Social Engineering

Social Engineering news, information, and how-to advice

securitysmart primary
north korea statue pyongyang

patching against ransomware

The two most important ways to defend against security threats

Patching and security training programs will thwart attacks more effectively than anything else. You're already doing them. Here's how to do them better.

hacker person using laptop

Train your employees — before someone else does

Slashing overhead often means cutting training budgets, but unintended side effects often include employee attrition, poor performance, or even breach of your organization and loss of intellectual property.

linkedin

Espionage: Germany unmasks fake Chinese LinkedIn profiles

Germany's BfV says Chinese intelligence services targeted more than 10,000 German citizens in a massive social engineering effort that included LinkedIn.

spam pixabay

Over 1 million monthly spam emails spreading new Adwind RAT variants

The newly repackaged Adwind remote access Trojan can monitor user activity, log keystrokes, take screenshots, download malicious files, and record video and audio.

phishing hack scam malware binary code

GreatHorn detects the most carefully planned email attacks

Its ability to unmask phishing and social engineering attacks based on context truly sets it apart.

spearfishing trap

Forget Facebook, Twitter or Google – it’s the internet’s 'dark triad' that we need to protect ourselves against

Those platforms and services are mere vehicles providing a convenient platform for what was a much larger propaganda process made possible by spear phishing, trolling and fake news.

email virus threat attack

Business email fraud – financial scams under the guise of authority

A 1,300% increase in losses resulting from business email compromise is nothing short of an epidemic.

9 expand knowledge training

Employee training remains the best first line of defense against cybersecurity breaches

Ongoing training about current and future security issues is just not on the radar screen of most companies. That has to change.

ransomware

Ransomware damage costs predicted to hit $11.5B by 2019

The rising ransomware costs are driven by an uptick in the frequency of attacks, which is expected to rise to an attack every 14 seconds.

10 phishing

Why you should fear phishing more than data breaches

A recent study from Google and UC Berkeley examined the various ways accounts are compromised, and determined that phishing attacks – not data breaches – pose the most risk to users when it comes to lost access.

11 phish

5 ways to minimize phishing attacks

Social engineering and phishing remain two of the most effective methods of attacking systems and networks. Here are five quick wins to help improve your security.

cybersecurity awareness month

6 reasons why awareness programs fail even when following best practices

Taking into account the traditional critical success factors of security awareness may not be enough to create a security aware environment.

cyber security

What the good guys are up against: a roundup of popular attack vectors

To help the defenders know what they’re up against, here are some of the attack vectors that have been frequently used in recent months

cybersecurity ts

5 worst cybersecurity habits with catastrophic consequences

These cybersecurity habits can have devastating effects. Make sure you — and your employees — aren't following them.

money bundles of US dollars

Social engineer bank robber arrested weeks after successful $142,000 heist

A Malaysian bank robber who used social engineering as his primary weapon in a string of thefts was recently arrested at his home in Batu Berendam, Malacca, three weeks after successfully walking away with $142,000 (RM600,000) by...

spearfishing trap

Multi-stage spear phishing – bait, hook and catch

Multiple step spear phishing is the latest iteration in social engineering from sophisticated cyber criminals.

p1240381 11

Scammers sent follow-up emails in Office 365 phishing campaign

As previously reported on Salted Hash, a recent phishing email looking to harvest credentials was actually part of an ongoing phishing campaign targeting Office 365 customers. The campaign has been going on since late 2016, and is...

p1240300 5

Office 365 Phishing attacks create a sustained insider nightmare for IT

Earlier this month, Salted Hash deconstructed a Phishing email that had bypassed company filters and made into the general inbox. The email focused on an outdated subdivision, and was easily spotted as a scam. However, we've since...

Load More