Security News

How social engineering attacks are evolving beyond email
2022-06-16 04:35

In this Help Net Security video, Chris Lehman, CEO at SafeGuard Cyber, talks about how adversaries are moving beyond email to attack companies through a wide range of digital communications platforms, including mobile messaging, collaboration, conferencing, CRM and social media. These social engineering attacks are difficult to detect and bypass standard security controls.

Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again
2022-06-03 13:46

Ransomware and social engineering continue to dominate challenges facing cybersecurity professionals, according to Verizon's 15th annual Data Breach Investigations Report. In general, the results of DBIR merely confirm well-established trends, such as the growing threats of ransomware - up 13% this year - and the inescapability of the "Human element", which was tied to 82% of all breaches.

[White Paper] Social Engineering: What You Need to Know to Stay Resilient
2022-05-11 05:43

By preying on human emotion, social engineering scams inflict billions of dollars of damage with minimal planning or expertise. Recent research reveals that social engineering is leveraged in 98% of attacks.

FBI: Payment app users targeted in social engineering attacks
2022-04-14 21:53

Cybercriminals are attempting to trick American users of digital payment apps into making instant money transfers in social engineering attacks using text messages with fake bank fraud alerts. "Under the pretext of reversing the fake money transfer, victims are swindled into sending payment to bank accounts under the control of the cyber actors," the FBI said.

Morgan Stanley client accounts breached in social engineering attacks
2022-03-24 22:47

Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised in social engineering attacks. The company said in a notice sent to affected clients that, "On or around February 11, 2022," a threat actor impersonating Morgan Stanley gained access to their accounts after tricking them into providing their Morgan Stanley Online account info.

Verify End-Users at the Helpdesk to Prevent Social Engineering Cyber Attack
2021-10-11 07:20

Although organizations commonly go to great lengths to address security vulnerabilities that may exist within their IT infrastructure, an organization's helpdesk might pose a bigger threat due to social engineering attacks. There are many different types of social engineering schemes but one is area of vulnerability is how social engineering might be used against a helpdesk technician to steal a user's credentials.

Ongoing Bitcoin Scams Demonstrate Power of Social Engineering Triggers
2021-05-24 14:09

Bitcoin scams have soared over the last seven months. The surge started around October 2020, and the scams are continuing today.

Perl.com theft blamed on social engineering attack: Registrar 'convinced' to alter DNS records by miscreants
2021-03-02 08:25

The short-lived theft of Perl.com in late January is believed to have been the result of a social engineering attack that convinced registrar Network Solutions to alter the domain's records without valid authorization. The Register wrote about the domain takeover at the time and, as Foy put it, "The Register had spot-on reporting from the start as did Paul Ducklin at Sophos."

S3 Ep12: A chat with social engineering hacker Rachel Tobac [Podcast]
2020-12-24 12:25

How do you go from neuroscientist to DEFCON Social Engineering Capture the Flag champ? Find out from hacker and social engineering expert Rachel Tobac! Join us for a fascinating interview with Rachel about her journey, why you should always be "Politely paranoid", and the people who inspired her along the way.

6 persuasion tactics used in social engineering attacks
2020-12-23 19:02

IT security teams need to educate employees about the psychological techniques cybercriminals often use in social engineering attacks. This type of automated response is not lost upon cybercriminals, nor on Chris Poulin, who was a strategist at IBM's X-Force, when he wrote his IBM Security Intelligence commentary 6 Psychological Elements Behind Sophisticated Cyber Attacks, which looks at how cybercriminals leverage human traits to improve their odds of a successful attack.