Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

U.S. May Face Cyberwar with Russia After Purported U.S. Attacks on Russian Power Grid

The hacking of Russia’s power grid by the U.S. has led to a formal warning from the Kremlin that could escalate into an all-out cyberwar with attacks on U.S. businesses, agencies, and ...
Continue Reading

“File Deletion” Alert Becomes the Latest Scam to Compromise Office 365 Credentials

Attackers use simple cause for concern as the basis of a scam intent on tricking victims into offering up their Office 365 credentials.
Continue Reading

Two-Thirds of Organizations See an Increase in Impersonation Attacks

Nothing fools a user like an email seemingly from someone they know. And, according to the latest data from Mimecast, the bad guys are stepping up their impersonation game.
Continue Reading

Business Email Compromise Continues to Rise with Malicious URLs as the Favorite Among Attackers

According to the latest research by Proofpoint, attackers are fine-tuning their efforts to increase the success of BEC campaigns.
Continue Reading

Ransomware Halts Production For Days At Major Airplane Parts Manufacturer

As a result of having IT systems crippled by the ransomware infection, the company has sent home approximately 1,000 of its 1,400 workers on paid leave.
Continue Reading

Voicemail Phishing Scam Steals Credentials

A new phishing campaign is asking victims to click on a link in an email to download a voicemail, My Online Security reports. When recipients click on the link, they’ll be redirected to a ...
Continue Reading

FBI’s Advice on Spotting Phishing

The FBI’s Internet Crime Complaint Center (IC3) released a PSA warning that attackers are exploiting people’s trust in sites that use HTTPS. Cybersecurity training has in the past rightly ...
Continue Reading

No, Government Contractors Can't Falsify Claims of Compliance with Cybersecurity Standards

Seems obvious, but a recent lawsuit highlights the need for government contractors to comply with government-mandated cybersecurity controls.
Continue Reading

Social Engineering is at the Root of Nearly all Fraud Attacks

According to the latest fraud report from RSA, all four of the documented fraud attack methods use some form of social engineering to trick victims into giving up their money.
Continue Reading

Case Law Continues to Define the Extent to Which Cyber Insurance Must Cover Losses

Several new cases show the evolution of case law that demonstrates what both cyber insurers and policyholders alike can expect from the courts.
Continue Reading

Europol Reminder on Ticket Fraud

Offers that sound too good to be true probably are. It’s an old saw, but one that’s worth revisiting. The too-good-to-be-true offers are most likely fraudulent, according to an alert ...
Continue Reading

Tax Phishing in the UK

Her Majesty's Revenue and Customs (HMRC) has processed 2.6 million reports of attempted phishing attacks since 2016, Infosecurity Magazine reports. More than 1.9 million of these phishing ...
Continue Reading

Meet The New InfoSec Unicorn: KnowBe4. Thank You For Your Trust!

We're super happy to announce this new milestone. KnowBe4 has reached unicorn status valuing the company at $1 billion with the new KKR $300 million investment. You can read the press ...
Continue Reading

Extortion Threatens Reputational Damage

Scammers are sending emails threatening to damage the reputation of websites unless the sites’ owners hand over 0.3 bitcoin, or around $2,400, according to BleepingComputer.
Continue Reading

The CIA will not Fix Your Online Rap Sheet

Scammers are still posing as CIA employees and telling victims that they’re about to be arrested for their involvement in an international pedophile ring, according to the Register. The ...
Continue Reading

Corporate Email Creates Unavoidable Risk

It’s impossible to avoid the risk of phishing attacks entirely, since employees still need to do their jobs, as Kelly Sheridan at Dark Reading puts it. Sheridan points to a recent report ...
Continue Reading

[Heads-Up] How Hackers Use Ransomware To Hide Data Breaches And Other Devastating Attacks

Different sources claim that ransomware attacks are either going up or going down. The very real threat remains though and it is clear that the bad guys are moving from consumers as their ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews