#social-engineering

[ follow ]
fromPsychology Today
1 day ago

The Man Who Sold a Fake Country

Con artists exploit timeless human psychology—scarcity, forged credibility, and persuasive storytelling—to sell false opportunities across eras, from 19th-century Poyais to modern online scams.
fromThe Hacker News
1 day ago

MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers

Instead of sending unsolicited phishing emails, attackers initiate contact through a company's public 'Contact Us' form, tricking employees into starting the conversation. What follows are weeks of professional, credible exchanges, often sealed with fake NDAs, before delivering a weaponized ZIP file carrying MixShell, a stealthy in-memory malware.
Information security
fromIT Pro
5 days ago

Has password hygiene ever improved?

Passwords are fundamentally insecure and human-dependent, enabling breaches that can topple organizations; static credentials must be eliminated in favor of stronger authentication.
fromTheregister
6 days ago

'Impersonation as a service' next big thing in cybercrime

Demand for English-language social engineering skills has surged, enabling impersonation-as-a-service operations that facilitate Salesforce intrusions and financially motivated attacks.
#phishing
fromLifehacker
6 days ago
Information security

This Creative Phishing Scam Uses Netflix Job Offers to Steal Facebook Credentials

fromIT Pro
1 week ago
Privacy professionals

Malicious URLs overtake email attachments as the biggest malware threat

fromwww.itpro.com
1 month ago
Information security

New hires are your weakest link when it comes to phishing attacks here's how you can build a strong security culture that doesn't judge victims

fromLifehacker
6 days ago
Information security

This Creative Phishing Scam Uses Netflix Job Offers to Steal Facebook Credentials

fromIT Pro
1 week ago
Privacy professionals

Malicious URLs overtake email attachments as the biggest malware threat

fromwww.itpro.com
1 month ago
Information security

New hires are your weakest link when it comes to phishing attacks here's how you can build a strong security culture that doesn't judge victims

#data-breach
fromIT Pro
1 week ago
Information security

The Allianz Life data breach just took a huge turn for the worse

fromTechCrunch
1 month ago
Privacy professionals

Allianz Life says 'majority' of customers' personal data stolen in cyberattack | TechCrunch

fromIT Pro
1 week ago
Information security

The Allianz Life data breach just took a huge turn for the worse

fromTechCrunch
1 month ago
Privacy professionals

Allianz Life says 'majority' of customers' personal data stolen in cyberattack | TechCrunch

#cybersecurity
Information security
fromThe Hacker News
1 month ago

Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure

Scattered Spider targets VMware ESXi hypervisors, employing social engineering to bypass security measures and conduct precise, campaign-driven attacks.
Privacy professionals
fromFortune
1 month ago

Allianz Life says hackers accessed personal data on the majority of its 1.4 million US customers

A data breach affected 1.4 million Allianz Life customers, exposing personal data through a third-party cloud system.
fromFortune
1 month ago
Privacy professionals

Allianz Life says hackers accessed personal data on the majority of its 1.4 million US customers

fromThe Hacker News
3 weeks ago

ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections

"Like a real-world virus variant, this new 'ClickFix' strain quickly outpaced and ultimately wiped out the infamous fake browser update scam that plagued the web just last year."
Privacy professionals
#malware
fromThe Hacker News
2 months ago
Growth hacking

New EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Data

EDDIESTEALER is a Rust-based information stealer using fake CAPTCHA pages to trick users into executing malware that harvests sensitive information.
fromThe Hacker News
3 months ago
Marketing tech

Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique

Latrodectus malware utilizes the ClickFix technique for stealthy and dangerous payload distribution.
Growth hacking
fromThe Hacker News
2 months ago

New EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Data

EDDIESTEALER is a Rust-based information stealer using fake CAPTCHA pages to trick users into executing malware that harvests sensitive information.
Marketing tech
fromThe Hacker News
3 months ago

Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique

Latrodectus malware utilizes the ClickFix technique for stealthy and dangerous payload distribution.
fromArs Technica
1 month ago

After BlackSuit is taken down, new ransomware group Chaos emerges

Chaos is likely a rebranding of BlackSuit ransomware or operated by former members, based on similar encryption mechanisms, ransom note structure, and tools used.
Privacy technologies
Privacy technologies
fromThe Hacker News
1 month ago

Deepfakes. Fake Recruiters. Cloned CFOs - Learn How to Stop AI-Driven Attacks in Real Time

Social engineering attacks have evolved to utilize AI and deepfake tools for sophisticated impersonation tactics.
Apple
fromSecuritymagazine
1 month ago

New ZuRu Malware Variant Targeting Developers

ZuRu is a trojan malware for macOS that spreads through trojanized legitimate software and relies on social engineering tactics.
fromIT Brew
1 month ago

Malvertising attackers add fake numbers to real sites

Tech-support scams utilize malicious ads to lead victims to false support lines through legitimate domains.
fromSecuritymagazine
1 month ago

Security Leaders Discuss Marco Rubio AI Imposter

AI-generated impersonation attempts pose serious risks to information security and can bypass human caution.
Generative AI tools have reached a level of sophistication that allows for credible impersonations.
#cybercrime
Mobile UX
fromSecuritymagazine
2 months ago

2024 Saw Over 4 Million Mobile Social Engineering Attacks

Mobile devices are increasingly susceptible to social engineering attacks, particularly with rising phishing interactions on iOS.
fromIT Pro
2 months ago

Disinformation security is a major concern for cyber teams - here's what your business can do

Being able to imitate anyone's voice with only a few seconds of audio or create a nefarious video of someone with only a few pictures found online - that's the scary part.
Information security
fromPsychology Today
3 months ago

The Psychology of Crowds

When people gather in large groups, they often act in ways that are different from how they would behave individually.
Psychology
fromThe Hacker News
3 months ago

[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats

Identity systems face vulnerabilities beyond traditional authentication methods, necessitating comprehensive lifecycle protection.
Attackers increasingly use social engineering and advanced technologies, like deepfakes, to compromise identity systems.
Privacy professionals
fromTechCrunch
3 months ago

Citizen Lab say exiled Uyghur leaders targeted with Windows spyware | TechCrunch

Hackers targeted Uyghur community leaders using Windows spyware, highlighting the issue of digital attacks on marginalized groups.
[ Load more ]