Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Phishing Attacks Increase by 54% as Initial Attack Vector for Access and Extortion Attacks

May 20, 2022 8:33:23 AM By Stu Sjouwerman
New analysis of threat activity for the first quarter of this year shows anyone with access to corporate email is a now on the front lines of modern cyberattacks of all kinds.
Continue Reading

It's More Than Phishing; How to Supercharge Your Security Awareness Training

May 19, 2022 4:12:55 PM By Stu Sjouwerman
Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple in Europe.
Continue Reading

Phishing Campaign Impersonates Shipping Giant Maersk

May 19, 2022 8:56:27 AM By Stu Sjouwerman
Researchers at Vade Secure warn of a large phishing campaign that's impersonating shipping giant Maersk to target thousands of users in New Zealand.
Continue Reading

WSJ: "Cyber Insurance Went Up A Whopping 92% In 2021"

May 18, 2022 8:45:08 AM By Stu Sjouwerman
Whoa Nellie, that's getting to be real money here. This is the kind of thing that starts cutting into your whole IT budget.
Continue Reading

Spear Phishing a Diplomat

May 17, 2022 9:30:09 AM By Stu Sjouwerman
Researchers at Fortinet observed a spear phishing attack that targeted a Jordanian diplomat late last month. The researchers attribute this attack to the Iranian state-sponsored threat ...
Continue Reading

CyberheistNews Vol 12 #20 [Heads Up] Now You Need to Watch Out for Spoofed Vanity URLs...

May 17, 2022 9:22:53 AM By Stu Sjouwerman
Continue Reading

Why People Fall for Scams

May 16, 2022 1:51:27 PM By Stu Sjouwerman
Scammers use a variety of tried-and-true tactics to trick people, according to André Lameiras at ESET. For example, they can easily find open-source information about people on the ...
Continue Reading

Think BEC Won’t Cost You Much? How Does $130 Million Sound?

May 13, 2022 8:05:12 AM By Stu Sjouwerman
A new lawsuit brings to light the all-too common occurrence of an attack, with this occurring during a business acquisition and costing the buyer more than they bargained for.
Continue Reading

Homeland Security: U.S. Ransomware Attacks Have Doubled in the Last Year

May 13, 2022 8:04:41 AM By Stu Sjouwerman
A March 2022 report from the Senate Committee on Homeland Security and Governmental Affairs zeros in on the growing problem of ransomware and lessons learned so far.
Continue Reading

Trezor Crypto Wallet Attacks Results in Class Action Lawsuit Against MailChimp Owner Intuit

May 12, 2022 12:23:17 PM By Stu Sjouwerman
Months after the MailChimp data breach targeting 102 companies in the crypto sector, a new lawsuit has been filed seeking millions of dollars in damages.
Continue Reading

Happy Credit Union Customers Become the Target of Spoofing Scams Due to a Lack of Email Security

May 12, 2022 12:22:16 PM By Stu Sjouwerman
Taking advantage of heightened levels of customer trust and satisfaction, along with lowered levels of properly implemented security, credit unions are seeing a rise in email-based scams.
Continue Reading

European Wind-Energy Sector Is the Latest Target of Russian State-Sponsored Attacks

May 12, 2022 12:21:37 PM By Stu Sjouwerman
While Russia consistently denies any launching of cyberattacks, attack details point to reasonable intent by and cybercriminal ties to the Russian government.
Continue Reading

Beware of Spoofed Vanity URLs

May 12, 2022 8:58:50 AM By Stu Sjouwerman
Researchers at Varonis warn that attackers are using customizable URLs (also known as vanity URLS) on SaaS services to craft more convincing phishing links. The attackers have used this ...
Continue Reading

KnowBe4 Earns 2022 Top Rated Award from TrustRadius

May 11, 2022 9:47:43 AM By Stu Sjouwerman
We are proud to announce that TrustRadius has recognized KnowBe4 with a 2022 Top Rated Award.
Continue Reading

Another Report of SEO in Phishing

May 11, 2022 8:56:12 AM By Stu Sjouwerman
Researchers at Netskope have observed a 450% increase in phishing downloads over the past twelve months, largely driven by attackers using SEO (search engine optimization) to improve the ...
Continue Reading

Mustang Panda Uses Spear Phishing to Conduct Cyberespionage

May 10, 2022 9:49:56 AM By Stu Sjouwerman
The China-based threat actor Mustang Panda is conducting spear phishing campaigns against organizations in NATO countries and Russia, as well as entities in the US and Asia, according to ...
Continue Reading

CyberheistNews Vol 12 #19 [Heads Up] There is a New Type of Phishing Campaign Using Simple Email Templates

May 10, 2022 9:38:48 AM By Stu Sjouwerman
Tricky SMTP Relay Email Spoofing. Man Convicted For 23M Phishing Scam. Email not displaying? | View Knowbe4 Blog CyberheistNews Vol 12 #19  |  May 10th, 2022 [Heads Up] There is a New ...
Continue Reading

Wave of Crypto Muggings Hits London's Financial District

May 9, 2022 10:29:12 AM By Stu Sjouwerman
Criminals in London are targeting digital currency investors on the street in a wave of “crypto muggings”, with victims reporting that thousands of pounds were stolen from their crypto ...
Continue Reading

Business Email Compromise Shouldn’t Be the Cost of Doing Business

May 9, 2022 9:11:25 AM By Stu Sjouwerman
The FBI last week published a public service announcement updating its warnings about the continuing threat of business email compromise (BEC, also called CEO fraud). The problem has ...
Continue Reading

10 of the Craziest Cyberattacks Seen In the Wild and How You Can Avoid Them

May 6, 2022 12:46:44 PM By Stu Sjouwerman
It feels like we hear about a new devastating cyberattack in the news every day. And attack methods seem to be proliferating at an exponential rate. So, which tactics should you be aware ...
Continue Reading
Subscribe

Search Our Blog


Anti-Phishing Guide ebook

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews