[Scam of the Week] Black Friday & Cyber Monday Cybersecurity Tips 2021

Nov 23, 2021 12:40:00 PM By Stu Sjouwerman

Cybercriminals are at it again with holiday phishing scams. Because of the popularity of online shopping, retailers' online Black Friday deals attract more and more scammers every year. ...

SEC Warns of Spoofed Emails Impersonating Their Employees

Nov 23, 2021 10:08:11 AM By Stu Sjouwerman

Scammers are impersonating the US Securities and Exchange Commission (SEC) with spoofed phone calls and other communications that attempt to steal money and personal information from ...

New Dangerous and Persistent "Metamorphic" Malware Strain Called Tardigrade

Nov 23, 2021 9:24:52 AM By Stu Sjouwerman

Michael Kan at PCMag reported on this new strain of Windows malware. It can constantly adapt to avoid detection and was first found targeting the biotech industry, including the ...

CyberheistNews Vol 11 #46 Phishing Emails Use Small Font Size To Bypass Security Filters

Nov 23, 2021 9:22:45 AM By Stu Sjouwerman

Phishing Campaign Targets TikTok Influencers

Nov 22, 2021 1:23:42 PM By Stu Sjouwerman

Phishing emails are targeting large TikTok accounts with phony copyright warnings or offers for account verification, according to researchers at Abnormal Security.

Microsoft Exchange Server Flaws Now Exploited for BEC Attacks

Nov 19, 2021 11:48:05 AM By Stu Sjouwerman

Threat actors are using a couple of dangerous, new tactics to exploit the so-called ProxyShell set of vulnerabilities in on-premises Exchange Servers that Microsoft patched earlier this ...

'Fake Ransomware' as a Form of Social Engineering

Nov 18, 2021 10:45:53 AM By Stu Sjouwerman

Attackers are exploiting a vulnerability in a WordPress plugin to deface several hundred websites with phony warnings of ransomware, the Record reports. Researchers at Sucuri found that ...

Social Engineering, Persistence, and a Few Phone Calls is All it Takes to Steal $1 Million

Nov 18, 2021 9:00:45 AM By Stu Sjouwerman

The story of a Swiss investor who was convinced they were purchasing pre-IPO shares of AirBnB is the cautionary tale of how little it really takes to turn someone into a victim.

Ransomware Gangs Now Have Enough Money to Afford Zero-Day Exploits

Nov 18, 2021 9:00:35 AM By Stu Sjouwerman

Normally so expensive that they are only associated with nation-states, zero-day vulnerabilities are now within reach of ransomware gangs that have amassed fortunes to continue attacks.

Malicious Retail Phishing Sites Spike Ahead of Shopping Holidays

Nov 17, 2021 8:52:55 AM By Stu Sjouwerman

Researchers at Check Point have observed a record number of malicious phishing shopping websites that have been set up over the past two months. The researchers assume these sites were ...

CyberheistNews Vol 11 #45 [HEADS UP] Get Prepared for Sophisticated Black Friday Scams

Nov 16, 2021 9:29:33 AM By Stu Sjouwerman

Trends in Cybercrime Report Phishing, Non-Payment Scams, and Extortion

Nov 16, 2021 8:50:23 AM By Stu Sjouwerman

Social engineering attacks account for the vast majority of cybercrime in the US, according to researchers at SEON. The security firm found that phishing, non-payment or non-delivery ...

Rosa Smothers is Featured in the Women Know Cyber Documentary

Nov 16, 2021 8:19:12 AM By Stu Sjouwerman

Our very own Rosa Smothers, SVP of Cyber Operations, has been featured in the Women Know Cyber documentary by Cybercrime Magazine.

Phishing Emails Use Small Font Size to Bypass Security Filters

Nov 15, 2021 9:49:15 AM By Stu Sjouwerman

Researchers at Avanan have spotted phishing emails that use a font size of one to fool email security scanners. The emails appear to be password expiration notifications from Microsoft ...

One-Fifth of U.K. Residents Have Experienced a ‘Proof of Vaccination’ Attack

Nov 11, 2021 1:09:35 PM By Stu Sjouwerman

As the pandemic now focuses on proving vaccination status in many locales, scammers are taking the opportunity to leverage the need for documentation to steal personal information.

“Customer Complaint” May Get Your Attention

Nov 11, 2021 8:41:23 AM By Stu Sjouwerman

A spear phishing campaign is sending phony “customer complaints” that contain a link to a malicious website, according to Paul Ducklin at Naked Security. The phishing emails appear to ...

Will Ransomware Extortion Tactics Ever Stop Evolving?

Nov 10, 2021 1:23:33 PM By Stu Sjouwerman

The latest development in extortion methods by developers of Conti shows we should begin to continually expect new and innovative extortion tactics by cybercriminal gangs moving forward.

Use of Ransomware Data Leak Sites Begin to Slow Down?

Nov 10, 2021 1:23:30 PM By Stu Sjouwerman

New analysis of ransomware attacks by security vendor Digital Shadows in their Ransomware Q3 Roll Up highlights the current state of data leak site use with a peek into what may be to ...

Bait Attacks as Reconnaissance

Nov 10, 2021 11:15:31 AM By Stu Sjouwerman

Researchers at Barracuda warn that attackers are sending non-malicious emails as a precursor to targeted phishing attacks.

Phishing Attacks Aimed at Social Accounts Now in the Top Three Targeted Sectors

Nov 9, 2021 1:38:34 PM By Stu Sjouwerman

New data on the use of impersonation in phishing attacks focused on social media accounts shows some very realistic and worrisome websites and emails that could definitely fool you.

Security Awareness Training Blog

View Topics