UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Social Engineering

Social Engineering | News, how-tos, features, reviews, and videos

CSO slideshow - Insider Security Breaches - Two-faced businessman removes his mask in a binary world

Feature

What is pretexting? Definition, examples and prevention

Pretexting is form of social engineering in which an attacker comes up with a story to convince a victim to give up valuable information or access to a service or system.

An unknown number calls a mobile phone amid pixelated data.

Feature

Vishing explained: How voice phishing attacks scam victims

Vishing (voice phishing) is a form of attack that attempts to trick victims into giving up sensitive personal information over the phone.

coronavirus closed for business surgical mask bby tim mossholder via unsplash .artistgndphotographe

Analysis

What your business can do about the coronavirus ... right now

The Covid-19 crisis is the Black Swan event of our lifetime. Here's how to hold it all together (while keeping employees apart).

Social media threat / danger / risk > Text bubbles interact, one bearing skull + crossbones

Feature

Social engineering explained: How criminals exploit human behavior

Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems or data.

Fraud / deception / social engineering > A wolf in sheep's clothing in a binary environment.

Feature

10 signs you're being socially engineered

Scammers will try to trick you and your organization's users into giving up credentials or other sensitive date. Be skeptical if you see any of these signs.

cybersecurity controls

Feature

The 5 CIS controls you should implement first

The CIS Critical Security Controls list (formerly the SANS Top 20 controls) has been the gold standard for security defense advice. These are the tasks you should do first.

Mastery of technology skills + knowledge.

Opinion

12 things every computer security pro should know

Fighting the good fight takes specialized knowledge. Here's the baseline of what all security pros should know.

CSO > high-value targets > binary targeting of executives

Feature

Developing personal OPSEC plans: 10 tips for protecting high-value targets

Attackers are increasingly targeting executives and employees who have access to sensitive enterprise data. Here's how to protect those individuals with personal OPSEC plans.

Smishing, an SMS phishing attack / Vishing, a voice phishing attack by phone

InfoSec at Your ServiceBy Michelle Drolet

Smishing and vishing: How these cyber attacks work and how to prevent them

Smishing and vishing are types of phishing attacks that try to lure victims via SMS message and voice calls. Both rely on the same emotional appeals employed in traditional phishing scams and are designed to drive you into urgent...

CSO > wolf in sheeps clothing / fraud / identity theft / social engineering

Feature

Famous social engineering attacks: 12 crafty cons

This rogues gallery of social engineering attack examples made headlines by taking advantage of human nature.

business intelligence crowd binary virtual world

Opinion

How attackers identify your organization's weakest links

Understanding the techniques and tools attackers use in targeted phishing attacks.

6 handling email phishing

Crossroads of Cybersecurity and the LawBy Michael R. Overly

Business email compromise: The odds of being a victim are increasing

Given the growth over the last few years in BEC and EAC fraud, businesses should educate employees about the risks involved and red flags of this activity.

CSO > Invalidated cyber insurance

Feature

Does your cyber insurance cover social engineering? Read the fine print

Some cyber insurance policies will pay only a small fraction of damages if an attacker used social engineering. Here's how to estimate the risk.

A school of barracuda in the ocean.

Review

Review: SlashNext is like shooting phish in a barrel

SlashNext is a dedicated platform for combating modern phishing attacks. It does that one thing and it does it very well.

patching against ransomware

News Analysis

The three most important ways to defend against security threats

Patching, security training programs and password management will thwart attacks more effectively than anything else. You're already doing them. Here's how to do them better.

What it takes to become an information assurance analyst

This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...

Fraud prevention: Improving internal controls

Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.

What it takes to become an IT security engineer

The role is a fairly new one in many companies, and qualified candidates are in high demand. Learn how one IT security engineer landed his current job, the skills and training that helped him get there, and where his sights are set...

Load More

Popular Resources

Case Study
Sponsored

Akamai Customer Success Story: Educational Testing Service
Video/Webcast
Sponsored

By the numbers: Are Data & Analytics Pandemic-Proof?
Video/Webcast
Sponsored

How to Secure Your Cloud with CIS
Analyst Report
Sponsored

Gartner 2020 Magic Quadrant for Access Management
Video/Webcast
Sponsored

Automation for Growth: Using Integration as a Competitive Advantage

See All

Most Popular