Social Engineering

Social Engineering news, analysis, how-to, opinion and video. | CIO

fraud infog primary
cleaning sponges detergent wash rinse chores

The Internal Revenue Service's IRS tax filing form 1040.

'Tis the season to watch out for W-2 phishing scams

Earlier this month, the IRS sent out an urgent alert warning employers that this W-2 phishing scam had spread beyond the corporate world to other sectors, including school districts, tribal organizations and nonprofits

Man looking worn out in mod orange chair with a wad of cash in a mouse trap

Users take the cheese to solve data breaches

Verizon releases its annual breach report that puts the reader in the driver's seat.

crowd walking

The flaw in applying culture to awareness programs

I appreciate that organizations are beginning to realize that they need to understand their corporate culture in their implementation of awareness programs. It is long overdue. Unfortunately as a concept, it is being grossly...

kaboom election hacking

Hacking the 2016 election: A timeline

Russian interference in the 2016 U.S. election played out in a series of hacks taking place over several months. Here’s how the attacks unfolded.

valentine hero

How White Hat hackers do bad things for good reasons

Some companies are love struck with social engineering. White hat hackers are used to poke holes in your network and physical building.

01 boring

7 tips for better security awareness training sessions

At their worst, security awareness training sessions are boring wastes of time, both for employees and the IT people responsible for them. At their best, however, they are interactive, discussion-driven, and genuinely helpful...

fake lies pinocchio

What fake news means for IT—and how IT security can help fight it

The debate over fake news is roiling the political world, but elements of it look very familiar to tech veterans—and represent a potentially new attack vector that IT needs to worry about.

Graphic image of people running in rainbow lens

Hackers get around AI with flooding, poisoning and social engineering

Machine learning technologies can help companies spot suspicious user behaviors, malicious software, and fraudulent purchases -- but even as the defensive technologies are getting better, attackers are finding ways to get around them

windows server download update install

3 ways Windows Server 2016 is tackling security

Windows Server 2016 could be a generational shift in security on par with Bill Gates’ introduction of Trustworthy Computing in 2002.

red blue tools

Best tools for red and blue teams are methodology, experience

Since the tools vary based on environment, it's the skills and know-how that red/blue teams need most

00 intro

Not so startling revelations of how a hacker broke in

These 10 ways are becoming all too common approaches, but yet users still fall for them.

01 intro myth

Security myths that can make you laugh… or cry

To help organizations cut through the noise to focus on improving security structures, security experts identify industry myths and provide suggestions to avoid falling for them. 

candy strangers

5 social engineering scams employees still fall for

You’ve trained them. You’ve deployed simulated phishing tests. You’ve reminded your employees countless times with posters and games and emails about avoiding phishing scams. Still, they keep falling for the same ploys they’ve been...

6 social media

5 incredibly creative uses of social proof in marketing

Social proof promotes consumer confidence in an unbiased fashion, doing what traditional marketing and advertising can’t. Study these examples, including Mark Zuckerberg, Gogobot, the Colbert Bump, Netflix, and Pura Vida, to...

central station standing

Awareness training: How much is too much?

The goal of security awareness training is to help employees recognize and avoid security risks. The key, experts say, is to make them skeptical but not operate in a “constant state of distrust.”

classroom training

Is your security awareness training program working?

The metrics to use to determine where to make improvements in security awareness training

security phishing hook

New tech can help catch spearphishing attacks

Highly-targeted spearphishing attacks slip past spam and anti-virus filters, but new approaches that look for more subtle patterns can help reduce the threat

Phishing trends

What is phishing success?

A recent article asking the question to security professionals seemed to miss the mark, and raises more questions than it answers.

Load More