. This month, they combined the two approaches, sending out approximately 700,000 spam...

phishing

Amazon phishing attacks pick up for holiday shopping season

Using brands such as Amazon and eBay, hackers are gearing up for the big holiday shipping season with a new collection of emails that are just too good not to click on.

colored flags

Social Engineers work in teams to harness the power of information

Proving once again that information viewed as harmless can often enable an attacker, the contestants in this years Social Engineering Capture the Flag (SECTF) contest at DEF CON 22 worked in teams of two in order to collect vital...

ransom note

Ransomware takes malware from bad to worse

To thwart attacks like CryptLocker, you need a multipronged defense; new technology doesn't hurt either

dropbox phishing

Dropbox used for Phishing expedition

Symantec says they've recently uncovered a Phishing scam targeting Dropbox users, where many of the elements needed to complete the scam are being hosted on Dropbox directly. Such a move helps lower resistance and bypass some network...

phishing

The human OS: Overdue for a social engineering patch

Security experts have been saying for years that humans are the weakest link in the security chain. They still are. Why haven't things improved? Training has to get a lot more frequent, and more effective, they say.

tv satellite dish

Ransomware attack knocks TV station off air

On Monday, The ABC had to suspend programming out of Sydney, Australia and move broadcasting to Melbourne after their network was targeted by Ransomware. The malware prevented normal operations, resulting in ABC News 24 going off air...

Phishing for passwords.

What to do in the aftermath of the JPMorgan breach

The compromise of 10s of millions of JPMorgan Chase accounts poses the greatest risk of phishing attacks on consumers and small businesses, experts say.

Binary wireless traffic stream speeding down the street.

Recently introduced TLDs create new opportunities for criminals

Top-level domains are supposed to be a way to focus the Internet. In reality, they've become a boon for registrars, who use them as an up sell and a goldmine for criminals who use them to bypass defenses.

ipad mini

How to avoid online scams when selling your old iPhone or iPad

James A. Martin was the target of a scam when he tried selling his iPad mini online. He didn't fall for it—and here's how you can make sure to avoid being defrauded, too.

Hackers launch Apple ID phishing campaign playing on iCloud security worries

Phishing emails masquerade as security alerts from Apple about rogue iTunes purchases, researchers from Symantec said

People talking illustration

Social media remains an easily exploitable attack surface

Twitter, like every other social platform, has an interesting attack surface; one that criminals have been exploiting for years. The instant connection to information offered by those platforms can be turned against their users,...

Phishing emails fool most employees. But is this their problem or email's?

Test finds people struggle to distiniguish real from fake

Load More