Latest QBot Attacks Use a Mixture of PDF Attachments and Windows Scripting Host Files to Infect Victims
QBot malware seems to be outliving its competitors through innovative new ways to socially engineer victims into helping install it.
social engineering
How to Use Social Engineering Toolkit(SET) – A Complete Guide
The Social Engineering Toolkit (SET) is a Kali Linux operating system software program. SET is a powerful tool for conducting various social engineering attacks, including phishing, spear-phishing, and other social engineering attacks. Multiple attack vectors: SET provides a variety of attack vectors, including email, SMS, USB, and more. Easy customization: SET makes it easy to […]
Another Perspective on ChatGPT’s Social Engineering Potential
We’ve had occasion to write about ChatGPT’s potential for malign use in social engineering, both in the generation of phishbait at scale and as a topical theme that can appear in lures. We continue to track concerns about the new technology as…
[Heads Up] The New FedNow Service Opens Massive New Attack Surface
You may not have heard of this service planned for July 2023, but it promises a massive new social engineering attack surface. This is from their website:”About the FedNowSM Service. The FedNow Service is a new instant payment infrastructure d…
FBI Warns of Sextortion Scams that Yield a New Equally Scam-Like Service: Sextortion Assistance
A FBI bulletin highlights a new twist in the sextortion game: companies claiming to assist with addressing sextortion who use deceptive social engineering tactics to coerce victims into paying huge fees.
Guarding Against AI-Enabled Social Engineering: Lessons from a Data Scientist’s Experiment
The Verge came out with an article that got my attention. As artificial intelligence continues to advance at an unprecedented pace, the potential for its misuse in the realm of information security grows in parallel. A recent experiment by dat…
That Email Isn’t from the New Jersey Attorney General
Earlier this month, state employees in the US state of New Jersey began receiving emails that falsely represented themselves as originating with the state’s attorney general.
[Arm and a Leg] Cyber Insurers Are Worried About The Long-tail Cost of Attacks
[BUDGET AMMO] James Rundle at the The Wall Street Journal today published a very interesting article about the long-term costs of cyber attacks and the fact that cyber insurers are getting more and more worried that their models do not cover t…
London NatWest Bank Warns Customers of Alarming Impersonation Scams
National Westminster Bank, the London-based bank familiarly known as NatWest, has warned its customers to be on the alert for emails pretending to be from NatWest, but which in fact are from scammers trying to bubble the unwary out of their sa…
Pre-pandemic techniques are fueling record fraud rates
Within the largest financial institutions, insurers, and retailers, the rise and adoption of AI, an impending recession, and the return of pre-pandemic fraud techniques are driving record rates of fraud attacks for consumers and enterprises alike, acco…