Social Engineering

Social Engineering news, information, and how-to advice

money bundles of US dollars

Social engineer bank robber arrested weeks after successful $142,000 heist

A Malaysian bank robber who used social engineering as his primary weapon in a string of thefts was recently arrested at his home in Batu Berendam, Malacca, three weeks after successfully walking away with $142,000 (RM600,000) by...

spearfishing trap

Multi-stage spear phishing – bait, hook and catch

Multiple step spear phishing is the latest iteration in social engineering from sophisticated cyber criminals.

p1240381 11

Scammers sent follow-up emails in Office 365 phishing campaign

As previously reported on Salted Hash, a recent phishing email looking to harvest credentials was actually part of an ongoing phishing campaign targeting Office 365 customers. The campaign has been going on since late 2016, and is...

p1240300 5

Office 365 Phishing attacks create a sustained insider nightmare for IT

Earlier this month, Salted Hash deconstructed a Phishing email that had bypassed company filters and made into the general inbox. The email focused on an outdated subdivision, and was easily spotted as a scam. However, we've since...

cyber security

A note to mom about cybersecurity

I wanted to put this advice in simple terms that people who didn’t obsess about security and privacy could understand. And so I came up with this “Cybersecurity Pledge” that I’m going to send to my friends and family. I’ll start with...

cybersecurity shield and gear image

Please don't send me to cybersecurity training

Training providers offer unique twists to help engage employees on security awareness education and make the process less painful.

phishing threat

Back to school, part 2: no whaling allowed!

5 security safeguards to keep the CEO out of hot water.

p1240307 6

Office 365 phishing – A quick look at a recent example

On Thursday, an interesting email showed up in my inbox. The message says there are emails pending, because I've used 98-percent of my storage space. In order to fix this, I needed to download and save the attached configuration. The...

Quantum Break

Chinese citizen tries to steal advanced robotic technology IP

Medrobotics' CEO caught Dong Liu in the company's conference room attempting to steal advanced robotic intellectual property.

knife lanyard knot untangle rope

Mimecast’s newly discovered email exploit isn’t a vulnerability, it’s a feature

Mimecast, a Boston-based email security firm, claims to have discovered a new email exploit. The exploit itself centers on the fact that an attacker who sends an HTML-based email linking to an external CSS file can "edit any text in...

tom pendergast in the alps

Take a vacation—just not from cybersecurity best practices!

If you’re a person with privileged access in a company—executives, yes, but IT and finance and more—a criminal who has been watching your company and watching you personally could easily gather enough clues about you and your company...

cyberattack laptop arrows war fight

The 5 types of cyber attack you're most likely to face

Don't be distracted by the exploit of the week. Invest your time and money defending against the threats you're apt to confront.

phishing threat

Attackers experimenting with CVE-2017-0199 in recent phishing attacks

Researchers at Trend Micro and Cisco's Talos have identified a new wave of Phishing attacks leveraging CVE-2017-0199, a previously-patched remote code execution vulnerability in the OLE (Windows Object Linking and Embedding) interface...

eliminate insider threats 1

IT's 9 biggest security threats

As this list of the biggest security threats shows, hacking has evolved from a one-person crime of opportunity to an open market of sophisticated malware backed by crime syndicates and money launderers.

socengentry

What is social engineering? How criminals take advantage of human behavior

Social engineering is essentially the art of gaining access to buildings, systems or data by exploiting human psychology, rather than by breaking in or using technical hacking techniques. Here are answers to some frequently asked...

mobile security phones

Five new threats to your mobile security

Cyber criminals are stepping up their attacks on mobile devices with new weapons and variations on old ones.

3 phishing

11 tips to prevent phishing

From rewarding employees for savvy security smarts, to showing them how breaches are relevant to their every-day duties, we've got the phishing prevention tips you need.

group of millennials using mobile devices

8 ways millennials impact your security awareness program

The millennial generation has arrived. Is your awareness program up to the challenge?

chinese espionage

U.S. defense contractor arrested for giving U.S. secrets to Chinese operatives

Kevin Mallory, a U.S. defense contractor, was arrested for allegedly passing secret and top secret U.S. documents to Chinese intelligence.

telephone operators 1952

Developer uses code to get revenge on tech support and IRS scammers

Tech support and IRS scams have become as common as random emails proclaiming that you've won the lottery, or emails from prince in some foreign land who wants to share their wealth. One potential victim used a bit of code to take...

Load More
You Might Also Like