Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Cryptominers are Tricked out of Cryptocurrency Using Phishing Scams Involving the Purchase of Mining Equipment

The leveraging of Google Docs, a spoofed website, a realistic-feeling buying process, and asking for payment in cryptocurrency is all it takes to separate victims from thousands of ...
Continue Reading

Cybercriminals Can Post Jobs on LinkedIn Posing as Any Employer They Want

Lax verification around what company is offering a given job on LinkedIn allows attackers to create bogus job postings for malicious purposes.
Continue Reading

A COVID-19 Phishing Caper

A new phishing campaign is exploiting the ongoing uncertainty about company policies related to COVID-19, according to Roger Kay at INKY. The campaign uses emails that purport to come ...
Continue Reading

A Look at a Ransomware Affiliate

The US Federal Bureau of Investigation (FBI) has issued an advisory describing a ransomware affiliate that calls itself “OnePercent Group,” the Record reports. The Record notes that the ...
Continue Reading

Nigerian Threat Actors Solicit Victim Organization Employees to Deploy Demon Ransomware

The use of employees as insider accomplices potentially changes how social engineering is being used in exchange for a direct request for internal assistance.
Continue Reading

Arrests in International Fraud Scheme Due to Social Engineering

Police in Romania, the Netherlands, and Ireland have arrested and charged twenty-three people accused of conducting sophisticated social engineering attacks. The organized crime group ...
Continue Reading

Hospitals Continue to be Ransomware Targets as Half Experience Shutdowns in the Last 6 Months

With financial impacts as high as $46K per hour, shutting down some or all of operations due to a ransomware attack is not a decision taken lightly by hospitals, but may be the only ...
Continue Reading

Microsoft Warns of New Phishing-Turned-Vishing-Turned-Phishing Attack Aimed at Installing Ransomware

In what appears to be a phishing attack that includes a mix of emails and phone calls, Microsoft reminds us to be wary of only opening emails and attachments from known contacts.
Continue Reading

“Compromise” is the “C” in “MICE”

The FBI is warning Silicon Valley companies to be wary of insider threats, Protocol reports. FBI special agent Nick Shenkin told Protocol in an interview that authoritarian ...
Continue Reading

CISA shares guidance on how to prevent ransomware data breaches

Bleepingcomputer reported: "The US Cybersecurity and Infrastructure Security Agency (CISA) has released guidance to help government and private sector organizations prevent data breaches ...
Continue Reading

Phishing Attacks Have Increased by 22% This Year

The volume of phishing attacks has increased 22% this year compared to the first half of 2020, according to researchers at PhishLabs.
Continue Reading

Defending Against Ransomware Attacks Should Start (and Can End) With Security Awareness Training

The world’s most dangerous, expensive, and impactful cyberattack can potentially be stopped with little more than a conscientious user who is paying attention.
Continue Reading

Can the Microsoft 365 Platform Be Trusted to Stop Security Breaches?

Lax security policies, a lack of security measures and solutions in place, and an expectation that Microsoft will address any security issues is putting organizations at risk.
Continue Reading

Deepfakes Continue to be a Concern as the Technology Improves and Becomes More Convincing

In the wake of the FBI’s warning about more deepfake-based cyber attacks coming in the next year, organizations should remain vigilant against this compelling form of social engineering.
Continue Reading

Trend Micro: Most Organizations in the World Will Likely Be Compromised in the Next 12 Months

A new report from security vendor Trend Micro quantifies the current level of risk most organizations are facing, highlighting how ill-prepared we really are, how many have already been ...
Continue Reading

Cyber Attacks Grow 125% as Ransomware Tops the List Plaguing Enterprise Organizations

With no slowdown of cyberattacks in sight, global incident volumes continue to trend upward, according to new data from Accenture’s Cyber Investigations, Forensics and Response team.
Continue Reading

The Average Ransom Demand of $5.3M in 2021 is Up 518% From Last Year

Cybercriminals appear to be more aggressive with their idealistic ransom demands as some gangs continue to evolve, using new “quadruple extortion” tactics to ensure payment.
Continue Reading

Copyright Scammers Now Making Phone Calls

Copyright infringement scammers have begun using phone calls to contact potential victims, according to Paul Ducklin at Naked Security.
Continue Reading

Attackers Use Morse Code to Encode Phishing Attachments

A phishing campaign is using morse code to encode malicious attachments in order to slip past security filters, according to researchers at Microsoft. The phishing emails contain HTML ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews