#social engineering

Security awareness tips, industry news, and product updates.

A hiring manager conducting a remote video interview on a laptop
Phishing & Social EngineeringThreat Intelligence

Deepfake Job Interviews: Hiring Is Now an Attack Surface

North Korean operatives are using deepfakes and synthetic identities to get hired at Western firms. Unit 42 built a convincing fake candidate in about 70 minutes. Here is how to vet remote hires.

Natalie Hoffmann·7/10/2026·6 min read
Employee processing a card payment at a point-of-sale terminal in a retail environment
Compliance & Regulations

PCI DSS 4.0 Security Awareness Training Requirements

PCI DSS v4.0 raised the bar for security awareness, naming phishing and social engineering explicitly. Here is what the standard now requires if you handle card data.

Lisa Brennan·7/4/2026·7 min read
An employee carefully reading an email thread on an office computer
Phishing & Social EngineeringThreat Intelligence

Thread Hijacking: Phishing From Inside Trusted Emails

Thread hijacking lets attackers reply inside a real email conversation, with a familiar subject, history, and trusted sender. It defeats the 'unknown sender' instinct. Here is how to spot it.

Elena Vasquez·7/1/2026·7 min read
An HR professional reviewing payroll documents at a desk
Phishing & Social Engineering

Payroll Diversion: The BEC Scam That Targets HR Teams

Attackers are phishing payroll portal logins and impersonating staff to reroute direct-deposit paychecks into accounts they control. The FBI has warned about it for years - here's how HR can stop it.

Lisa Brennan·6/27/2026·7 min read
Office worker on a laptop video call reviewing a chat message in a collaboration app
Phishing & Social EngineeringThreat Intelligence

Teams & Slack Phishing: The Threat Beyond the Inbox

Phishing has moved out of the inbox and into Microsoft Teams, Slack, and calendar invites — platforms employees trust by default. Here is how the attacks work and how to extend your defenses to cover them.

Elena Vasquez·6/26/2026·7 min read
An employee reading an urgent text message on a smartphone at work
Phishing & Social Engineering

Gift Card Scams: The "Are You Available?" CEO Fraud

"Are you available? I need a quick favor." It's the opening line of a gift card scam impersonating your CEO - low-tech, high-volume, and aimed at new and junior staff. Here's the pattern and the one rule that stops it.

Thomas Eriksson·6/25/2026·7 min read
Finance team member reviewing an invoice on a desk in an office
Phishing & Social Engineering

Invoice Fraud & Vendor Email Compromise: How to Stop It

A trusted supplier emails to say their bank details have changed. Pay the new account and the money is gone. Here is how vendor email compromise drives invoice fraud — and the verification controls that stop it.

Sarah Mitchell·6/24/2026·6 min read
IT help desk agent wearing a headset and assisting a caller
Phishing & Social EngineeringThreat Intelligence

Help Desk Social Engineering: Scattered Spider's Front Door

Scattered Spider doesn't hack your MFA — it calls your help desk and talks an agent into resetting it. Here's how help desk social engineering works and how to lock the door.

David Kowalski·6/16/2026·4 min read
Finance professional on a video conference call reviewing a wire transfer request
Phishing & Social EngineeringThreat Intelligence

Deepfake CEO Fraud: When a Fake Voice Authorizes the Wire

Attackers can now clone an executive's voice from three seconds of audio and join a video call as a synthetic colleague. Here's how deepfake CEO fraud works and how to stop it.

Marcus Chen·6/9/2026·5 min read
Employee following an on-screen instruction prompt on their computer
Phishing & Social EngineeringThreat Intelligence

ClickFix Attacks: The Fake CAPTCHA That Installs Malware

ClickFix tricks users into pasting a malicious command into their own computer under the guise of a CAPTCHA or 'fix this error' prompt. Here's why it bypasses your filters and how to train against it.

Elena Vasquez·6/8/2026·4 min read
Football fans filling a packed stadium during a major tournament match
Phishing & Social EngineeringThreat Intelligence

FIFA World Cup 2026 Ticket Scams Hit the Workplace

The FBI is warning fans that criminals are spoofing FIFA's ticketing site ahead of the 2026 World Cup. Here is why event-themed lures land in employee inboxes and how to train your team to spot them.

Marcus Chen·6/7/2026·7 min read
Driver checking a suspicious toll payment text message on a mobile phone
Phishing & Social EngineeringSecurity Awareness TipsThreat Intelligence

Road Toll Smishing Scams: Lessons from Operation Road Trap

Bitdefender's Operation Road Trap research shows how toll, parking, and traffic-fine smishing has scaled across countries. Here is what employees and security teams should watch for.

Elena Vasquez·5/15/2026·7 min read
« Previous12Next »