Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

New Vendor Email Compromise Attack Seeks $36 Million

Mar 24, 2023 11:03:14 AM By Stu Sjouwerman
The details in this thwarted VEC attack demonstrate how the use of just a few key details can both establish credibility and indicate the entire thing is a scam.
Continue Reading

Ransomware Data Theft Extortion Goes up 40% to 70% From ‘21 to ’22

Mar 24, 2023 8:15:00 AM By Stu Sjouwerman
A report from Palo Alto Networks’ Unit 42 found that data theft extortion occurred in 70% of ransomware attacks in 2022, compared to 40% in 2021. The researchers examined the four most ...
Continue Reading

The Dangers of Vishing Campaigns and How To Protect Yourself

Mar 24, 2023 8:00:00 AM By Javvad Malik
In recent years, cybercrime has evolved to become more sophisticated than ever before. One of the up and coming methods used by criminals is vishing (voice phishing). This is where an ...
Continue Reading

[Live Demo] Customizing Your Compliance Training to Increase Effectiveness

Mar 23, 2023 10:52:07 AM By Stu Sjouwerman
Linking compliance training to specific outcomes is hard. Compliance training has a reputation for being challenging for organizations to offer, difficult to do right and employees are ...
Continue Reading

[Security Masterminds] Unlock Maximum Cybersecurity: 3 Crucial Steps to Enhance Your Capabilities, Coverage, and Culture

Mar 23, 2023 10:44:37 AM By James McQuiggan
Do you ever feel like you are always playing catch up regarding cybersecurity? That it is a never-ending game; no matter what you do, you are always one step behind. You are not alone. ...
Continue Reading

Users Clicking on Multiple Mobile Phishing Links Increases 637% in Just Two Years

Mar 23, 2023 8:13:58 AM By Stu Sjouwerman
New data shows that phishing mobile devices as an attack vector is growing in popularity – mostly because it’s increasingly working... in exponential terms.
Continue Reading

Cyber Insurers Quietly Remove Coverage for Social Engineering and Fraudulent Instruction Claims

Mar 23, 2023 8:13:56 AM By Stu Sjouwerman
As cyber insurers become more experienced in what kinds of claims are being presented, and the threat action details therein, specific types of coverages are no longer being included.
Continue Reading

Half of Organizations Report at Least Monthly Outages from Cyberattacks

Mar 23, 2023 8:13:51 AM By Stu Sjouwerman
New data on the current state of cybersecurity shows that organizations are experiencing challenges, falling behind, and seeing the impact of all this post-attack.
Continue Reading

Facebook and Microsoft Top the List of Most Impersonated Brands in 2022

Mar 23, 2023 8:13:49 AM By Stu Sjouwerman
As scammers continue to see massive returns on their phishing attacks, the use of impersonation with well-known brands continues to circle around the dominant players.
Continue Reading

When a USB Flash Drive is Actually a Bomb

Mar 22, 2023 9:52:30 AM By Stu Sjouwerman
A journalist based in Ecuador recently used a USB flash drive that was actually a legitimate bomb.
Continue Reading

Identifying AI-Enabled Phishing

Mar 22, 2023 9:52:28 AM By Stu Sjouwerman
Users need to adapt to an evolving threat landscape in which attackers can use AI tools like ChatGPT to craft extremely convincing phishing emails, according to Matthew Tyson at CSO.
Continue Reading

The Future of Cyber Attacks? Speed, More Speed

Mar 22, 2023 8:46:51 AM By Roger Grimes
I get asked all the time to “predict” the future of cybercrime. What will be the next big cyber attack? What will be the next paradigm platform shift that attackers will target? And so on.
Continue Reading

An Overview of Silicon Valley Bank Themed Social Engineering

Mar 21, 2023 10:21:00 AM By Stu Sjouwerman
Researchers at ReliaQuest warn that organizations should continue to be on the lookout for social engineering attacks related to Silicon Valley Bank (SVB).
Continue Reading

CyberheistNews Vol 13 #12 [Heads Up] This Week's New SVB Meltdown Social Engineering Attacks

Mar 21, 2023 9:00:00 AM By Stu Sjouwerman
CyberheistNews Vol 13 #12  |   March 21st, 2023 [Heads Up] This Week's New SVB Meltdown Social Engineering Attacks On Saturday March 11, I warned about the coming wave of phishing attacks ...
Continue Reading

Bill 96 in Québec Brings Up Important Point About Training in Native Language Everywhere

Mar 20, 2023 10:58:57 AM By John Just
A new law in Québec, Canada, that goes into effect this June  will require all policies and training materials assigned to employees within the province be provided in French. 
Continue Reading

[Eye Popper] The AI Genie Has Escaped: Stanford copied ChatGPT for a few hundred bucks

Mar 20, 2023 10:52:53 AM By Stu Sjouwerman
Yikes. Loz Blain at NewAtlas just reported that Stanford has copied the ChatGPT AI for less than $600. The article started out with: "Stanford's Alpaca AI performs similarly to the ...
Continue Reading

Report Shows Business Email Compromise (BEC) Attacks Increase and Phishing Used as Initial Attack Vector in the Last Year

Mar 20, 2023 10:08:42 AM By Stu Sjouwerman
Secureworks has published a report looking at cybercrime over the course of 2022, finding that business email compromise (BEC) attacks nearly doubled last year. Additionally, attacks in ...
Continue Reading

Warning Customers About Social Engineering.

Mar 18, 2023 1:58:48 PM By Stu Sjouwerman
It’s a familiar story: scam artists impersonate a trusted brand, a trusted business or a trusted authority in emails and on bogus sites designed to exploit that very trust to commit ...
Continue Reading

[Black Eye] The Lesson We Learned. Don't Let this Happen to You. #DMARC

Mar 18, 2023 1:15:43 PM By Roger Grimes
Mea Culpa. When you make a mistake, admit you made a mistake.
Continue Reading

Phishing Attacks Top List of Initial Access Vectors with Backdoor Deployment as Top Objective

Mar 17, 2023 2:19:15 PM By Stu Sjouwerman
New data looking back at the cyber attacks observed in 2022 shows that phishing continues to dominate as initial access brokers seem to be growing their business using backdoors.
Continue Reading
Subscribe

Search Our Blog


Free Phishing Security Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews