Stu Sjouwerman

85% Of Employees are More Likely to Leak Files Now Than Pre-Coronavirus

Dec 14, 2020 12:33:11 PM By Stu Sjouwerman

According to research released Thursday by Code42, 85% of employees are more likely to leak files today than before the COVID-19 pandemic.

Zoom Phishing is Still Rampant

Dec 14, 2020 10:04:05 AM By Stu Sjouwerman

Cybercriminals are still using Zoom and other conferencing platforms as phishbait, according to Zlati Meyer at Fast Company. This phishing theme isn’t likely to let up any time soon, so ...

Data Breaches Are Expected to Decline While Ransomware and BEC Gain Steam

Dec 14, 2020 8:27:05 AM By Stu Sjouwerman

A new report from the Identity Theft Research Center discusses which cybersecurity attacks will be most impactful next year as part of the ITRC’s 2021 predictions.

All 200 Million Office 365 Users at Risk by a New Global Spear Phishing Attack Spoofing Microsoft.com

Dec 14, 2020 8:20:30 AM By Stu Sjouwerman

A new spear phishing campaign appearing to come from a microsoft.com email address is targeting organizations in critical industries that use Office 365 for email to steal credentials.

CISA Emergency Directive: Pull Plug On SOLARWINDS ORION NOW.

Dec 14, 2020 7:05:29 AM By Stu Sjouwerman

It's all over the press. A wide swath of U.S. Government orgs were hacked by the Russians. They accessed those networks by slipping malware into a SolarWinds software update, according to ...

Just How Far Can Three Cybercriminals Reach? How about 150 Countries!

Dec 11, 2020 8:27:11 AM By Stu Sjouwerman

As three members of the cybercriminal group TMT were recently arrested, details emerge around the breadth and depth of their attacks from a year-long Interpol investigation.

Check Point Says to Expect More Shipping and Delivery Phishing Emails This Season

Dec 11, 2020 8:24:41 AM By Stu Sjouwerman

With in-person shopping still considered “high risk”, online shopping with home delivery and the need to meet delivery deadlines creates the perfect scenario for scammers.

Who’s on the Phone? It’s the Ransomware Guys “Encouraging” You to Pay the Ransom!

Dec 11, 2020 8:15:55 AM By Stu Sjouwerman

Since August of this year, some ransomware attacks are being followed up by phone calls to increase pressure, promote the attack internally, and increase the chances of getting paid.

Updates on Vishing

Dec 10, 2020 9:15:17 AM By Stu Sjouwerman

Voicemail scams are on the rise, according to Paul Ducklin at Naked Security. These scams are a form of voice phishing (“vishing”) in which scammers churn out automated phone calls and ...

GDPR Compliance Scams Rising

Dec 9, 2020 9:41:45 AM By Stu Sjouwerman

Organizations need to be on the lookout for GDPR-themed phishing lures, according to Mike Puglia, Chief Product Officer at Kaseya. In an article for ITProPortal, Puglia explains that GDPR ...

You know it's going to be a long day when...

Dec 8, 2020 1:22:27 PM By Stu Sjouwerman

…you’re sending out emails like the below to all staff at 8 in the morning.

CyberheistNews Vol 10 #50 [Scam of the Week] Warn Your Employees About New Zoom Phishing Attacks

Dec 8, 2020 9:38:50 AM By Stu Sjouwerman

Election-themed Phishing is Likely to Persist

Dec 8, 2020 8:47:24 AM By Stu Sjouwerman

The US elections have come and gone, but people should still be on the lookout for election-themed phishbait, according to Roger Kay at Inky. Emotions are still running high in the US, ...

Phishing Campaign Targets COVID Vaccine Cold Supply Chain

Dec 5, 2020 10:50:50 AM By Stu Sjouwerman

Researchers at IBM’s X-Force have identified a phishing campaign targeting the COVID-19 vaccine “cold chain” (the part of the supply chain focused on “the safe preservation of vaccines in ...

Ransomware Gangs Are Now Cold-Calling Victims If They Restore From Backups Without Paying

Dec 5, 2020 10:16:20 AM By Stu Sjouwerman

Catalin Cimpanu at ZDNet reported on another evil escalation in ransomware extortion tactics. In attempts to put pressure on victims, some ransomware gangs are now cold-calling victims ...

Exploits Leveraging Excel 4.0 Macros Increase as Organizations Continue to Rely on this Legacy Technology

Dec 4, 2020 11:12:56 AM By Stu Sjouwerman

Despite being nearly 30 years old, Excel’s very functional macro technology appears to be a little too functional, as attackers have stepped up its use to advance cyberattacks.

BEC Scam Litigation Demonstrates How Your Company Can Be Out $500,000

Dec 4, 2020 11:12:30 AM By Stu Sjouwerman

The case of Arrow Truck Sales Inc. v. Top Quality Truck & Equipment tells a familiar tale, but provides insight into how the law interprets cases and who’s at fault.

New “Back to Work” HR-Themed Phishing Scam Works to Steal Internal User Credentials

Dec 4, 2020 11:11:11 AM By Stu Sjouwerman

Using a fake internal memo from HR, per-user custom-named email attachments, SharePoint Online, and a realistic-looking HR form, this phishing attack has all the ingredients to trick your ...

Think Tanks Targeted by APT Actors

Dec 3, 2020 8:28:48 AM By Stu Sjouwerman

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory warning that nation-state advanced persistent threat (APT) actors are targeting US ...

How Are Credential-Theft Phishing Websites Avoiding Detection? They Just Invert the Website Background

Dec 3, 2020 8:21:40 AM By Stu Sjouwerman

Sometimes the easiest solution is the best solution. And in the case of phishing attacks intent of stealing credentials using a fake logon page, it appears that background inversion does ...

Security Awareness Training Blog

View Topics

Stu Sjouwerman

Recent Posts

85% Of Employees are More Likely to Leak Files Now Than Pre-Coronavirus

Zoom Phishing is Still Rampant

Data Breaches Are Expected to Decline While Ransomware and BEC Gain Steam

All 200 Million Office 365 Users at Risk by a New Global Spear Phishing Attack Spoofing Microsoft.com

CISA Emergency Directive: Pull Plug On SOLARWINDS ORION NOW.

Just How Far Can Three Cybercriminals Reach? How about 150 Countries!

Check Point Says to Expect More Shipping and Delivery Phishing Emails This Season

Who’s on the Phone? It’s the Ransomware Guys “Encouraging” You to Pay the Ransom!

Updates on Vishing

GDPR Compliance Scams Rising

You know it's going to be a long day when...

CyberheistNews Vol 10 #50 [Scam of the Week] Warn Your Employees About New Zoom Phishing Attacks

Election-themed Phishing is Likely to Persist

Phishing Campaign Targets COVID Vaccine Cold Supply Chain

Ransomware Gangs Are Now Cold-Calling Victims If They Restore From Backups Without Paying

Exploits Leveraging Excel 4.0 Macros Increase as Organizations Continue to Rely on this Legacy Technology

BEC Scam Litigation Demonstrates How Your Company Can Be Out $500,000

New “Back to Work” HR-Themed Phishing Scam Works to Steal Internal User Credentials

Think Tanks Targeted by APT Actors

How Are Credential-Theft Phishing Websites Avoiding Detection? They Just Invert the Website Background

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search