Social Engineering

Social Engineering | News, how-tos, features, reviews, and videos

fishing phishing survival competition different point of view
Cloud security threats  >  theft / breach / fraud / phishing

digital network privacy - eavesdropping

New DownEx malware campaign targets Central Asia

While the attacks have not been attributed to any specific threat actor, it is likely that a Russian group is responsible for the attacks, according to researchers at Bitdefender.

hacker hack attacke cyber malware keyboard

Malware disguised as ChatGPT apps are being used to lure victims, Meta says

Since March, Meta has discovered malware using ChatGPT and other AI themes to steal user data and compromise business accounts.

Person holding phone near a laptop while getting two-factor authentication info

Google rolls out passkey support across accounts on all major platforms

Passkeys for Google Accounts are available now while Google Workspace administrators will soon be able to enable passkeys for their end-users.

email popup warning window phishing cybersecurity security

Attacks increasingly use malicious HTML email attachments

New research shows that up to a half of all HTML email attachments are malicious, and not just because of a few massive campaigns.

Detecting phishing attempts  >  A magnifying lens spots a hook trying to catch a fish.

Iranian hacking group targets Israel with improved phishing attacks

Research by CheckPoint presents a new and improved infection chain leading to the deployment of a new version of a Windows backdoor called PowerLess.

170301 mwc 03078

Akamai debuts Brand Protector service to combat phishing, online forgery

A new product from cloud services provider Akamai takes aim at online fakery by automating protection of a user’s brand and web presence.

A hook is cast at laptop email with fishing lures amid abstract data.

ZeroFox partners with Google Cloud to warn users against phishing domains

If a URL or domain flagged by ZeroFox is validated as malicious, Google will provide a warning message to users across its 5 billion devices in a matter of minutes, advising them not to access the domain in question.

social media network interaction

North Korean threat actor APT43 pivots back to strategic cyberespionage

The APT43 group is highly adept at using social engineering to target individuals and extract sensitive information.

email popup warning window phishing cybersecurity security

7 guidelines for identifying and mitigating AI-enabled phishing campaigns

Phishing has always been a thorn in the side of enterprise cybersecurity, and recent AI developments such as ChatGPT are making things even worse. Here are some guidelines for dealing with the increasingly sophisticated phishing...

pharming  >  faudulent website redirect

Dark Pink APT group linked to new KamiKakaBot attacks in Southeast Asia

The latest APT cyberattacks on ASEAN countries use similar techniques as a previous Dark Pink KamiKakaBot campaign, including phishing.

blocking spam e mail warning pop up phishing mail network security laptop computer

6 reasons why your anti-phishing strategy isn’t working

Phishing is such a successful scam that appears to be here to stay — and only get more effective. From over-reliance on technology to confusing and counterproductive training, here are six reasons why your anti-phishing strategy might...

New cyberattack tactics rise up as ransomware payouts increase

Although threat actors continue to use phishing, brand impersonation, and business email compromise (BEC) as common tactics, use of less familiar attack methods to infiltrate global organizations have picked up, Proofpoint says.

social engineering fraud impersonation neon face with hoodie by photo by sebastiaan stam on unsplash

HTML smuggling campaigns impersonate well-known brands to deliver malware

Researchers cite an increased prevalence of HTML smuggling activity including impersonation of brands such as Adobe Acrobat, Google Drive, and the US Postal Service.

API security alert / software development / application flow chart diagram

Microsoft attributes Charlie Hebdo attacks to Iranian nation-state threat group

NEPTUNIUM group claims access to the personal information of more than 200,000 Charlie Hebdo customers and uses sockpuppet accounts to taunt France’s cybersecurity sector.

chatbot_ChatGPT_AI_artificial intelligence_bot_assistant_shutterstock 1901618698

How AI chatbot ChatGPT changes the phishing game

The Microsoft-backed free chatbot is improving fast and can not only write emails, essays but can also code. ChatGPT is also polyglot and that could facilitate and increase exponentially phishing attacks.

Impersonation / disguise / fraud / false identity / identity theft

Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams

Researchers demonstrate how attackers can use the GPT-3 natural language model to launch more effective, harder-to-detect phishing and business email compromise campaigns.

Phishing attack   >   A fish hook hover above binary code with a caution triangle.

Attackers use stolen banking data as phishing lure to deploy BitRAT

Data from an older breach lends credibility to this newer sophisticated attack that delivers a highly obfuscated payload.

Social media threats / risks / dangers / headaches  >  Text bubbles bearing danger signs

Social media use can put companies at risk: Here are some ways to mitigate the danger

Using social media can expose company and employee data, and misuse could harm organizational reputation. Here are some tips that can help reduce the risk.

Load More
You Might Also Like