I recently warned of a very large recent upsurge in ransomware.  Now I must warn you to beware of new successful social engineering exploits.  What is social engineering?

Wikipedia has a good definition:

Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.

In other words, phishing, the internet term for social engineering scams is simply a way to trick you into doing something so that you reveal vital information like bank account info, tax return info or send money unwittingly to a devious person.

Let me tell you about social engineering exploits in three recent real world examples.  In the first case, City of Hope in Duarte, CA (City of Hope employees fall victim to phishing attack) had three employees targeted by a phishing scam. They unwittingly revealed protected health information (PHI) which by law must be kept confidential. In the other two cases, the loss of data was much more vast. Both Seagate Technologies (Seagate Phish Exposes All Employee W-2’s) and Snapchat (Snapchat falls hook, line & sinker in phishing attack: Employee data leaked after CEO email scam) had an employee get tricked into providing W2 information on all past and current...