Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

The 7 Best Social Engineering Attacks Ever
Oldest First  |  Newest First  |  Threaded View
Page 1 / 2   >   >>
Thomas Claburn
Thomas Claburn,
User Rank: Ninja
3/18/2015 | 6:45:32 PM
name required
Can we all agree to ignore any email that isn't addressed by name?
User Rank: Strategist
3/19/2015 | 4:24:22 AM
Good examples
Great article!  Periodic User awareness training to reduce social engineering is of paramount importance.  Some phishing emails are so good that high trained security people can fall for them.  The examples in the article effectively demonstrate the issue.

The rule I use for my own emails is not click links in emails, including unsubscribe, unless the email is expected, such as one as confirmation during new account setup. Of course, never click on attachments either unless they are expected.  I have within Spyshelter (anti-keylogger) where I can save an attachment, right click the file and on the pop-up menu click 'Spyshelter-> Check it on VirusTotal'; it uploads to virustotal.com .   It's then scanned by over 50 antivirus software products. 

I think this rule is probably the most important security measure I use for computers at my home.
User Rank: Apprentice
3/24/2015 | 7:21:23 AM
Confidence Man
The name of the "confidence man" was "William Thompson" and not "Samuel Williams". The article "Arrest of the Confidence Man" (New-York Herald, July 8, 1849) can be found online.
User Rank: Apprentice
3/28/2015 | 2:37:41 AM
Re: name required
great post
User Rank: Apprentice
5/9/2015 | 9:41:21 AM
Social Engineering examples
Here's another example:


It's not one of 'the best social engineering attacks' ever, but shows that anyone can be a target.


User Rank: Apprentice
10/1/2015 | 3:18:11 PM
Re: name required
The post refers to "Ferrara" repeatedly, but never describes who he is or what he does. 
User Rank: Strategist
10/2/2015 | 4:56:47 AM
thank's for post
system security in any country is the future !
User Rank: Apprentice
3/14/2017 | 6:00:19 AM
Forex security and vulnerabilities
Great post as always. Technology advances every day, new vulnerabilities arise all the time. Security is everyones main priority and rightly so. For any site owner nowadays you need a dedicated security team to make sure you and your customers are safe. Its a scary world out there.
User Rank: Apprentice
10/5/2017 | 8:03:33 AM
What is Social Engineering really?
I have been reading about the social engineering thing lately, I am getting lots of phishing emails lately and I wonder where I went wrong. May be someone has got a hold of my email. I have become more aware now and I literally check every link before even opening it.
Megan is Always Wright
Megan is Always Wright,
User Rank: Apprentice
10/9/2017 | 11:15:58 AM
Re: What is Social Engineering really?
Social engineering is basically a technique that has long been used by humans even before the birth of the Internet. By using these techniques, the evildoers among us are able to win our trust, or more like fool us into sharing stuff that we shouldn't.

I also didnt understand what it was until i read this article (https://www.purevpn.com/blog/social-engineering-attacks/) which explained what it was and how to protect against it
Page 1 / 2   >   >>

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
Improving Enterprise Cybersecurity With XDR
Enterprises are looking at eXtended Detection and Response technologies to improve their abilities to detect, and respond to, threats. While endpoint detection and response is not new to enterprise security, organizations have to improve network visibility, expand data collection and expand threat hunting capabilites if they want their XDR deployments to succeed. This issue of Tech Insights also includes: a market overview for XDR from Omdia, questions to ask before deploying XDR, and an XDR primer.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2022-07-05
Newsletter Module v3.x was discovered to contain a SQL injection vulnerability via the zemez_newsletter_email parameter at /index.php.
PUBLISHED: 2022-07-05
An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php.
PUBLISHED: 2022-07-05
Ingredient Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /isms/admin/stocks/view_stock.php.
PUBLISHED: 2022-07-05
An arbitrary file upload vulnerability in Dice v4.2.0 allows attackers to execute arbitrary code via a crafted file.
PUBLISHED: 2022-07-05
So Filter Shop v3.x was discovered to contain multiple blind SQL injection vulnerabilities via the att_value_id , manu_value_id , opt_value_id , and subcate_value_id parameters at /index.php?route=extension/module/so_filter_shop_by/filter_data.