Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Phishing Attacks Against State and Local Governments Are Surging

Researchers at Abnormal Security have observed a 360% increase in phishing attacks against state and local government entities over the past year.
Continue Reading

Ransomware Attacks on Healthcare Is Costing Lives

Ransomware is more prolific and expensive than ever. Depending on the source you read, the average or median ransomware payment was at least several hundred thousand dollars to well over ...
Continue Reading

Russian Spear Phishing Campaigns Target NATO Entities

Researchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has ...
Continue Reading

From Policy to Practice in Security Culture: What Security Frameworks Recommend

Recently I had to prepare for a governance, risk and compliance conference. I promptly realized that although I used to be quite immersed in this field as an ISO 27k implementation ...
Continue Reading

New Phishing Platform Targets Microsoft 365 Accounts at Financial Firms

Analysis of the latest phishing-as-a-service (PhaaS) platform ONNX Store highlights just how successful these platforms can be.
Continue Reading

Amazon-Related Scams Spike Ahead of Prime Day

Researchers at Check Point observed more than a thousand newly registered malicious or suspicious web domains related to Amazon last month. The criminals are likely gearing up to target ...
Continue Reading

Phishing Attacks Target High Profile YouTube Accounts

Researchers at ESET warn of phishing attacks that are attempting to hack high-profile YouTube channels in order to spread scams or malware.
Continue Reading

The Importance of Security Culture: When Telecom Giants Resort to Malware

I recently read a story about a South Korean telecom company that pushed out malware to over 600,000 of its customers who were using torrents to share files, in a bid to limit their ...
Continue Reading

Travelers Beware: Booking.com Warns of Increases in AI-Enabled Travel Scams

In an interview at the Collision technology conference in Toronto, Booking.com’s CISO sounds the alarm on what she calls “supercharged artificial intelligence (AI) scams.”
Continue Reading

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

State-Sponsored Phishing Campaigns Target 40,000 VIP Individuals

Researchers at Menlo Security discovered three state-sponsored phishing campaigns that have targeted 40,000 important individuals over the past three months. “In a recent 90-day period, ...
Continue Reading

Don't Fall for It: How to Spot Social Media Job Scams a Mile Away

As social media becomes more intertwined with our daily routines, cybercriminals are using it to trick people with fake job offers. What are these social-media recruitment scams, and how ...
Continue Reading

Phishing Attacks Themed Around Popular Weight Loss Drugs Increase 183%

As popularity grows for these proven methods of weight loss, scammers have taken note and have placed a significant focus on separating victims from their money.
Continue Reading

New “Paste and Run” Phishing Technique Makes CTRL-V A Cyber Attack Accomplice

A new phishing campaign tries to trick email recipients into pasting and executing malicious commands on their system that installs DarkGate malware.
Continue Reading

[Urgent Alert] 5 Critical Steps to Shield Your Teens from Rising Sextortion

A few weeks ago, I was privileged to visit the 8th grade of a high-school here in Cape Town and talk to the students about cybersecurity, social media, and emerging technology. It was a ...
Continue Reading

Ransomware Attack on U.K. Health Service Laboratory Disrupts Major London Hospital Services

What likely started as a quick ransomware “smash and grab” has turned into a headline case resulting in responses from both U.K. and U.S. law enforcement.
Continue Reading

Hacked Customer Support Portal Being Used to Send Phishing Emails

A hacked customer support portal belonging to router manufacturer Mercku is being used to respond to customer queries with phishing emails, BleepingComputer reports.
Continue Reading

The Curious Case of the Payroll Pilfering

In a world where cyber espionage has become as common as a rainy day in London, the recent events surrounding the UK armed forces' payroll database have had us all raising our eyebrows ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews