Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Stu Sjouwerman

Recent Posts

Think Tanks Targeted by APT Actors

Dec 3, 2020 8:28:48 AM By Stu Sjouwerman
The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory warning that nation-state advanced persistent threat (APT) actors are targeting US ...
Continue Reading

How Are Credential-Theft Phishing Websites Avoiding Detection? They Just Invert the Website Background

Dec 3, 2020 8:21:40 AM By Stu Sjouwerman
Sometimes the easiest solution is the best solution. And in the case of phishing attacks intent of stealing credentials using a fake logon page, it appears that background inversion does ...
Continue Reading

Number of Phishing Websites Double and Unique Phishing Campaigns Triple in Q3

Dec 3, 2020 8:19:09 AM By Stu Sjouwerman
New data shows the bad guys have been working diligently to step up their game on both the front and back end of phishing attacks, despite still being mid-pandemic.
Continue Reading

Maze Ransomware Group Retires (Retires!), Leaving a Gap in the Ransomware Marketplace

Dec 3, 2020 8:16:06 AM By Stu Sjouwerman
The news last month of the “retirement” of Maze should be a warning to organizations wondering what ransomware will come next and how much worse will it be.
Continue Reading

When the Bad Guys Hide in Plain Sight: Hacking Platforms You Know and Trust

Dec 3, 2020 8:15:00 AM By Stu Sjouwerman
Today’s hackers are concealing their attacks in places you wouldn’t expect… utilizing tools your users know and trust to deliver their malicious payloads. Secure email services with ...
Continue Reading

KnowBe4 Fresh Content Updates from November: Including A New Holiday Training Resource Kit

Dec 3, 2020 8:00:00 AM By Stu Sjouwerman
Here are important fresh content updates and new features to share with you for the month of November.
Continue Reading

Average Ransomware Payment Significantly Increases Risk

Dec 2, 2020 11:05:57 AM By Stu Sjouwerman
The average ransomware payout has increased by 178% over the past year, according to researchers at Atlas VPN. In Q4 2019, the payments averaged $84,000. By Q3 2020, the average payment ...
Continue Reading

[HEADS UP] FBI Warns US Companies of BEC Scammers

Dec 1, 2020 1:49:29 PM By Stu Sjouwerman
The Federal Bureau Investigation is issuing warnings to US companies that are taking advantage of email auto-forwarding. If successful, this would fall right into the trap of a business ...
Continue Reading

South African Post Office Issues Warning on Postal Phishing Attack

Dec 1, 2020 11:51:55 AM By Stu Sjouwerman
The South African Post Office recently issued a warning about a phishing attack. The post office advised everyone to delete the email immediately.
Continue Reading

CyberheistNews Vol 10 #49 [Eye Opener] How Many Phishing Sites? A Whopping 2 Million in 2020 So Far

Dec 1, 2020 9:34:39 AM By Stu Sjouwerman
Continue Reading

Zoom Impersonation a New Variant of Familiar Phishbait

Dec 1, 2020 8:23:31 AM By Stu Sjouwerman
Zoom-themed phishing attacks have spiked since the start of the pandemic, the Better Business Bureau (BBB) warns. Attackers adapted quickly earlier this year when a large portion of ...
Continue Reading

Giving Tuesday Means an Influx of Charity Scams

Dec 1, 2020 8:00:00 AM By Stu Sjouwerman
Giving Tuesday is a great idea for organizations and people to give back to people in need, especially during the COVID-19 pandemic. However, this causes concern for an increase in ...
Continue Reading

Fake Zoom Invite Leads to one Australian Company's Downfall

Nov 30, 2020 1:19:51 PM By Stu Sjouwerman
We've previously written blog posts to be cautious of suspicious Zoom meeting links, and we even reported a huge increase in phishing attacks using Zoom of August this year. The heads-up ...
Continue Reading

Is the Secret to Stopping Cyberattacks Making Users "Phishing Aware"?

Nov 30, 2020 10:02:08 AM By Stu Sjouwerman
The sheer volume of successful phishing attacks indicates that security solutions – at very least – aren’t stopping all attacks. So how does security awareness training help top attacks ...
Continue Reading

Phishing Attacks in the U.K. Rise by 73% During Pandemic Months as Vishing and Smishing Attacks Also Increase

Nov 30, 2020 9:58:43 AM By Stu Sjouwerman
Cybercriminals have taken full advantage of COVID-19 by launching themed phishing attacks in previously unseen numbers targeting both individuals and businesses.
Continue Reading

Egregor Ransomware Finds a New Way to Inform You That You’re a Victim of Cyberattack: Printers

Nov 30, 2020 9:54:14 AM By Stu Sjouwerman
Unlike the traditional methods of notifying victim organizations by simply taking over a computer or providing a “readme” text file, this new method has some devilish benefits.
Continue Reading

See Ridiculously Easy Security Awareness Training and Phishing

Nov 30, 2020 9:15:00 AM By Stu Sjouwerman
Join us for a live demo on Security Awareness Training and phishing in action!
Continue Reading

Journalists Need Phishing Awareness, Too

Nov 30, 2020 8:25:33 AM By Stu Sjouwerman
All types of journalists need to be wary of phishing and other social engineering attacks, according to Jacob Granger, writing at Journalism.co.uk. Granger quotes digital security expert ...
Continue Reading

[Heads-Up] A Hacker Is Selling Access To The Email Accounts Of Hundreds Of C-Level Executives

Nov 27, 2020 11:52:05 AM By Stu Sjouwerman
ZDNet's Zero Day column just reported one of the best reasons why you should step your users through new-school security awareness training yet:
Continue Reading

The Risk of the “To” Line

Nov 25, 2020 2:26:34 PM By Stu Sjouwerman
Micropayments company Coil accidentally exposed at least a thousand of its customers’ email addresses by including their addresses in the “To” field of an email, BleepingComputer reports. ...
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews