Webroot

FEBRUARY 22, 2022

According to the latest ISACA State of Security 2021 report , social engineering is the leading cause of compromises experienced by organizations. Findings from the Verizon 2021 Data Breach Investigations Report also point to social engineering as the most common data breach attack method. Avoid becoming a victim.

Social Engineering 116

Social Engineering Engineering Cybercrime Hacking 116

Security Through Education

FEBRUARY 20, 2024

In the ever-evolving landscape of cybersecurity, social engineering has undergone significant transformations over the years, propelled by advancements in technology. This article delves into the historical shifts in social engineering tactics and explores how adversaries embrace new technologies to achieve their objectives.

Social Engineering 109

Social Engineering Artificial Intelligence Engineering Phishing 109

NetSpi Executives

OCTOBER 25, 2024

This year’s theme is “Secure Our World” with an emphasis on recognizing phishing and vishing attempts – two prevalent tactics used by bad actors to exploit unsuspecting individuals. Part of the requirements for a standard phishing test is allowlisting our sending domains. However, no emails were opened during this initial campaign.

Social Engineering 98

Social Engineering Engineering Phishing Penetration Testing 98

Duo's Security Blog

DECEMBER 14, 2023

But as it turns out, John was a victim of a phishing scam, a type of social engineering attack where the cybercriminal impersonated John’s IT department to gain his trust and trick him into revealing his login credentials. What is social engineering? Every day criminals send millions of phishing emails.

Social Engineering 130

Social Engineering Engineering Phishing Passwords 130

Duo's Security Blog

JUNE 19, 2025

Phishing-resistant MFA is the answer, but—it’s been notoriously difficult to implement at scale for all workers and all use cases. At Duo, we’re working to make phishing-resistant authentication not only the strongest defense against identity-based attacks, but also easy to deploy and manage. In fact, they’ve come to expect it.

Phishing 64

Phishing Social Engineering Authentication Engineering 64

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!

Scams 241

Scams Cybercrime Cryptocurrency Social Engineering 241

Heimadal Security

FEBRUARY 28, 2025

Phishing scams are no longer just poorly written emails full of typos. Todays sophisticated back-end technologies take phishing and social engineering to the next level. The era of messages from long-lost, wealthy relatives leaving fortunes to unknown heirs has passed its peak.

Scams 59

Scams Phishing Social Engineering Engineering 59

Duo's Security Blog

MAY 28, 2025

The Duo difference: End-to-end phishing resistance For too long, defenders have focused solely on login protection with multi-factor authentication (MFA). Duos IAM solution rises to this challenge by now offering end-to-end phishing resistance as a core feature, delivered right out of the box. This creates a real identity crisis.

Social Engineering 126

Social Engineering Engineering Phishing Marketing 126

ZoneAlarm

SEPTEMBER 25, 2022

Throughout the hundreds … The post What Does Social Engineering Have to Do with Ransomware? appeared first on ZoneAlarm Security Blog. So how is it possible that so many people and organizations continue to fall for whatever cybercriminals throw their way?

Social Engineering 111

Social Engineering Engineering Ransomware Scams 111

Identity IQ

JUNE 20, 2023

What Are Social Engineering Scams? Thanks, Your CEO This common scenario is just one example of the many ways scammers may attempt to trick you through social engineering scams. Read on to learn how to recognize social engineering attacks, their consequences, and tactics to avoid falling for them.

Social Engineering 94

Social Engineering Scams Engineering Identity Theft 94

Security Affairs

FEBRUARY 1, 2022

A massive social engineering campaign targeting banks has been delivered in the last two years in several countries. A massive social engineering campaign has been delivered in the last two years in several countries, including Portugal, Spain, Brazil, Mexico, Chile, the UK, and France. Pierluigi Paganini.

Social Engineering 98

Social Engineering Banking Engineering Phishing 98

Krebs on Security

NOVEMBER 21, 2020

In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com. “Our security team investigated and confirmed threat actor activity, including social engineering of a limited number of GoDaddy employees.

Cryptocurrency 364

Cryptocurrency Scams VPN Social Engineering 364

The Last Watchdog

NOVEMBER 29, 2022

A new development in phishing is the “nag attack.” The fraudster commences the social engineering by irritating the targeted victim, and then follows up with an an offer to alleviate the annoyance. Nag attacks add to the litany of phishing techniques. Spear phishing. One must admire the ingenuity of cybercriminals.

Phishing 214

Phishing Social Engineering Scams Software 214

Krebs on Security

APRIL 6, 2022

Microsoft blogged about its attack at the hands of LAPSUS$, and about the group targeting its customers. “Someone was trying to phish employee credentials, and they were good at it,” Wired reported. ” Twitter revealed that a key tactic of the group was “phone spear phishing” (a.k.a.

Social Engineering 293

Social Engineering Phishing Engineering Accountability 293

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. Image: Cloudflare.com. 2, and Aug.

Mobile 342

Mobile Phishing Authentication Accountability 342

Heimadal Security

MARCH 24, 2023

Are you aware of QR code phishing or “quishing”? This form of social engineering attack is gaining popularity among cybercriminals eager to steal your data. Let’s dive in and learn about this latest threat in […] The post What Is Quishing: QR Code Phishing Explained appeared first on Heimdal Security Blog.

Phishing 119

Phishing Social Engineering Engineering Cybersecurity 119

The Last Watchdog

SEPTEMBER 21, 2022

Phishing is one of the most common social engineering tactics cybercriminals use to target their victims. Cybersecurity experts are discussing a new trend in the cybercrime community called phishing-as-a-service. Phishing-as-a-Service (PhaaS). Related: Utilizing humans as security sensors. Rising popularity.

Phishing 198

Phishing Artificial Intelligence Cybercrime Social Engineering 198

IT Security Guru

FEBRUARY 25, 2025

In this blog, well look at the concept of MFA fatigue, how bad actors exploit it, and what entities can do to strengthen defences against this cunning tactic. Other Ways Threat Actors Exploit Human Behaviour In addition to fatigue attacks, malefactors weaponise social engineering.

Social Engineering 118

Social Engineering Authentication Risk Accountability 118

Heimadal Security

JULY 15, 2022

Researchers have uncovered a new phishing kit that, under the guise of security controls, injects malware into legitimate WordPress sites and uses a fake PayPal-branded social engineering scam to trick targets into handing over their most sensitive data. Researchers from Akamai said that the attackers […].

Phishing 111

Phishing Social Engineering Scams Engineering 111

CyberSecurity Insiders

APRIL 14, 2021

This blog was written by an independent guest blogger. Phishing exercises are an important tool towards promoting security awareness in an organization. Phishing is effective, simply because it works. As social engineers, it is easy to play on people’s vulnerabilities; their fears, hopes, and dreams.

Phishing 103

Phishing Social Engineering Scams Engineering 103

Heimadal Security

SEPTEMBER 22, 2022

The large number of subscribers has attracted threat groups that are looking to score with a social engineering campaign. Scammers send phishing emails trying to convince Netflix users that their account is somehow in jeopardy, and […].

Scams 105

Scams Phishing Social Engineering Engineering 105

Krebs on Security

JANUARY 30, 2024

2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials. ” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

SecureWorld News

MAY 16, 2025

In a new blog post by Google's Threat Intelligence team, security analysts outline a concerning evolution in the group's tactics and raise red flags for U.S. Scattered Spider is a financially motivated threat actor group known for its social engineering prowess, SIM-swapping attacks, and living-off-the-land (LOTL) techniques.

Retail 74

Retail Social Engineering Engineering Telecommunications 74

Duo's Security Blog

FEBRUARY 25, 2021

The first known mention of the word “phishing” happened in the America Online (AOL) user group named appropriately “AOHell. Phishing has raised hell ever since. As technology has evolved so has the sophistication of targeted phishing attacks. What is spear-phishing? What happened when a popular company was breached?

Phishing 106

Phishing Social Engineering Engineering Authentication 106

Heimadal Security

AUGUST 6, 2021

Apple ID phishing scams represent genuine danger nowadays. The concept of “phishing” stands for an advanced cyberattack form that embodies social engineering tactics. The post How to Spot and Prevent Apple ID Phishing Scams appeared first on Heimdal Security Blog. It may sound familiar to you.

Scams 98

Scams Phishing Social Engineering Engineering 98

ZoneAlarm

DECEMBER 7, 2023

The cyber landscape has recently been marred by a highly sophisticated social engineering scheme aimed squarely at Booking.com’s clientele. Active for over a year, this elaborate scam … The post Booking.com Users Targeted in Elaborate Phishing Scams appeared first on ZoneAlarm Security Blog.

Scams 97

Scams Phishing Social Engineering Engineering 97

Malwarebytes

MAY 8, 2025

We discovered a new phishing kit targeting payroll and payment platforms that aims to not only steal victims’ credentials but also to commit wire fraud. Clicking on the ad sent employees and employers to a phishing website impersonating Deel. Phishing portal and 2FA The first phishing domain we saw was login-deel[.]app

Phishing 101

Phishing Authentication Engineering Banking 101

Duo's Security Blog

APRIL 20, 2023

Through the first two months of 2023 alone, the Australian Competition and Consumer Commission’s Scamwatch reported more than 19,000 phishing reports with estimated financial losses of more than $5.2 What is phishing? This is part of what makes phishing attacks so dangerous.

Phishing 106

Phishing Social Engineering Authentication Engineering 106

SecureList

JULY 5, 2023

Hence, cybercriminals have little motivation to invest heavily into phishing campaigns, and so, techniques used in email attacks on hot wallets are hardly ever original or complex. Sample phishing email that targets Coinbase users After the user clicks the link, they are redirected to a page where they are asked to enter their seed phrase.

Scams 131

Scams Phishing Cryptocurrency Social Engineering 131

Heimadal Security

DECEMBER 5, 2022

Apple users were the target of a phishing attack that used social engineering last month, during Black Friday, as threat actors managed to trick the Microsoft Office 365 email security. The post Phishing Attack Strikes Apple Users During Black Friday Sales appeared first on Heimdal Security Blog.

Phishing 97

Phishing Social Engineering Engineering Cybersecurity 97

Webroot

MARCH 3, 2025

Medical identity theft Medical identity theft happens when someone steals or uses your personal information like your name, Social Security number, or Medicare details, to get healthcare in your name. Social engineering attacks Social engineering attacks occur when someone uses a fake persona to gain your trust.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Heimadal Security

FEBRUARY 14, 2023

The cybercrime gang specializes in online scams, using social engineering, phishing, and smishing to collect sensitive victim information before committing financial fraud.

Phishing 98

Phishing Social Engineering Cybercrime Scams 98

The State of Security

MAY 5, 2022

The FBI's Internet Crime Complaint Center (IC3) has issued updated statistics on Business Email Compromise (BEC) attacks which use a variety of social engineering and phishing techniques to break into accounts and trick companies into transferring large amounts of money into the hands of criminals.

Social Engineering 129

Social Engineering Engineering Phishing Internet 129

Heimadal Security

APRIL 18, 2022

A warning about a new wave of social engineering cyberattacks that distribute the IcedID malware and employ Zimbra exploits for sensitive data theft purposes has been recently issued by the Computer Emergency Response Team of Ukraine (CERT-UA).

Government 131

Government Malware Social Engineering Hacking 131

SC Magazine

JUNE 17, 2021

In a blog post, Avanan said hackers are bypassing static link scanners by hosting their attacks on publicly-known services. According to Avanan blog, once the attacker publishes the lure, “Google provides a link with embed tags that are meant to be used on forums to render custom content.

Phishing 110

Phishing Social Engineering Engineering CISO 110

eSecurity Planet

AUGUST 16, 2021

A phishing campaign that Microsoft security researchers have been tracking for about a year highlights not only the ongoing success of social engineering efforts by hackers to compromise systems, but also the extent to which the bad actors will go to cover their tracks while stealing user credentials. Invoice-Themed Lures.

Phishing 109

Phishing Social Engineering Passwords Engineering 109

SC Magazine

MAY 11, 2021

Researchers last week spotted a phishing campaign that leveraged an online email authentication solution from Zix, in hopes that potential victims would be lulled into a false sense of security. But since these types of socially engineered attacks do not make use of these tactics, it evades traditional defenses,” Tobe explained.

Phishing 112

Phishing Authentication Social Engineering Media 112