Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Initial Access Broker Phishing

Cisco has disclosed a security incident that occurred as a result of sophisticated voice phishing attacks that targeted employees, according to researchers at Cisco Talos. The researchers ...
Continue Reading

U.S. Government Warns of Increased Texting Scams as Mobile Attacks are Up 100%

Cyberattacks via SMS messaging are on the rise, and are having such an impact, the Federal Communications Commission has released an advisory on Robotext phishing attacks (or smishing).
Continue Reading

Massive Network of Over 10,000 Fake Investment Sites Targets Europe

Using a mix of compromised social media accounts, social engineering, call center agents, and some convincing websites, this latest scam seeks to get victims to repeatedly “invest”.
Continue Reading

Phishing-as-a-Service Platform “Robin Banks” Helps Cybercriminals Target Customers of Financial Institutions

Initial Access Brokers (IABs) are one of the new breeds of cybercrime services. But this newest PhaaS platform makes it easy for anyone to target banks for as little as $50 monthly.
Continue Reading

92% of Organizations Have Experienced a Security Incident as a Result of an Email-Borne Threat

New data shows that not only are email-borne threats increasing, but that current integrated cloud email security solutions do little to detect and stop advanced email-based threats.
Continue Reading

New Paypal Phishing Scam Uses “Legitimate” Invoices to Reach Victim Inboxes

Newer phishing scams are looking for ways to make legitimate websites do the work of delivering malicious messages to unsuspecting victims – this new scam achieves it perfectly.
Continue Reading

SolidBit Ransomware Targets League of Legends Players

Researchers at Trend Micro warn that a SolidBit ransomware variant is being distributed via fraudulent software targeting video game players and social media users. The malware is being ...
Continue Reading

Recent Cisco Hack by Ransomware Group Started Because of a Phishing Attack

In a recent article by Forbes, Cisco confirmed that they were hacked by a ransomware group as the group of cybercriminals published a partial list of files that were claimed to be ...
Continue Reading

The Top 8 Most Common Types of DNS Records

This article is a good technical overview of DNS that can help you prevent spoofing. This is a cross-post from the EasyDMARC blog, a new KnowBe4 Ventures portfolio company. 
Continue Reading

DPRK Operators Impersonate CoinBase

North Korea’s Lazarus Group is running a new phishing campaign targeting Coinbase accounts, BleepingComputer reports. The threat actors are posing as Coinbase and targeting people with ...
Continue Reading

New Phishing Campaign is Now Targeting Coinbase Users

If you're a Coinbase user, you are most likely the next target of a new phishing campaign. Cybercriminals have managed to infiltrate two-factor authentication and deploying other social ...
Continue Reading

Hacking the Hacker: Assessing and Addressing Your Organization’s Cyber Defense Weaknesses

Cybercriminals are out there, watching and waiting for the perfect opportunity. They are gathering information about your organization and users, devising the perfect plan to infiltrate ...
Continue Reading

Cash App Scams Strikes Again With New Types of Attacks

TradeArabia has published a report about common scams on CashApp, explaining that scammers frequently take advantage of CashApp promotions, like the weekly money giveaway, “Super Cash App ...
Continue Reading

New Research Shows Social Engineering and Phishing are the Top Threats

According to the CS Hub Mid-Year Market Report 2022, new findings shows that 75% of survey respondents believe that social engineering and phishing attacks are the top threat vector to ...
Continue Reading

Twilio hacked by phishing campaign targeting internet companies

Communications giant Twilio has confirmed hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials. 
Continue Reading

WSJ: "Cyber Insurance Prices Soar"

The WSJ reported Aug 8, 2020: It is becoming more expensive and difficult for companies to get or renew cyber insurance. The price of U.S. cyber insurance policies increased by 79% from a ...
Continue Reading

Cybercriminals Go to College with New Phishing Attacks

The summer is winding up, and the traditional academic year is approaching. And amid the welcomes from the deans of students, the activities coordinators, the academic advisors and so on, ...
Continue Reading

LinkedIn Continues its Reign as the Most-Impersonated Brand in Phishing Attacks

As cybercriminals look for novel and effective ways to gain entrance to a victim network, LinkedIn is proving to be fruitful enough to keep the attention of phishing scammers.
Continue Reading

Ransomware Attack Downtime Costs in the U.S. Rise to Nearly $160 Billion

New data based on tracked, publicly-confirmed ransomware attacks shows that downtime – and the associated cost – is increasing at an alarming rate as nearly half of attacks see a ransom ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews