Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

Bad News: Your Antivirus Detection Rates Have Dramatically Declined In 12 Months

We all had the nagging suspicion that antivirus is not cutting it anymore, but the following numbers confirm your intuition. I have not seen more powerful ammo for IT security budget to transform your employees into an effective "last line of defense": a human firewall.

Scam Of The Week: IRS Issues Warning On New Tax Phishing Attack

It's unbelievable, but the new tax season is around the corner and the bad guys are already at it. This is a two-phase phishing scam of the week you need to watch out for: 

PHASE 1: Cybercriminals are sending emails, posing as potential clients, and interested in services from tax professionals. Something with the innocent subject "I need a preparer to file my taxes."

The tax preparer responds, and the bad guys send a second email with a malicious attachment claiming to contain the client tax information. The tax preparer falls for this social engineering attack and opens the attachment (likely enables macros) and that compromises the machine and now the bad guys own the tax preparer's computer.

Sophisticated "Spora" Ransomware Demands Future Protection Money

Emsisoft researchers dissected a new ransomware strain that demands users not only pay to recover their encrypted files, but also for immunity from future attacks.

The threat is called Spora, and it's the work of highly professional bad guys. If you look at the well-implemented encryption procedures, no need of a C&C server, the user-friendly payment site, the choice of different “packages” that victims can choose, and the RaaS capability. If you get hit with this strain, you can opt to recover just your encrypted files, but also "gain immunity" from future attacks. 

CyberheistNews Vol 7 #2 Heads-Up! Massive New Locky Ransomware Attack Is Coming

CyberheistNews | KnowBe4

300+ New Ways to Stop Your Users from Clicking on Everything!

You now really have 300+ new ways to make sure your users Think Before They Click!

I Don't Need No Friggen Backup Plan For Ransomware

Did I get your attention?

The picture here raised my eyebrows, because of its patent nonsense. Elizabeth Holmes stated this in an interview about being an entrepreneur.

It's a bit like Alexander the Great, who created an empire that stretched from his home in Macedonia to India, and ostentatiously burned his ships when arriving in Persia in 334BC.

The Who Behind The Why Of Relentless Phishing And Ransomware Attacks

Why are organizations in the West subjected to relentless phishing and ransomware attacks? We need to go back in history for a bit to understand what caused this, and determine how we can best prepare ourselves.

Criminal India Call Center Uses Social Engineering To Scam 15,000 Americans

I got alerted by a Slashdot story about we have been covering here several times. 

An FBI agent based in India says the country has now become a major hub for call-center fraud, blaming "a demographic bulge of computer-savvy, young, English-speaking job seekers; a vast call-center culture; super-efficient technology; and what can only be described as ingenuity."

Heads-Up! Massive New Locky Ransomware Attack Is Coming

Jan Sirmer at the Avast blog wrote: "Based on analysis of past Locky ransomware attacks, experts in the Avast Threat Labs predict that another attack is imminent.

Locky has taken a holiday of sorts. Avast detection of Locky shows that attacks have slowed down considerably during the days before Christmas through New Year and leading up to Eastern Orthodox Christmas, which is celebrated in Russia on January 7.

Scam Of The Week: Locked PDF Phishing Attack

Wednesday Jan 4th, the SANS Internet Storm Center warned about an active phishing campaign that has malicious PDF attachments in a new scam to steal email credentials.

The SANS bulletin said that the email has the subject line “Assessment document” and the body contains a single PDF attachment that claims to be locked. A message reads: “PDF Secure File UNLOCK to Access File Content.”

John Bambenek, handler at SANS Internet Storm Center said: “This is an untargeted phishing campaign. They are not going after the most sophisticated users. They are going after Joe Cubicle that may not think twice about entering credentials to unlock a PDF,”

This is a large spray-and-pray campaign that hopes to get a small foothold into your org via an email account and then compromise, tunnel in or send spear-phishing attacks. Here is how it looks:

Subscribe To Our Blog

Phish Your Users

Get the latest about social engineering

Subscribe to CyberheistNews