Social Engineering

Social Engineering news, analysis, how-to, opinion and video. | CIO

windows server download update install
red blue tools

00 intro

Not so startling revelations of how a hacker broke in

These 10 ways are becoming all too common approaches, but yet users still fall for them.

01 intro myth

Security myths that can make you laugh… or cry

To help organizations cut through the noise to focus on improving security structures, security experts identify industry myths and provide suggestions to avoid falling for them. 

candy strangers

5 social engineering scams employees still fall for

You’ve trained them. You’ve deployed simulated phishing tests. You’ve reminded your employees countless times with posters and games and emails about avoiding phishing scams. Still, they keep falling for the same ploys they’ve been...

6 social media

5 incredibly creative uses of social proof in marketing

Social proof promotes consumer confidence in an unbiased fashion, doing what traditional marketing and advertising can’t. Study these examples, including Mark Zuckerberg, Gogobot, the Colbert Bump, Netflix, and Pura Vida, to...

central station standing

Awareness training: How much is too much?

The goal of security awareness training is to help employees recognize and avoid security risks. The key, experts say, is to make them skeptical but not operate in a “constant state of distrust.”

classroom training

Is your security awareness training program working?

The metrics to use to determine where to make improvements in security awareness training

security phishing hook

New tech can help catch spearphishing attacks

Highly-targeted spearphishing attacks slip past spam and anti-virus filters, but new approaches that look for more subtle patterns can help reduce the threat

Phishing trends

What is phishing success?

A recent article asking the question to security professionals seemed to miss the mark, and raises more questions than it answers.

Q&A

How well does social engineering work? One test returned 150%

A conversation with a white hat hacker

video

Social engineering tricks and why CEO fraud emails work

At the Black Hat conference in Las Vegas, CSO’s Steve Ragan talks with Stephanie Carruthers, owner of Snow Offensive Security, about why business email compromise (aka CEO fraud) works so well against companies. She also discusses...

ransomware locked computer stock image cropped

Report: Only 3 percent of U.S. companies pay attackers after ransomware infections

Almost half of all companies have been the victims of a ransomware attack during the past 12 months, but 97 percent of affected U.S. companies did not pay the ransom, according to a new report.

board of directors

Spearphishing attacks target boards

With great power comes great responsibility -- and also a great big target painted on your head. At least, that's the case lately with corporate boards of directors and cybercriminals launching spearphishing attacks

ransomware

93% of phishing emails are now ransomware

As of the end of March, 93 percent of all phishing emails contained encryption ransomware, according to a report released today

0 intro gamify

7 reasons to gamify your cybersecurity strategy

Thanks to gamification, organizations are finding new ways to educate employees on the importance of cybersecurity, through gaming elements like one-on-one competitions, rewards programs and more.

facebook logo crop

Security pros concerned about Facebook payment expansion

Facebook's Messenger app has allowed users to send money to friends using their debit cards since last spring, but recent reports indicate that Facebook may be considering a move into the retail payments space as well, following in...

breach title

Enterprises fall behind on protecting against phishing, detecting breaches

The ninth annual Verizon Data Breach Report contains bad news on multiple fronts, including click-through rates on phishing messages, how long it takes companies to detect breaches, and even whether companies spot the breaches at all....

bullseye darts

CEO targeted by fraud twice a month

Every couple of weeks or so, Tom Kemp's company gets hit by ever-more-sophisticated attempts to trick them out of large sums of money

01 whaling title

10 whaling emails that could get by an unsuspecting CEO

Email security company Mimecast has shared a handful of real-life examples of fraud attempts targeted at the person in the corner office.

Load More