Not All Phishing Programs Are Created Equal

Not All Phishing Programs Are Created Equal

In today’s corporate world, security awareness training should be a common puzzle piece in general user onboarding and on-going staff education. With that training, regular testing should also be part of that puzzle. There are many variations in the types of programs offered at companies, so that means not all ... Read More
Information Risks of Travel

Information Risks of Travel

So, you’re on the road for work again, are you? Or, you’re heading out soon? Regardless of when, if you travel for work you should know about the information risks of travel and how it increases the risk of identity theft and, therefore, future social engineering attempts. How does travel ... Read More
what is critical thinking?

What is Critical Thinking?

In the field of security awareness and associated training, the term “critical thinking” is thrown about as an effective defense against social engineering attacks. So, what is critical thinking? And how can it be applied in day-to-day activities to make a user or an entire user–base more secure? According to ... Read More
Protecting Trade Secrets from Physical Intruders

Protecting Trade Secrets from Physical Intruders

Companies that hold trade secrets, intellectual property, or proprietary research are under attack. The attack is multifaceted and includes both cyber and physical intrusion. As mentioned in the March 2018 Social-Engineer.org Newsletter, cyberespionage has “changed from isolated and individualized attacks to attacks run by distinct groups resembling traditional Mafia organizations.” ... Read More
It Is Important To Have Ethics In Social Engineering

It Is Important To Have Ethics In Social Engineering

Over the years of being a professional social engineer (SE), I have been asked questions like, “Are you really testing your clients if you don’t use EVERY method possible?” Or, “You are acting like the bad guys, why do you need to have rules?” And even, “I don’t need to ... Read More
Free Yourself from FUD

Free Yourself from FUD

Fear, uncertainty, and doubt (FUD) hold powerful influence over humans. Fear itself is a deeply powerful emotion that causes specific reactions in the brain, and uncertainty and doubt are feelings that manipulate your actions, your employees’ actions, and your business operations. Examples of FUD have a long-standing history in the ... Read More
What Do You Know About Tweedle Beetles?

What Do You Know About Tweedle Beetles?

For that past few years, thanks to having an amazing little addition to my family, I have been reading a lot of Dr. Seuss books, and one of my favorites is “Fox in Socks.” If you haven’t read it to your kids, you should. Well… you can try. If you ... Read More
Healthcare: Security in Crisis?

Healthcare: Security in Crisis?

The other day my wife went to the doctor, and a few weeks before that we took our son to the dentist. We had to fill out all the paperwork and give them all the usual PII, including name, address, phone number, alternate contacts, SS#, DOB, driver’s license, insurance info, ... Read More
Vendors, Educating, and Social Media Marketing

Vendors, Educating, and Social Media Marketing

What do professionals inadvertently disclose about the operations security (OPSEC) of their organizations and themselves while giving advice? Becoming a known educator and voice in your area of expertise is effectively done by drawing connections between yourself, your knowledge base, and your audience. Often in Information Security (InfoSec), this involves ... Read More
A Nonverbal Analysis of Mark Zuckerberg’s Congress Testimony

A Nonverbal Analysis of Mark Zuckerberg’s Congress Testimony

Most of us are familiar with the fact that Mark Zuckerberg, CEO of Facebook, is testifying in front of Congress this week regarding Facebook’s mishandling of user data. This hearing is being watched around the globe by corporations, governments, and users alike. Like many of you, I am watching much ... Read More
Loading...