A social engineer will start by gathering Open Source Intelligence (OSINT) and the sleuthing continues using social media, finally giving the company an overview of their security posture without losing any of the data taken on the job.
The most interesting trend to surface in Q4 of RiskIQ's phishing report was a 100 percent increase in phishing campaigns leveraging social media platforms, accounting for 20 percent of the top-ten most phished brands.
Concerning the US FBI's investigation into Russian influence on the 2016 US election, Senator Amy Klobuchar said social media companies should be fined if they can't get rid of bots on their platforms.
Cyber-criminals are using social media and social engineering to dupe victims into downloading Advance Persistent Threat spyware disguised as the Kik messenger app.
Another misconfigured Amazon Web Services (AWS) S3 cloud storage bucket has been left insecure this time exposing the sensitive data of 12,000 social media influencers, most of whom were female.
Phishing from G-suite users: a weaponised Google spreadsheet hosted on G-Suite opens a remote HTML page which mimics the Google sign-in process and gives the impression that the victim needs to re-authenticate.
Vietnamese adware dubbed "GhostTeam" was found hiding in 53 Google Play apps disguised as utility apps, device performance boosting apps, and social media downloaders.
Saying that Terdot malware is a banking trojan is kind of like saying your computer is a giant calculator. Yes, that's essentially what it is, but it's also a whole lot more.
A former insider at Russia's Internet Research Agency (IRA) has divulged details on the online troll factory's operations, stating that he "absolutely" believes the organisation is connected to the Kremlin.
Companies seem to be slow to realise that their Twitter, Facebook or LinkedIn accounts and passwords require exactly the same protection as any of their high-risk or high-value internal systems says Jackson Shaw.
Russia's anti-privacy laws began taking effect 1 October - with another deadline on 1 November - just as the country pledged to block Facebook if the company refuses to store Russian citizens' data on Russian servers.
People are the last line of defence in your organisation's security infrastructure, yet half the population are ignorant of ransomware, and many don't understand phishing, but trust that social media security is high says Colin McTrusty.
UK Prime Minister Theresa May says that technology companies are providing a "safe space" for terrorists.
A new social network named Mastodon popped up a few months ago that is designed to deliver a decentralised, open-source experience, but its unique structure may make its members vulnerable to cyber-attacks.
Search engines are the biggest aider and abetter of cyber-crime, according to the head of the Metropolitan Police Cyber Crime Unit, speaking at a breakfast briefing last week.
Despite many in the tech industry saying it won't work, home secretary Amber Rudd would like to persuade tech giants such as WhatsApp to break encryption for the intelligence services.
Over the weekend two security researchers spotted a Facebook spam campaign delivering Nemucod as well as Locky ransomware
A recently passed Russian law has given that country's security firms the green light to crack encrypted communications services.
Bloggers using the WordPress platform are "strongly encouraged" to update their sites immediately to address persistent XSS issues.
As Scotland Yard prepares to open an anti-trolling squad, Roi Perez examines whether or not this is perhaps a misguided use of government funds.
Scotland Yard is to setup a Twitter task force which will hunt offensive online comments, and bring those posting them to justice.
The Competitions and Markets Authority has warned two companies and dozens of online personalities against tweeting paid-for promotional messages disguised as unbiased recommendations.
A robust underground marketplace for the sale of stolen products from compromised accounts as well as shady online services has been detected in Russia.
To enhance the use of its web portal, gov.uk, the UK government is testing the use of its subscribers' social media logins as an authentication method.
Identity fraud shot up by 57 percent in 2015 and eclipsed all other types, according to new research by anti-fraud company Cifas.
A message seeming to come from a Facebook friend was instead a source of malware that ensnared 10,000 users.
Raj Samani, CTO EMEA of Intel Security, has warned of the risks of employees networking online. As social networking sites contain a wealth of information on an organisation, they can be a treasure trove for criminals wanting to carry out email-based attacks.
The recent tragedy at the Orlando nightclub has perhaps given new meaning to a report by ICIT on how radical groups like IS use social media to radicalise potential recruits
Tech-savvy ISIS sent out an alert that an unknown source has released fake Android apps that the terrorist group fears may be used to spy on them.
A hacker that has targeted several American social media sites has now hit the Russian version of Facebook