- Social Engineering Attackers Rely on Social Engineering to Activate Macros in Malicious Documents
Malicious document authors persuade victims to enable macros by claiming the security warning indicates protected content or by providing detailed step-by-step instructions for changing macro...
- Social Engineering Scammers in Action: Domain Names and Family Resettlement to Australia
Scammers sent emails impersonating Australian immigration authorities to collect passport copies, photos, fingerprints, and personal details for identity theft. They used domain names with misleading...
- Malware Researching Scams Helps Understand Human Vulnerabilities
Online scammers exploit predictable human vulnerabilities: starting scams in the physical world, customizing messages with victims' locations, appealing to vanity and self-interest, posing as...
- Social Engineering Looking for Anomalies in Check Overpayment Scam Correspondence
Check overpayment scams convince victims to deposit fraudulent cashier's checks and forward the "extra" funds before the forgery is discovered. Warning signs include strange punctuation, extraneous...
- Social Engineering Allowing Gullible Victims to Self-Select in Online Attacks
Blatantly fraudulent scam emails may be intentional—by appearing obviously fake, they filter out savvy people who would waste the scammer's time, ensuring only the most gullible victims self-select....
- Malware How Malicious Code Can Run in Microsoft Office Documents
Microsoft Office documents can execute malicious code through VBA macros (requiring social engineering to enable), exploit payloads targeting Office vulnerabilities, embedded Flash objects, or...