Stu Sjouwerman

90% of All Cyber Attacks on Organizations Involve Social Engineering

Oct 1, 2021 1:08:42 PM By Stu Sjouwerman

It’s official: threat actors and cybercriminal gangs alike are enlightened and have locked in on the use of social engineering as the primary means to trick recipients into becoming ...

Phishing Campaign Impersonates Zix Messages

Oct 1, 2021 1:06:13 PM By Stu Sjouwerman

Researchers at Armorblox have spotted a credential phishing campaign that’s impersonating encrypted communications from Zix. The emails contain a link to download an HTML attachment.

Europol: Italian Mafia Tied to Cybercriminals Responsible for €10 Million in Cyberattacks

Sep 30, 2021 8:19:31 AM By Stu Sjouwerman

The recent dismantling of a cybercriminal gang has uncovered ties to the Italian Mafia, demonstrating that even traditional organized crime is moving to cyber.

5th Circuit Court Finds Cyber Insurer Must Pay for $1 Million Social Engineering Attack

Sep 30, 2021 8:19:24 AM By Stu Sjouwerman

A simple social engineered Business Email Compromise attack resulted in fraud that the cyber insurer contended was not covered under the policy.

Phishing Kits and Phishing-as-a-Service Responsible for Over 300,000 URLs Used in Phishing Attacks

Sep 30, 2021 8:19:15 AM By Stu Sjouwerman

Lowering the barrier to market even more, this new Phishing as a Service (PhaaS) spotted by Microsoft puts quality phishing templates and sites into the hands of any would-be cyber ...

Someone's Impersonating the California DMV in Texts

Sep 29, 2021 9:00:09 AM By Stu Sjouwerman

The California DMV has warned of an ongoing smishing campaign seeking customers’ personal and financial information, Pasadena Now reports.

CyberheistNews Vol 11 #38 [EYE OPENER] Over 100 Million Lost to Romance/Crypto Scams in First Seven Months

Sep 28, 2021 9:29:24 AM By Stu Sjouwerman

Google Ads Abused to Deliver Malware

Sep 28, 2021 8:40:32 AM By Stu Sjouwerman

Cybercriminals are using malicious Google Ads to deliver the ZLoader banking Trojan, ZDNet reports. Researchers at Microsoft stated on Twitter that attackers are purchasing Google Ads ...

New Tactic: Shortened LinkedIn URLs Are Now Used As Phish Hooks

Sep 27, 2021 8:32:30 AM By Stu Sjouwerman

Scammers are using shortened LinkedIn URLs to disguise phishing links, according to Jeremy Fuchs at Avanan. LinkedIn automatically shortens links that are longer than 26 characters. The ...

WHAT IS XDR (EXTENDED DETECTION AND RESPONSE)?

Sep 24, 2021 2:45:23 PM By Stu Sjouwerman

ReliaQuest published a good article a little while back that quickly defines XDR and what it can do for you. This may save you some time and gets you up to speed on the latest security ...

Newest iPhone Launch is Now a Scammer's Advantage

Sep 23, 2021 8:50:49 AM By Stu Sjouwerman

Scammers are taking advantage of the launch of iPhone 13, according to researchers at Zscaler. The launch event was streamed live last week on Apple’s official YouTube channel, and ...

KnowBe4 Named a Leader in the Fall 2021 G2 Grid Report for Security Awareness Training

Sep 23, 2021 8:34:53 AM By Stu Sjouwerman

The latest G2 Grid Report compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence.

[HEADS UP] Millions of malicious emails will slip past security filters in Q4

Sep 22, 2021 5:00:00 PM By Stu Sjouwerman

Researchers at Tessian have published a report looking at recent trends in spear phishing attacks. The researchers found that 45% of employees said that they clicked on a phishing email ...

Executives: Ransomware is the Greatest Threat Concern, But Few are Actually Prepared

Sep 22, 2021 4:04:30 PM By Stu Sjouwerman

A new poll from Deloitte shows organizations are all too aware of the problem of ransomware, but aren’t ready to respond to the specific ransomware scenario given that the attackers have ...

Travel-Related Phishing Scams and Websites Surge More Than 400%

Sep 22, 2021 4:04:22 PM By Stu Sjouwerman

Pent-up demand for traveling – both domestically and internationally – has driven an interest by cybercriminals to take advantage of those traveling to become phishing victims.

$1 Trillion Infrastructure Bill is the Catalyst for DOT-Impersonated Phishing Attacks Targeting Contractors

Sep 22, 2021 4:04:15 PM By Stu Sjouwerman

Offering targeted victim organizations an opportunity to bid on infrastructure projects, this scam seeks to harvest credentials using a new mix of tactics to evade detection.

Social Media Quizzes May Be Data Scrapers Building Victim Profiles

Sep 21, 2021 3:58:01 PM By Stu Sjouwerman

The seemingly benign quizzes asking personal details take advantage of individuals’ willingness to share and could be used to establish passwords, password hints, and more.

Kaspersky: Use of New QakBot Banking Trojan that Steals Emails Up 65%

Sep 21, 2021 3:57:53 PM By Stu Sjouwerman

Representing a new evolution of banking trojan, QakBot proves to be a formidable adversary against security defenses with its’ ability to steal emails – your users.

FBI Warns of Continued Ransomware Attacks Targeting the Food and Agriculture Sectors

Sep 21, 2021 3:57:43 PM By Stu Sjouwerman

Working to disrupt organizations involved with the United State’s food supply chain, ransomware gangs and their affiliates are the focus of the FBI’s latest warning to be vigilant.

CyberheistNews Vol 11 #37 [Heads Up] A New Phishing Attack on Microsoft 365 Users Leverages Open Redirects To Avoid Detection

Sep 21, 2021 9:41:41 AM By Stu Sjouwerman

Security Awareness Training Blog

View Topics

Stu Sjouwerman

Recent Posts

90% of All Cyber Attacks on Organizations Involve Social Engineering

Phishing Campaign Impersonates Zix Messages

Europol: Italian Mafia Tied to Cybercriminals Responsible for €10 Million in Cyberattacks

5th Circuit Court Finds Cyber Insurer Must Pay for $1 Million Social Engineering Attack

Phishing Kits and Phishing-as-a-Service Responsible for Over 300,000 URLs Used in Phishing Attacks

Someone's Impersonating the California DMV in Texts

CyberheistNews Vol 11 #38 [EYE OPENER] Over 100 Million Lost to Romance/Crypto Scams in First Seven Months

Google Ads Abused to Deliver Malware

New Tactic: Shortened LinkedIn URLs Are Now Used As Phish Hooks

WHAT IS XDR (EXTENDED DETECTION AND RESPONSE)?

Newest iPhone Launch is Now a Scammer's Advantage

KnowBe4 Named a Leader in the Fall 2021 G2 Grid Report for Security Awareness Training

[HEADS UP] Millions of malicious emails will slip past security filters in Q4

Executives: Ransomware is the Greatest Threat Concern, But Few are Actually Prepared

Travel-Related Phishing Scams and Websites Surge More Than 400%

$1 Trillion Infrastructure Bill is the Catalyst for DOT-Impersonated Phishing Attacks Targeting Contractors

Social Media Quizzes May Be Data Scrapers Building Victim Profiles

Kaspersky: Use of New QakBot Banking Trojan that Steals Emails Up 65%

FBI Warns of Continued Ransomware Attacks Targeting the Food and Agriculture Sectors

CyberheistNews Vol 11 #37 [Heads Up] A New Phishing Attack on Microsoft 365 Users Leverages Open Redirects To Avoid Detection

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search