Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Collaring the (Alleged) Leader of a BEC Gang

May 26, 2022 8:44:12 AM By Stu Sjouwerman
A joint operation by INTERPOL and the cybercrime unit of the Nigeria Police Force have concluded a yearlong investigation into the SilverTerrier business email compromise gang by ...
Continue Reading

Verizon: Ransomware Involved in 25% of Data Breaches as Credentials and Phishing are Seen as “Key Paths” for Attack Success

May 25, 2022 12:30:10 PM By Stu Sjouwerman
With the much-anticipated annual Verizon Data Breach Investigations Report finally released, we get a view of ransomware from the data breach perspective that points to a common weakness ...
Continue Reading

That’s Not Actually Elon Musk

May 25, 2022 8:55:58 AM By Stu Sjouwerman
Scammers are using deepfake videos of Elon Musk in an attempt to trick people into handing over cryptocurrency, BleepingComputer reports. The scammers set up a phony cryptocurrency ...
Continue Reading

New Scam Uses Fraud Support Social Engineering to Take Victims for Thousands of Dollars

May 24, 2022 9:54:37 AM By Stu Sjouwerman
A new scam borrows a page from the tech support scams that target older victims telling them potential fraud has been found, offering to “help” solve the issue and ultimately asking for ...
Continue Reading

Phishing Scammers Benefit from Shady SEO Practices to Rank Better Than Legitimate Domains

May 24, 2022 9:54:10 AM By Stu Sjouwerman
So-called “Black Hat SEO” services have popped up on Dark Web forums bringing advantageous search results to anyone willing to pay a small monthly fee.
Continue Reading

New IRS Phishing Scam Uses Fake Notices to Steal Microsoft 365 Credentials

May 24, 2022 9:53:40 AM By Stu Sjouwerman
Scammers use an “overdue tax bill” along with a sophisticated and obfuscated javascript-based “invoice” attachment to identify targeted victims, validate credentials, and transmit them ...
Continue Reading

FBI Director Warns of “Unprecedented” Cyberespionage Attacks Originating in China

May 24, 2022 9:53:06 AM By Stu Sjouwerman
FBI Director Christopher Wray highlighted China’s role in cyberespionage in a recent 60-Minutes news segment, saying the level of attacks the U.S. is seeing is “unprecedented in history.”
Continue Reading

New Phishing Attack Uses Malicious Chatbot For Real Time Social Engineering

May 24, 2022 9:52:21 AM By Stu Sjouwerman
Researchers at Trustwave have observed a phishing campaign that uses a chatbot to add legitimacy to the scam. The chatbot is on a harmless website, and is designed to convince the user to ...
Continue Reading

CyberheistNews Vol 12 #21 [EYE OPENER] Your Cyber Insurance Went up a Whopping 92% Last Year

May 24, 2022 9:31:08 AM By Stu Sjouwerman
Continue Reading

Don't Just Have a Compliance Season, Have a Culture of Compliance

May 23, 2022 8:00:00 AM By John Just
“We want compliance training to be impactful like your security awareness training.”
Continue Reading

Phishing Attacks Increase by 54% as Initial Attack Vector for Access and Extortion Attacks

May 20, 2022 8:33:23 AM By Stu Sjouwerman
New analysis of threat activity for the first quarter of this year shows anyone with access to corporate email is a now on the front lines of modern cyberattacks of all kinds.
Continue Reading

It's More Than Phishing; How to Supercharge Your Security Awareness Training

May 19, 2022 4:12:55 PM By Stu Sjouwerman
Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple in Europe.
Continue Reading

Phishing Campaign Impersonates Shipping Giant Maersk

May 19, 2022 8:56:27 AM By Stu Sjouwerman
Researchers at Vade Secure warn of a large phishing campaign that's impersonating shipping giant Maersk to target thousands of users in New Zealand.
Continue Reading

WSJ: "Cyber Insurance Went Up A Whopping 92% In 2021"

May 18, 2022 8:45:08 AM By Stu Sjouwerman
Whoa Nellie, that's getting to be real money here. This is the kind of thing that starts cutting into your whole IT budget.
Continue Reading

Spear Phishing a Diplomat

May 17, 2022 9:30:09 AM By Stu Sjouwerman
Researchers at Fortinet observed a spear phishing attack that targeted a Jordanian diplomat late last month. The researchers attribute this attack to the Iranian state-sponsored threat ...
Continue Reading

CyberheistNews Vol 12 #20 [Heads Up] Now You Need to Watch Out for Spoofed Vanity URLs...

May 17, 2022 9:22:53 AM By Stu Sjouwerman
Continue Reading

Why People Fall for Scams

May 16, 2022 1:51:27 PM By Stu Sjouwerman
Scammers use a variety of tried-and-true tactics to trick people, according to André Lameiras at ESET. For example, they can easily find open-source information about people on the ...
Continue Reading

Think BEC Won’t Cost You Much? How Does $130 Million Sound?

May 13, 2022 8:05:12 AM By Stu Sjouwerman
A new lawsuit brings to light the all-too common occurrence of an attack, with this occurring during a business acquisition and costing the buyer more than they bargained for.
Continue Reading

Homeland Security: U.S. Ransomware Attacks Have Doubled in the Last Year

May 13, 2022 8:04:41 AM By Stu Sjouwerman
A March 2022 report from the Senate Committee on Homeland Security and Governmental Affairs zeros in on the growing problem of ransomware and lessons learned so far.
Continue Reading

Trezor Crypto Wallet Attacks Results in Class Action Lawsuit Against MailChimp Owner Intuit

May 12, 2022 12:23:17 PM By Stu Sjouwerman
Months after the MailChimp data breach targeting 102 companies in the crypto sector, a new lawsuit has been filed seeking millions of dollars in damages.
Continue Reading
Subscribe

Search Our Blog


Anti-Phishing Guide ebook

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews