Tag: social engineering

May 4, 2017

The vast majority (82 percent) of users open email attachments if they appear to be from a known contact, despite the prevalence of well-known sophisticated social engineering attacks, according to Glasswall. Of these respondents, 44 percent open these email attachments […]

May 2, 2017

As a traveling consultant, I visit lots of businesses during the year and examine their security plans. For decades, I’ve secretly scoffed at what they’ve tried to do because it was often too little, too late—and misdirected. But these days, […]

April 24, 2017

Last August a Baltimore substance abuse treatment facility had its database hacked. Patient records subsequently found their way onto the Dark Web, according to DataBreaches.net. The group noticed such things as dates of admission, whether the patients are on methadone, […]

February 22, 2017

When it comes to social engineering, the devil really is in the details: you’re much more likely to believe the story of someone claiming fraudulently to be a colleague (or even claiming to be your CEO or CFO) if they […]

December 9, 2016

Winning your trust with a pack of believable lies, especially technical lies, is known as social engineering, and that’s how most ransomware works its way in. A recent spam campaign in Germany shows up the sort of techniques that cyber-criminals […]

September 22, 2016

You’ve trained them. You’ve deployed simulated phishing tests. You’ve reminded your employees countless times with posters and games and emails about avoiding phishing scams. Still, they keep falling for the same ploys they’ve been warned about for years. It’s enough […]

August 12, 2016

Most organizations’ external perimeter is pretty buttoned up.  But once you make it inside it’s still pretty weak. It’s a pretty quick operation to go from social engineering to exploit somebody’s workstation, to pivoting in the environment and escalate all […]

June 7, 2016

Over the weekend a screenshot circulating on Twitter caught our attention. Normally, this would be a one-off story for the weekly Rehashed round up, but this scam teaches a lesson that’s worth some focus. The lesson is that Social Engineering […]

April 12, 2016

FBI warns US companies about rising email scams that have cost businesses up to $2.3 billion since 2013. The FBI this month issued a warning on a dramatic surge in business email compromise (BEC) scams that have resulted in huge […]

November 25, 2015

While store managers and salespeople gear up for long lines, social engineering, and point-of-sale malware on Black Friday, CIOs and development teams gear up for fraudulent online purchases and Web-based data breaches on Cyber Monday. The most immediate concern is […]

October 29, 2015

In our article on organizational doxing we mentioned social engineering with a promise on detailing this subject. The connection is straightforward – malicious digital entities use doxing as part of their social engineering maneuvers. However, what does social engineering mean? […]

October 28, 2015

Computer users have often been warned to be wary of opening unsolicited email attachments because of the risk of malware infection, and yet many continue to be infected via precisely this method. In other words, the malicious hackers attempting to […]

October 21, 2015

A panel of #security professionals at the SC Congress in New York agreed that instead of using #phishing email “#social engineering” #tests to raise security threat awareness among employees they should turn it into a game. During the October 20 […]

October 12, 2015

No doubt you’ve received a #linkedin invitation from someone you don’t know — or you’re not sure you know. Next time, you might want to think a little harder before accepting. Researchers from Dell SecureWorks Counter Threat Unit have identified […]

October 7, 2015

The Counter Threat Unit (CTU), the Dell SecureWorks research team, uncovered an initiative by an Iran-based threat group it dubbed #threat group 2889, to create a network of fake #linkedin profiles for “obtaining confidential #information they can use for cyber […]

September 15, 2015

Although it may be tempting to imagine hackers as being shy and socially inept types, whose only human interaction is via their computers, this is an assumption which rarely corresponds to the reality. In fact, in some cases, the social […]

August 5, 2015

The latest types of security exploits target connected cars and airplanes. Attacks aiming the essential systems of these kind of machines take the idea of cyber warfare to a whole new level. Since firewalls cannot offer the needed degree of […]

July 28, 2014

Under the pretext of providing a method to hack into any Facebook account, cybercriminals incite unsuspecting users into pasting malicious code into their web browser. This scam is relied on social engineering, because all the scammer has to do is […]