Skip to main content
Phishing

Social Engineering News: Phishing

By October 20, 2021No Comments

Phishing Remains at Historic Highs; June 2021 saw 222,127 attacks. The third-worst month in APWG reporting history. These findings from the APGW 2021 Trends Report make it clear that phishing continues to be a serious threat for enterprises. Indeed, phishing is a social engineering attack vector that is one of the fastest growing security risks today. In view of this, our first edition of Social Engineering News focuses on phishing.

What is Phishing?

At Social-Engineer LLC, we define phishing as the “practice of sending emails appearing to be from reputable sources with the goal of influencing or gaining personal information.” Social Engineering News Phishing
Image: https://mn.gov/mnit/media/blog/?id=38-246678

The following recent news stories show how criminals are successfully crafting phishing emails.

  • As employees transition from remote to in person, some companies such as Google and Facebook are requiring proof of vaccination. As reported by the Washington Post, criminals are successfully using this as a ruse to phish employee credentials.
  • Criminals quickly take advantage of the $1 trillion infrastructure bill passed by Congress. Posing as U.S. Transportation Department officials, they offer fake project bid opportunities to seduce companies into handing over Microsoft credentials.
  • Current trends show that phishing is a bigger threat than ransomware. In an article released by Security Brief Asia, the comment is made: “While large ransomware attacks certainly make news coverage, phishing attacks are more common and have increased significantly. The latest data shows a worldwide web laden with phishing websites.”
  • UC San Diego Health sued over data breach that may have exposed records of 500,000 patients. The lawsuit seeks class-action status in a case where a phishing scam allowed access to a wide range of sensitive information.

Social-Engineer Phishing Service —Test, Educate, and Protect

The Social-Engineer Phishing Service (SEPS) is a fully managed program that measures and tracks how employees respond to email phishing attacks. The SEPS provides the following:

  • Levelized emails
  • Custom templates
  • Tailored training based on failures
  • Comprehensive reporting
  • Phish notification feature

Social Engineering News
Image: Social-Engineer, LLC

Employees who understand the threat posed by phishing attacks are less likely to click malicious links and more likely to report suspicious activity. Please contact our team today for a quote.

Tags:

Security Assessment Case Study
Learn more about the importance of a Social Engineering Risk Assessment.
Download Now
Security Assessment Case Study
Learn more about the importance of a Social Engineering Risk Assessment.
Download Now
What Makes Us Different
At Social-Engineer, we pride ourselves on what we do and how we do it. We are a security services provider, focusing on four primary attack vectors. This case study will go through how we can protect your company and what makes us different.
Download Now
What Makes Us Different
At Social-Engineer, we pride ourselves on what we do and how we do it. We are a security services provider, focusing on four primary attack vectors. This case study will go through how we can protect your company and what makes us different.
Download Now
Woman vs Machine
Technology is providing new, more innovative ways to enhance our world. Scientists are constantly developing smarter, faster and more intelligent machines, systems and robots. There is no doubt that each of these has evolved beyond their clockwork origins.
Download Now
Woman vs Machine
Technology is providing new, more innovative ways to enhance our world. Scientists are constantly developing smarter, faster and more intelligent machines, systems and robots. There is no doubt that each of these has evolved beyond their clockwork origins.
Download Now
Vishing and Phishing Must Be Ongoing to Be Effective
Most companies have a security awareness program in one form or another. If they don’t, it should be on the short list of programs to start as soon as possible. In our experience, many of these programs take the form of computer-based training.
Download Now
Vishing and Phishing Must Be Ongoing to Be Effective
Most companies have a security awareness program in one form or another. If they don’t, it should be on the short list of programs to start as soon as possible. In our experience, many of these programs take the form of computer-based training.
Download Now
A Case Study in Vishing
Vishing (voice-based phishing) has been a problem for quite a long time. There are many vendors in the marketplace that offer vishing services. However they tend to use robo-callers or call centers for large volume engagements. If they are using trained humans to make calls, it is likely in very low numbers.
Download Now
A Case Study in Vishing
Vishing (voice-based phishing) has been a problem for quite a long time. There are many vendors in the marketplace that offer vishing services. However they tend to use robo-callers or call centers for large volume engagements. If they are using trained humans to make calls, it is likely in very low numbers.
Download Now
Benefits of a Social-Engineering Risk Assessment Engagement
Your company is important. Indeed, the data you hold for your clients or employees is very valuable and attackers seek to capitalize on that data any way they can. This is where a Social Engineering Risk Assessment (SERA) engagement can help uncover possible vulnerability to attackers.
Download Now
Benefits of a Social-Engineering Risk Assessment Engagement
Your company is important. Indeed, the data you hold for your clients or employees is very valuable and attackers seek to capitalize on that data any way they can. This is where a Social Engineering Risk Assessment (SERA) engagement can help uncover possible vulnerability to attackers.
Download Now
The Business Value of the Social-Engineer Phishing Service
Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an organization’s employees as the first point of entry. According to the 2021 Verizon DBIR report, of the 3,841 security breaches reported using social engineering, phishing was the key vector for over 80% of them.
Download Now
The Business Value of the Social-Engineer Phishing Service
Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an organization’s employees as the first point of entry. According to the 2021 Verizon DBIR report, of the 3,841 security breaches reported using social engineering, phishing was the key vector for over 80% of them.
Download Now