Researchers at Cisco have come across a campaign in which malicious actors sent out bogus Microsoft Volume Licensing Service Center (VLSC) emails in an effort to trick corporate users into installing a piece of malware.
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Businesses usually don’t think about social engineering when securing company data. It used to be believed that social engineering was reserved for governments and organizations with enemies. That's not the case anymore.