Articles about social engineering

Anna Chapman, one-time Russian spy turned model

Look out, sysadmins - HOT FOREIGN SPIES are targeting you

MI5 has warned that foreign spy agencies are targeting IT workers within big organisations as a means of gaining privileged access to sensitive data. The security service's warning about spy-infiltration tactics is a bid to encourage corporations to bolster their defences against such attacks, the FT (via the Daily Mail) …
John Leyden, 7 May 2014
Include Security's Tinder leakage demo

Left swipe! That hot Tinder babe is a malware-flinging ROBOT

Hackers are abusing the popular Tinder dating app to spread malware and survey scams using bots and clever social-engineering trickery. Bots are luring users with tempting profiles and pictures using pictures from an Arizona-based photography studio, according to net security firm BitDefender. Some of these images have also …
John Leyden, 7 Apr 2014
Puss considers how to respond to PayPal marketing overtures

'Bank couriers' who stole money from OAP cancer sufferer jailed

Two men have been jailed following their conviction for running a series of courier fraud scams in south London, Surrey and Sussex. Shaun Moore, 22, of no fixed abode and Jevon Grant, 20, of Croydon were sentenced to 18 months imprisonment and two years in a young offenders' institution, respectively. Both pleaded guilty to …
John Leyden, 3 Apr 2014
Homer Simpson reading on a tablet

Dammit internet... you promised naked videos of my Facebook friends

Hundreds of people have been tricked into installing Trojan malware after clicking on a new Facebook scam that falsely promises naked videos of their "friends". The scam – which relies on tricking users into installing a fake Flash player supposedly needed to view the racy footage – can multiply itself rapidly across multiple …
John Leyden, 10 Mar 2014
Thurber-esque cartoon of duck tapping typewriter

Getting documents all too easy for Snowden

Yet more evidence has emerged that the NSA, which has made much of its apparently god-like power to stroll into anybody's network, read anybody's data, and find any target it wants, is a neophyte when it comes to its own information security. If a report published in the New York Times is correct, all Edward Snowden did to …

Is that a failed Outlook security update in your pocket or are you pleased to phish me?

Web criminals have fired off Patch Tuesday-themed phishing emails to trick confused users into handing over their login details. Their messages attempt to convince users into visiting a website masquerading as a Microsoft Exchange system, which tries to coax visitors into handing over their email accounts' address and password …
John Leyden, 15 Oct 2013

'NSA PRISM spies' shake down victims with bogus child-abuse vids claims

Crooks are using the NSA's notorious global web surveillance scandal in new ransomware: punters visiting booby-trapped websites are falsely accused of downloading illegal material, told their PCs are now locked from use, and ordered to hand over a cash "fine" to unlock their computers. Cloud security firm Zscaler has spotted …
John Leyden, 12 Sep 2013
The Register breaking news

Win 8 user? Thought that was a CAPTCHA? R is for ruh roh

A security researcher has discovered a sneaky social engineering trick that might be used to disguise the go-ahead to run hostile code on Windows 8 machines. The so-called keyjacking technique, uncovered by Italian security researcher Rosario Valotta, is similar to clickjacking. However, instead of fooling marks into …
John Leyden, 1 Jul 2013
The Register breaking news

Frenchie bean-counters sweet-talked into slipping on Trojans

Crooks hoping to empty company bank accounts are calling up the firms' bean-counters to chase invoices packed with hidden malware. Finance staff are tricked into opening the booby-trapped messages in phone calls from con men, who claim to have emailed in legit paperwork that needs urgent attention. The documents instead …
John Leyden, 14 May 2013
The Register breaking news

End of days: Possessed POWERPOINT predicts Mayan Apocalypse

Miscreants have crammed malware into a Microsoft PowerPoint presentation about today's supposed Mayan Apocalypse. If someone emails you a .ppt slideshow titled Will the world end in 2012?, give it a wide berth unless the world really does end today and you're feeling wild. The booby-trapped presentation packs Visual Basic …
John Leyden, 21 Dec 2012
The Register breaking news

First Mac OS X fake installer pops up, racks up your mobe bill

Crooks have developed a new Mac OS X-specific Trojan that mimics the behaviour of a legitimate software installer. Trojan-SMSSend-3666, which poses as an application for listening to music on a popular Russian social networking site, attempts to hoodwink marks into handing their mobile number to activate the radio app. Users …
John Leyden, 17 Dec 2012
The Register breaking news

Dutch script kiddie pwns 20,000 Twitter profiles

A Dutch teenager successfully hijacked 20,000 Twitter profiles to post a message dissing their owners for being slack with security. Damien Reijnaers (@DamiaanR), 16, also induced his victims into tipping their hat to him for helping them to point out the error of their ways in the same update. He pulled off the trick by …
John Leyden, 14 Dec 2012
The Register breaking news

Latest scam spam ploy: Bogus pay-by-phone London parking receipts

Bogus "pay by phone parking receipts" doing the rounds by email and targeted at UK users are actually designed to spread malware, security watchers warn. The spam campaign is designed to trick recipients into viewing a fictitious list of parking transactions, contained in a malicious attachment. "Upon executing the malicious …
John Leyden, 28 Nov 2012
Hurricane Sandy map

Hurricane Sandy: Where are all the cynical online scams?

Comment The occurrence of a natural disaster or celebrity death have been guaranteed to mean the appearance of topical scams and malware for some years, certainly since the Indian Ocean Tsunami of 2004 if not before. But the devastation wrought by superstorm Sandy on the US north-east coast and beyond has strangely been accompanied by …
John Leyden, 31 Oct 2012
The Register breaking news

Fake Facebook pull-down tricks social climbers into swallowing vile load

Scammers are attempting to trick prospective marks into opening malware via spam messages falsely warning that their Facebook account is in the process of being closed. The dodgy email poses as supposed account cancellation confirmation messages that point to a third-party application running on the Facebook platform. The …
John Leyden, 22 May 2012
The Register breaking news

Titsup WHMCS calls the Feds after credit-card megaleak

WHMCS, which provides billing and customer support tech to many web hosts, was comprehensively hacked on Monday and remains offline. Hackers tricked WHMCS's own hosting firm into handing over admin credentials to its servers. The group that carried out the hack, UGNazi, subsequently extracted the billing company's database …
John Leyden, 22 May 2012
The Register breaking news

Scammers exploit wannabe demon-slayers hyped by Diablo III

Cybercrooks latched onto the release of Diablo III on Monday with a run of scams themed around the widely anticipated video game. Blizzard's games systems collapsed due to the higher than expected demand for the demon-slaying game, The Guardian reports. The software company is attempting to stop pirates from nicking the new …
John Leyden, 15 May 2012
The Register breaking news

New Trojan routes your bank's calls to CROOKS

Devious cybercrooks have developed a Trojan that is capable of redirecting calls your bank has made to verify suspicious transactions – straight into the waiting handsets of professional criminal caller services. The capability comes bundled in a modified configuration of Ice IX, a Trojan developed using the infamous ZeuS …
John Leyden, 2 Feb 2012

Create a news alert about social engineering, or find more stories about social engineering.

Biting the hand that feeds IT © 1998–2018