Cryptominers are Tricked out of Cryptocurrency Using Phishing Scams Involving the Purchase of Mining Equipment

Aug 26, 2021 1:02:05 PM By Stu Sjouwerman

The leveraging of Google Docs, a spoofed website, a realistic-feeling buying process, and asking for payment in cryptocurrency is all it takes to separate victims from thousands of ...

Cybercriminals Can Post Jobs on LinkedIn Posing as Any Employer They Want

Aug 26, 2021 1:01:51 PM By Stu Sjouwerman

Lax verification around what company is offering a given job on LinkedIn allows attackers to create bogus job postings for malicious purposes.

A COVID-19 Phishing Caper

Aug 26, 2021 8:47:02 AM By Stu Sjouwerman

A new phishing campaign is exploiting the ongoing uncertainty about company policies related to COVID-19, according to Roger Kay at INKY. The campaign uses emails that purport to come ...

A Look at a Ransomware Affiliate

Aug 25, 2021 8:43:02 AM By Stu Sjouwerman

The US Federal Bureau of Investigation (FBI) has issued an advisory describing a ransomware affiliate that calls itself “OnePercent Group,” the Record reports. The Record notes that the ...

Nigerian Threat Actors Solicit Victim Organization Employees to Deploy Demon Ransomware

Aug 24, 2021 1:09:38 PM By Stu Sjouwerman

The use of employees as insider accomplices potentially changes how social engineering is being used in exchange for a direct request for internal assistance.

Arrests in International Fraud Scheme Due to Social Engineering

Aug 24, 2021 11:35:39 AM By Stu Sjouwerman

Police in Romania, the Netherlands, and Ireland have arrested and charged twenty-three people accused of conducting sophisticated social engineering attacks. The organized crime group ...

Hospitals Continue to be Ransomware Targets as Half Experience Shutdowns in the Last 6 Months

Aug 24, 2021 11:35:29 AM By Stu Sjouwerman

With financial impacts as high as $46K per hour, shutting down some or all of operations due to a ransomware attack is not a decision taken lightly by hospitals, but may be the only ...

Microsoft Warns of New Phishing-Turned-Vishing-Turned-Phishing Attack Aimed at Installing Ransomware

Aug 24, 2021 11:35:19 AM By Stu Sjouwerman

In what appears to be a phishing attack that includes a mix of emails and phone calls, Microsoft reminds us to be wary of only opening emails and attachments from known contacts.

CyberheistNews Vol 11 #33 [EYE OPENER] The Anatomy Of New Smishing Attacks And How To Avoid Them

Aug 24, 2021 9:28:02 AM By Stu Sjouwerman

“Compromise” is the “C” in “MICE”

Aug 23, 2021 8:47:35 AM By Stu Sjouwerman

The FBI is warning Silicon Valley companies to be wary of insider threats, Protocol reports. FBI special agent Nick Shenkin told Protocol in an interview that authoritarian ...

CISA shares guidance on how to prevent ransomware data breaches

Aug 20, 2021 9:20:29 AM By Stu Sjouwerman

Bleepingcomputer reported: "The US Cybersecurity and Infrastructure Security Agency (CISA) has released guidance to help government and private sector organizations prevent data breaches ...

Phishing Attacks Have Increased by 22% This Year

Aug 19, 2021 8:34:15 AM By Stu Sjouwerman

The volume of phishing attacks has increased 22% this year compared to the first half of 2020, according to researchers at PhishLabs.

Defending Against Ransomware Attacks Should Start (and Can End) With Security Awareness Training

Aug 18, 2021 2:00:43 PM By Stu Sjouwerman

The world’s most dangerous, expensive, and impactful cyberattack can potentially be stopped with little more than a conscientious user who is paying attention.

Can the Microsoft 365 Platform Be Trusted to Stop Security Breaches?

Aug 18, 2021 2:00:29 PM By Stu Sjouwerman

Lax security policies, a lack of security measures and solutions in place, and an expectation that Microsoft will address any security issues is putting organizations at risk.

Deepfakes Continue to be a Concern as the Technology Improves and Becomes More Convincing

Aug 18, 2021 2:00:15 PM By Stu Sjouwerman

In the wake of the FBI’s warning about more deepfake-based cyber attacks coming in the next year, organizations should remain vigilant against this compelling form of social engineering.

Trend Micro: Most Organizations in the World Will Likely Be Compromised in the Next 12 Months

Aug 18, 2021 10:19:22 AM By Stu Sjouwerman

A new report from security vendor Trend Micro quantifies the current level of risk most organizations are facing, highlighting how ill-prepared we really are, how many have already been ...

Cyber Attacks Grow 125% as Ransomware Tops the List Plaguing Enterprise Organizations

Aug 18, 2021 10:17:02 AM By Stu Sjouwerman

With no slowdown of cyberattacks in sight, global incident volumes continue to trend upward, according to new data from Accenture’s Cyber Investigations, Forensics and Response team.

The Average Ransom Demand of $5.3M in 2021 is Up 518% From Last Year

Aug 18, 2021 10:16:08 AM By Stu Sjouwerman

Cybercriminals appear to be more aggressive with their idealistic ransom demands as some gangs continue to evolve, using new “quadruple extortion” tactics to ensure payment.

Copyright Scammers Now Making Phone Calls

Aug 18, 2021 10:15:47 AM By Stu Sjouwerman

Copyright infringement scammers have begun using phone calls to contact potential victims, according to Paul Ducklin at Naked Security.

Attackers Use Morse Code to Encode Phishing Attachments

Aug 17, 2021 9:56:28 AM By Stu Sjouwerman

A phishing campaign is using morse code to encode malicious attachments in order to slip past security filters, according to researchers at Microsoft. The phishing emails contain HTML ...

Security Awareness Training Blog

View Topics