Social Engineering

Social Engineering | News, how-tos, features, reviews, and videos

spam pixabay

Over 1 million monthly spam emails spreading new Adwind RAT variants

The newly repackaged Adwind remote access Trojan can monitor user activity, log keystrokes, take screenshots, download malicious files, and record video and audio.

phishing hack scam malware binary code

GreatHorn detects the most carefully planned email attacks

Its ability to unmask phishing and social engineering attacks based on context truly sets it apart.

spearfishing trap

Forget Facebook, Twitter or Google – it’s the internet’s 'dark triad' that we need to protect ourselves against

Those platforms and services are mere vehicles providing a convenient platform for what was a much larger propaganda process made possible by spear phishing, trolling and fake news.

email virus threat attack

Business email fraud – financial scams under the guise of authority

A 1,300% increase in losses resulting from business email compromise is nothing short of an epidemic.

9 expand knowledge training

Employee training remains the best first line of defense against cybersecurity breaches

Ongoing training about current and future security issues is just not on the radar screen of most companies. That has to change.

ransomware

Ransomware damage costs predicted to hit $11.5B by 2019

The rising ransomware costs are driven by an uptick in the frequency of attacks, which is expected to rise to an attack every 14 seconds.

10 phishing

Why you should fear phishing more than data breaches

A recent study from Google and UC Berkeley examined the various ways accounts are compromised, and determined that phishing attacks – not data breaches – pose the most risk to users when it comes to lost access.

11 phish

5 ways to minimize phishing attacks

Social engineering and phishing remain two of the most effective methods of attacking systems and networks. Here are five quick wins to help improve your security.

cybersecurity awareness month

6 reasons why awareness programs fail even when following best practices

Taking into account the traditional critical success factors of security awareness may not be enough to create a security aware environment.

cyber security

What the good guys are up against: a roundup of popular attack vectors

To help the defenders know what they’re up against, here are some of the attack vectors that have been frequently used in recent months

cybersecurity ts

5 worst cybersecurity habits with catastrophic consequences

These cybersecurity habits can have devastating effects. Make sure you — and your employees — aren't following them.

money bundles of US dollars

Social engineer bank robber arrested weeks after successful $142,000 heist

A Malaysian bank robber who used social engineering as his primary weapon in a string of thefts was recently arrested at his home in Batu Berendam, Malacca, three weeks after successfully walking away with $142,000 (RM600,000) by...

spearfishing trap

Multi-stage spear phishing – bait, hook and catch

Multiple step spear phishing is the latest iteration in social engineering from sophisticated cyber criminals.

p1240381 11

Scammers sent follow-up emails in Office 365 phishing campaign

As previously reported on Salted Hash, a recent phishing email looking to harvest credentials was actually part of an ongoing phishing campaign targeting Office 365 customers. The campaign has been going on since late 2016, and is...

p1240300 5

Office 365 Phishing attacks create a sustained insider nightmare for IT

Earlier this month, Salted Hash deconstructed a Phishing email that had bypassed company filters and made into the general inbox. The email focused on an outdated subdivision, and was easily spotted as a scam. However, we've since...

cyber security

A note to mom about cybersecurity

I wanted to put this advice in simple terms that people who didn’t obsess about security and privacy could understand. And so I came up with this “Cybersecurity Pledge” that I’m going to send to my friends and family. I’ll start with...

cybersecurity shield and gear image

Please don't send me to cybersecurity training

Training providers offer unique twists to help engage employees on security awareness education and make the process less painful.

phishing threat

Back to school, part 2: no whaling allowed!

5 security safeguards to keep the CEO out of hot water.

p1240307 6

Office 365 phishing – A quick look at a recent example

On Thursday, an interesting email showed up in my inbox. The message says there are emails pending, because I've used 98-percent of my storage space. In order to fix this, I needed to download and save the attached configuration. The...

knife lanyard knot untangle rope

Mimecast’s newly discovered email exploit isn’t a vulnerability, it’s a feature

Mimecast, a Boston-based email security firm, claims to have discovered a new email exploit. The exploit itself centers on the fact that an attacker who sends an HTML-based email linking to an external CSS file can "edit any text in...

Load More