Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

5 Tips to Prevent CEO Fraud

Every day, employees are regularly receiving spoofed emails. Even C-level executives are receiving fraudulent requests to transfer money or provide sensitive information. This form of ...
Continue Reading

Contributing to the Delinquency of a Major

A Swedish man used a multitude of forged credentials and a fake school diploma to join the Swedish military, where he maintained the ruse for eighteen years and eventually attained the ...
Continue Reading

Scam Of The Week: "Kobe Bryant Dead, Dies in Helicopter Crash"

Today, news broke that Kobe Bryant died in a helicopter crash. His daughter Gigi was also on board and died in the crash. This is a celebrity death that the bad  guys are going to be ...
Continue Reading

[Heads-up] Will Proposed New Laws *Ban* Making Ransomware Payments?

The ransomware scourge has become much worse the last 12 months. Highly organized cybercrime gangs have iterated their attacks into a massive extortion racket.
Continue Reading

US Government Agency Spear Phished With New CARROTBALL Malware

According to new research posted by Palo Alto Networks' Unit 42, a US Government agency and two non-US foreign nationals professionally affiliated with North Korea were targeted by spear ...
Continue Reading

Ransomware Costs Double as Attacks Increase in Downtime and Sophistication

With payouts as much as $780,000, new data shows threat actors are going after every sized organization doing more damage and asking for more money.
Continue Reading

New EFS Ransomware Attack Uses Windows Encrypting File System Against Itself

The newly-spotted form of ransomware takes advantage of encryption capabilities built into Windows making it difficult for AV vendors to stop it.
Continue Reading

Domain-Impersonation Increases by 400% as part of Conversational Hijacking Attacks

The latest data from security vendor Barracuda suggests that attackers heavily rely on lookalike domains as part of BEC scams that can result in CEO fraud, malware infection, or ransom.
Continue Reading

FDIC Warns U.S. Financial Institutions of Elevated Risk of Cyberattack

Citing “increased geopolitical tension”, banks are warned to immediately reevaluate to shore up cybersecurity controls and technology safeguards against ransomware and malware attacks.
Continue Reading

New Phishing Attack Emerges Targeting ADP Users Wanting Their W2

For those looking to get their taxes done early, watch out for emails impersonating ADP offering a link to retrieve your W2 early!
Continue Reading

Scam Of The Week: Exit Windows 7, Enter Scams

Microsoft ended support for the Windows 7 operating system on January 14th, and scammers are taking advantage of the long-anticipated news to launch tech support scams, according to the ...
Continue Reading

Conversation-Hijacking Attacks Make It Almost Impossible to Avoid Becoming a Victim

Attackers target organizations to insert themselves into group email conversations as a way of ensuring the likelihood that one or more recipients are happy to unwittingly infect ...
Continue Reading

The Great Crimeware Awakening

The bad guys are taking advantage of their new digital bounty. Ransomware is just the beginning to show us how bad it is soon going to be. We really had no idea how bad it was going to ...
Continue Reading

Confront Apprehensive Compliance Before Disaster Strikes

This blog is co-written by Aimee Laycock and Joanna Huisman When it comes to fostering a more secure environment it’s not a question of wanting to…it’s more like YOU HAVE TO. ...
Continue Reading

Amazon Phishbait Chums British Waters

Action Fraud, the UK's fraud reporting center, has warned of a widespread phone scam targeting Amazon customers. The phone calls are automated and inform recipients that their Amazon ...
Continue Reading

Temporary Social Security Number? No Such Thing

Researchers at Kaspersky have come across an interesting phishing site that’s posing as a data leak protection service set up by the US government. The site purports to be compensating ...
Continue Reading

Emotet Trojan Intelligently Targets Organizations, Impersonates Victims to Improve Attack Success

According to new insights from Cisco Talos, this banking malware is getting nastier as it moves into the island hopping space via email attacks using social engineering.
Continue Reading

Phishing Attacks Are the Number One Data Breach Attack Vector in the U.K.

The latest cyber attack trend data in the U.K. shows the majority of data breaches in 2019 began with a phishing attack. Security consulting firm CybSafe analyzed three years of the ...
Continue Reading

U.K. Report: "We’re Doomed-Passwords Aren’t Strong or Secure"

A recent survey of over 2,000 U.K. broadband users shows that individuals don’t use good password hygiene or secure storage to protect themselves against future cyberattacks.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews