Articles on Social Engineering
- Tools Generating Domain Name Variations Used in Phishing Attacks Phishing attackers register domain names similar to targeted organizations using techniques like bitsquatting, homoglyphs, letter repetition, transposition, and typos. Tools like dnstwist and...
- Social Engineering Website Backup Company's Misleading "Invoices" Suggest a Scam WebsiteBackup Company sent unsolicited letters resembling invoices to businesses, confusing recipients into thinking they owed payment for services they never ordered. The letters lacked the legally...
- Malware Conversation With a Tech Support Scammer Tech support scammers use scareware web pages to convince visitors their PCs are infected, then employ consultative sales tactics when victims call for help. Representatives use legitimate remote...
- Social Engineering The Manipulative Nature and Mechanics of Visitor Survey Scams Visitor survey scams use multiple choice questions to provide an excuse for offering "rewards," then employ scarcity tactics and fake testimonials to persuade victims to provide credit card details...
- Social Networking Scammers Prescreen Victims for Tech Support Scams via Twitter and Phone Tech support scammers use Twitter bots to respond to public messages containing words like "virus" and "malware," inviting potential victims to call phone numbers where automated systems profile...
- Social Engineering Attackers Rely on Social Engineering to Activate Macros in Malicious Documents Malicious document authors persuade victims to enable macros by claiming the security warning indicates protected content or by providing detailed step-by-step instructions for changing macro...