Blog, Education, Security Awareness and Social Engineering

Blog

Education

Security Awareness

Social Engineering

Concession in Social Engineering

Security Through Education

APRIL 23, 2024

Unknowingly, you have just succumbed to a technique we in social engineering refer to as “ concession.” What are ways we can be more aware of concession being used against us? Now imagine how powerful this would be when leveraged maliciously by a professional social engineer! “Oh, I can’t afford that!”

Social Engineering

Social Engineering Engineering Security Awareness Risk

The Psychic and the Social Engineer

Security Through Education

NOVEMBER 30, 2022

By now you may be guessing what the psychic and the social engineer have in common. Both use techniques such as using social cues, making broad statements, and using probability to create the illusion of credibility. Similarly, a professional social engineer must exhibit confidence and never break pretext.

Social Engineering

Social Engineering Engineering Education Technology

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

The Last Watchdog

JANUARY 2, 2024

Lack of security awareness and education. Often, employees within organizations lack sufficient security awareness and education. This lack of knowledge makes them susceptible to phishing attacks, social engineering, and other cyber threats. Conduct regular security testing and code reviews.

Cyber Risk

Cyber Risk Risk Education Security Awareness

How to Build Successful Security Awareness Training Programs in 2021 and Beyond

Webroot

DECEMBER 22, 2020

Security awareness training is one of the most straightforward ways to improve a business’ overall resilience against cyberattacks. To help you get started, here are our top 5 recommendations for starting your security awareness program so you can maximize the impact of your efforts. That is, when you get it just right.

Security Awareness

Security Awareness Social Engineering Phishing Engineering

IDENTITY MANAGEMENT DAY 2023: Advice from Cyber Pros

CyberSecurity Insiders

APRIL 10, 2023

This day serves as an annual reminder to increase awareness and education for leaders, IT decision-makers and the general public on the importance of identity management. Why is identity management and security important in 2023? “In Security awareness programs for all employees.

Identity Theft

Identity Theft Education Authentication Data breaches

GUEST ESSAY: 5 anti-phishing training tools that can reduce employees’ susceptibility to scams

The Last Watchdog

NOVEMBER 27, 2018

PhishMe’s online forum provides a series of scenarios, landing pages, attachments and educational pages. This is a platform for security awareness training and simulated phishing tests focusing on the problem of social-engineering. A free test is provided for up-to 100 employees.

Phishing

Phishing Scams Social Engineering Education

Hybrid phishing and vishing attacks hunt for credit card info

SC Magazine

JUNE 24, 2021

A new blog post report has shone a light on the malicious practice known as voice phishing or vishing – a social engineering tactic that some cyber experts say has only grown in prominence since COVID-19 forced employees to work from home. A recently reported phishing and vishing campaign was designed to impersonate Geek Squad.

Phishing

Phishing Social Engineering Scams Engineering

Phishing Awareness: Tools to Keep Your Users Safe

SecureWorld News

JANUARY 28, 2022

In this blog, we'll focus on some common phishing campaigns that our threat intelligence has seen in the wild, and the lessons your users can take away from these and other materials in our latest Phishing Awareness Kit. Use the Proofpoint Phishing Awareness Kit to raise phishing awareness and educate your users.

Phishing

Phishing Education Social Engineering Security Awareness

Cyber CEO – Cyber Hygiene is More Critical for Your Business Now Than Ever Before – Here’s Why

Herjavec Group

MAY 19, 2022

Conduct regular social engineering tests on your employees to actively demonstrate where improvements need to be made. Hackers are routinely attempting novel ways to infiltrate corporate networks so it’s important to ensure that your employees are aware of how their online behavior can make them – and you – more vulnerable.

Penetration Testing

Penetration Testing Social Engineering Cybercrime InfoSec

Staying a Step Ahead of the Hack

Webroot

DECEMBER 11, 2020

Hackers, never at a loss for creative deception, have engineered new tactics for exploiting the weakest links in the cybersecurity chain: ourselves! Social engineering and business email compromise (BEC) are two related cyberattack vectors that rely on human error to bypass the technology defenses businesses deploy to deter malware.

Hacking

Hacking Social Engineering Engineering Phishing

Phishing scheme shows CEOs may be ‘most valuable asset,’ and ‘greatest vulnerability’

SC Magazine

JANUARY 26, 2021

The scheme highlights the role and responsibility upper management plays in ensuring the security of their own company’s assets. are obviously the main targets of the threat actors that use the Office 365 V4 phishing kit,” the blog post concluded. “As Based on the data distribution, CEOs in the U.S.

Phishing

Phishing Passwords Security Awareness Social Engineering

Security awareness training: An educational asset you can’t be without

Webroot

JANUARY 19, 2022

Being aware is the first step towards protecting your business. Security awareness training (SAT) can help. What is Security Awareness Training? Security awareness training is a proven, knowledge-based approach to empowering employees to recognize and avoid security compromises while using business devices.

Security Awareness

Security Awareness Education Phishing Social Engineering

Be Wary of Scammers in the Holiday Season

Security Through Education

DECEMBER 21, 2022

Only through learning about the tactic’s scammers use can we truly continue to improve our own personal security. At Social Engineer LLC, our purpose is to bring education and awareness to all users of technology.

Scams

Scams Phishing Social Engineering Risk

Hacker Personas Explained: Know Your Enemy and Protect Your Business

Webroot

FEBRUARY 11, 2021

As we mentioned in a previous blog , hackers come in many forms, but their methods can generally be classified into three distinct types of cybercriminals: The Impersonator – Hackers that pretend to be others, often using social engineering and human psychology to trick users.

Scams

Scams Phishing Firewall Social Engineering

How to Stop Phishing Attacks with Protective DNS

Security Boulevard

OCTOBER 2, 2023

This blog examines the escalating phishing landscape, shortcomings of common anti-phishing approaches, and why implementing a Protective DNS service as part of a layered defense provides the most effective solution. User education is unreliable when faced with highly-refined psychological manipulation tailored to override caution.

DNS

DNS Phishing Social Engineering Engineering

Intro to phishing: simulating attacks to build resiliency

Security Affairs

APRIL 21, 2023

Original post at [link] While organizations must still account for flashy vulnerability exploitations, denial-of-service campaigns, or movie-themed cyber-heists, phishing-based social engineering attacks remain a perennial choice of cybercriminals when it comes to hacking their victims.

Phishing

Phishing Social Engineering Security Awareness Passwords

Understand Your Staff: How Insiders Shape Defenses

Security Boulevard

FEBRUARY 26, 2021

This vastly increased mobility, cloud computing and social networking usage; in some cases, this transition occurred before companies and staff were fully prepared. Enterprises and their staff dealt with a lot of change in 2020. The pandemic and resulting lockdowns forced organizations to allow staff to work from home.

Mobile

Mobile Social Engineering CISO Security Awareness

The Life and Death of Passwords: Improving Security With Passwords and People

Duo's Security Blog

MARCH 28, 2023

Street, a self-described “hacker-helper-human,” contemplates bad password advice, investing in human behavior, and why social engineering continues to work. See the video at the blog post. Humans are not the weakest link in information security. They’re the least invested in for security. I’ve fallen for a phish.

Passwords

Passwords Social Engineering Phishing Technology

Threat Report Portugal: Q3 & Q4 2022

Security Affairs

APRIL 6, 2023

This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipate emerging threats, and manage security awareness in a better way. He is also a founding member and Pentester at CSIRT.UBI and founder of the security computer blog seguranca–informatica.pt.

Threat Reports

Threat Reports Phishing Malware Banking

Cyber Security Informer

Concession in Social Engineering

The Psychic and the Social Engineer

Trending Sources

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

How to Build Successful Security Awareness Training Programs in 2021 and Beyond

IDENTITY MANAGEMENT DAY 2023: Advice from Cyber Pros

GUEST ESSAY: 5 anti-phishing training tools that can reduce employees’ susceptibility to scams

Hybrid phishing and vishing attacks hunt for credit card info

Phishing Awareness: Tools to Keep Your Users Safe

Cyber CEO – Cyber Hygiene is More Critical for Your Business Now Than Ever Before – Here’s Why

Staying a Step Ahead of the Hack

Phishing scheme shows CEOs may be ‘most valuable asset,’ and ‘greatest vulnerability’

Security awareness training: An educational asset you can’t be without

Be Wary of Scammers in the Holiday Season

Hacker Personas Explained: Know Your Enemy and Protect Your Business

How to Stop Phishing Attacks with Protective DNS

Intro to phishing: simulating attacks to build resiliency

Understand Your Staff: How Insiders Shape Defenses

The Life and Death of Passwords: Improving Security With Passwords and People

Threat Report Portugal: Q3 & Q4 2022

Stay Connected