Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

Insurance Company On The Hook for 1.7 Million Dollars After Denying BEC Scam Claim

An article in the insurance Journal reports that the 11th Circuit Court in Atlanta agreed with a district court ruling that insurance company "Ironshore" is still on the hook for paying a ...
Continue Reading

What's in it for the Social Engineers?

A necessary skill for any successful hacker is an understanding of how the human mind works, according to a post in IT Pro. Knowing how to manipulate technology is a major part of the ...
Continue Reading

Last Chance to Try the Free Domain Spoof Test to Win $500 Amazon Gift Card!

Are you aware that one of the first things hackers try is to see if they can spoof the email address of someone in your own domain?
Continue Reading

67% of UK Employees Flout Internal IT Security Rules

Businesses are leaving themselves unnecessarily exposed to significant security risks, it’s claimed by a cloud and IT business continuity services company, According to Databarracks’ data ...
Continue Reading

MimeCast Warns of New Phishing Attacks in South Africa

With two new alerts regarding elevated risks of phishing attacks against consumers – one from DStv, and another from the New Development Bank – South Africans are warned to take care when ...
Continue Reading

New Ransomware Attack Reboots Systems into Safe Mode to Bypass Antivirus!

The latest strain of Snatch ransomware performs a devious task to ensure tools designed to protect against ransomware are nowhere to be found during encryption.
Continue Reading

Social Engineering via Elder Scrolls

Scammers are going after Elder Scrolls Online accounts by posing as the game’s developers and informing players that their accounts will be banned unless they hand over their credentials, ...
Continue Reading

Have Your Users Been Exposed in the 8.5 Billion Breached Records This Year?

Data breaches are getting bigger, the bad guys are getting more cunning, and the amount of compromised data is unfortunately continuing to rise. According to RiskBased Security, breach ...
Continue Reading

Ransomware at Colorado IT Provider Affects 100+ Dental Offices

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices, ...
Continue Reading

Big Bad BEC

A Chinese venture capital firm was scammed out of $1 million in a noteworthy BEC (Business Email Compromise, or CEO fraud) scam, CyberScoop reports. The million dollars was supposed to be ...
Continue Reading

Police warn of new 'line-trapping technology' being used to scam people over the phone

TORONTO -- A new piece of sophisticated technology is being used by fraudsters to scam unsuspecting people over the phone. Police said a woman in York Region received a call earlier this ...
Continue Reading

KnowBe4 Content Updates and New Resources - November 2019

We've got a few important updates to share with you for the month of November!
Continue Reading

63% of Workers Reuse Passwords For Multiple Work Devices and Applications

According to Enterprise Strategy Group, 63% of workers have reported using the same password for multiple work devices and/or applications. This just one statistic from ESG's upcoming ...
Continue Reading

Feds Charge Russians In Massive $100 Million Bank Phishing Scheme

The U.S. Justice and Treasury departments took action Thursday against a Russian hacking group known as “Evil Corp.,” which stole “at least” $100 million from banks using phishing attacks ...
Continue Reading

[Heads Up] Iran Has Launched Evil New Malware That Wipes Your Windows Workstations

Zak Doffman posted: "Iran’s state-sponsored hackers have deployed a new strain of malicious malware, warns IBM, which has been aimed at the “industrial and energy sectors” in the Middle ...
Continue Reading

You Have Not Suffered A Data Breach But How Do You Prevent Credential-Stuffing Attacks?

Frequent data breaches and the widespread availability of automated tools to take advantage of the compromised information have greatly increased the efficiency of credential stuffing ...
Continue Reading

Spotting the Gaps: Is Your Traditional Security Stack Giving You a False Sense of Security?

Endpoint security, firewalls, VPNs, authentication systems… we’ve all got them. But do they really provide the comprehensive level of security your organization needs to keep the bad guys ...
Continue Reading

Europol Finds Majority of Attack Groups Rely on Spear Phishing as Primary Infection Vector

A new report from Europol’s European Cybercrime Center (EC3) breaks down how targeted phishing attacks are being done, and how to avoid becoming a victim.
Continue Reading

Gift Card Scams are Decreasing in Light of Other Business Email Compromise Scams

New data from email security vendor Agari shows Business Email Compromise (BEC) attacks shifting tactics last quarter, in favor of scams resulting in larger payouts.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews