Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

Number of Phishing Websites Double and Unique Phishing Campaigns Triple in Q3

New data shows the bad guys have been working diligently to step up their game on both the front and back end of phishing attacks, despite still being mid-pandemic.
Continue Reading

Maze Ransomware Group Retires (Retires!), Leaving a Gap in the Ransomware Marketplace

The news last month of the “retirement” of Maze should be a warning to organizations wondering what ransomware will come next and how much worse will it be.
Continue Reading

[On-Demand Webinar] When the Bad Guys Hide in Plain Sight: Hacking Platforms You Know and Trust

Today’s hackers are concealing their attacks in places you wouldn’t expect… utilizing tools your users know and trust to deliver their malicious payloads. Secure email services with ...
Continue Reading

KnowBe4 Fresh Content Updates from November: Including A New Holiday Training Resource Kit

Here are important fresh content updates and new features to share with you for the month of November.
Continue Reading

Average Ransomware Payment Significantly Increases Risk

The average ransomware payout has increased by 178% over the past year, according to researchers at Atlas VPN. In Q4 2019, the payments averaged $84,000. By Q3 2020, the average payment ...
Continue Reading

[HEADS UP] FBI Warns US Companies of BEC Scammers

The Federal Bureau Investigation is issuing warnings to US companies that are taking advantage of email auto-forwarding. If successful, this would fall right into the trap of a business ...
Continue Reading

South African Post Office Issues Warning on Postal Phishing Attack

The South African Post Office recently issued a warning about a phishing attack. The post office advised everyone to delete the email immediately.
Continue Reading

Zoom Impersonation a New Variant of Familiar Phishbait

Zoom-themed phishing attacks have spiked since the start of the pandemic, the Better Business Bureau (BBB) warns. Attackers adapted quickly earlier this year when a large portion of ...
Continue Reading

Giving Tuesday Means an Influx of Charity Scams

Giving Tuesday is a great idea for organizations and people to give back to people in need, especially during the COVID-19 pandemic. However, this causes concern for an increase in ...
Continue Reading

Fake Zoom Invite Leads to one Australian Company's Downfall

We've previously written blog posts to be cautious of suspicious Zoom meeting links, and we even reported a huge increase in phishing attacks using Zoom of August this year. The heads-up ...
Continue Reading

Is the Secret to Stopping Cyberattacks Making Users "Phishing Aware"?

The sheer volume of successful phishing attacks indicates that security solutions – at very least – aren’t stopping all attacks. So how does security awareness training help top attacks ...
Continue Reading

Phishing Attacks in the U.K. Rise by 73% During Pandemic Months as Vishing and Smishing Attacks Also Increase

Cybercriminals have taken full advantage of COVID-19 by launching themed phishing attacks in previously unseen numbers targeting both individuals and businesses.
Continue Reading

Egregor Ransomware Finds a New Way to Inform You That You’re a Victim of Cyberattack: Printers

Unlike the traditional methods of notifying victim organizations by simply taking over a computer or providing a “readme” text file, this new method has some devilish benefits.
Continue Reading

Journalists Need Phishing Awareness, Too

All types of journalists need to be wary of phishing and other social engineering attacks, according to Jacob Granger, writing at Granger quotes digital security expert ...
Continue Reading

[Heads-Up] A Hacker Is Selling Access To The Email Accounts Of Hundreds Of C-Level Executives

ZDNet's Zero Day column just reported one of the best reasons why you should step your users through new-school security awareness training yet:
Continue Reading

The Risk of the “To” Line

Micropayments company Coil accidentally exposed at least a thousand of its customers’ email addresses by including their addresses in the “To” field of an email, BleepingComputer reports. ...
Continue Reading

Credential-Stealing VPN Exploits

A hacker has published an exploit for a critical vulnerability in Fortinet VPN devices, along with a list of 49,577 vulnerable devices, BleepingComputer reports. Fortinet released a patch ...
Continue Reading

How Many Phishing Sites? Over 2 Million in 2020 (so far)

Google has flagged 2.02 million phishing sites since the beginning of the year, averaging forty-six thousand sites per week, according to researchers at Atlas VPN. The researchers note ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews