UK Royal Mail Smishing Crew Nabbed By City Of London Police

May 24, 2021 3:34:30 PM By Stu Sjouwerman

According to a report by ZDNet, there were arrests made due to suspicions of sending 'smishing' texts. Smishing is a form of phishing that sends SMS messages in order to steal personal ...

[On-Demand Webinar] Setting the Trap: Crafty Ways the Bad Guys Trick Your Users to Own Your Network Featuring Kevin Mitnick

May 24, 2021 9:52:40 AM By Stu Sjouwerman

The bad guys are out there, watching and waiting for an opportunity to strike. They have carefully researched your organization in order to set the perfect trap. And the perfect ...

More Targeted Phishing Attacks Are Coming!

May 24, 2021 9:40:11 AM By Roger Grimes

I have been in the cybersecurity business for 34 years. I am not an innately brilliant, but one of the things I seem to do well is to spot trends as they happen early in their cycle. It ...

Low-Grade Ways of Bypassing Email Scanners

May 24, 2021 9:38:59 AM By Stu Sjouwerman

Cybercriminals are replacing common words in phishing scams with synonyms in order to bypass security filters, according to researchers at Avanan. For example, one phishing lure contained ...

Ransomware-as-a-Service is Organizing, Becoming More Devastating and Costly

May 21, 2021 1:11:36 PM By Stu Sjouwerman

Take a look at the complex relationships that exist today between the ransomware gangs and the various services they utilize, and you quickly realize this is a very organized and ...

The FBI’s Internet Crime Complaint Center Marks Its 6 Millionth Complaint as Pace Accelerates

May 21, 2021 1:11:14 PM By Stu Sjouwerman

The rate at which cyberattacks are increasing are being noticed by both their victims and the FBI, who are seeing more people affected by online crimes and scams.

Credential Stuffing the Financial Services Sector

May 21, 2021 8:54:50 AM By Stu Sjouwerman

Credential stuffing in the financial services industry has risen significantly over the past year, according to Akamai’s latest State of the Internet / Security report. Credential ...

When Cryptocurrency Investments Really Are Too Good To Be True

May 19, 2021 2:49:41 PM By Stu Sjouwerman

The US Federal Trade Commission (FTC) reports that victims have lost more than $80 million in cryptocurrency scams since October of last year, with about $2 million of that total going to ...

Transparent Tribe Uses Spoofed Domains in Social Engineering Attacks

May 18, 2021 10:29:59 AM By Stu Sjouwerman

Researchers at Cisco Talos warn that the threat actor known as “Transparent Tribe” (also known as APT36 and Mythic Leopard) is using spoofed websites and malicious documents to deliver ...

CyberheistNews Vol 11 #19 [Heads Up] Phishing Scammers Can Now Remove the ‘External Sender’ Email Warnings

May 18, 2021 9:30:22 AM By Stu Sjouwerman

[NEW PhishER Feature] Flip the Script on Phishing Emails with PhishFlip

May 18, 2021 8:15:00 AM By Stu Sjouwerman

We are excited to announce the availability of PhishFlip™ as part of the PhishER product to all PhishER customers.

Ransoms Increase 43% as More Ransomware Attacks Include the Threat to Leak Exfiltrated Data

May 17, 2021 12:42:06 PM By Stu Sjouwerman

With average payments rising to over $220K, organizations scramble to stop ransomware attacks as gangs begin taking more advantage of software vulnerabilities as their attack vector.

Healthcare Organizations Should Expect Cyber Insurance Premiums to Increase 25 to 50% This Year

May 17, 2021 10:45:36 AM By Stu Sjouwerman

In light of recent upticks in payouts – particularly around ransomware – cyber insurers are better understanding the risk and are adjusting rates accordingly.

Paying the Ransom Is Not Just About Decryption

May 14, 2021 1:02:38 PM By Roger Grimes

I just read that a well-known pipeline company paid $5M to the ransomware hacker group. And despite that, they are still having to use their backups because the decryption process is too ...

Kicking You While You’re Down: Ransomware Attacks Begin to Adopt a “Triple Extortion” Model

May 14, 2021 9:11:24 AM By Stu Sjouwerman

New tactics spotted by security researchers at CheckPoint indicate a growing pattern by ransomware gangs to use additional extortion actions to increase revenues and ensure payment.

Ransomware Attack Demands Cause Cyber Insurance Claim Amounts to Skyrocket

May 14, 2021 9:10:29 AM By Stu Sjouwerman

The perfect storm of large enterprises, cyber insurance policies, successful ransomware attacks, and ransom demands in the tens of millions now consistently result in seven-figure claim ...

New Verizon DBIR: Credentials Stolen in 85% of Social Engineering Breaches

May 13, 2021 10:52:28 AM By Stu Sjouwerman

Verizon’s latest data breach report puts a spotlight on one of the largest and most unpredictable risk factors in your cybersecurity strategy – your users.

FBI Finds Phishing Sites Abusing Search Results and Ads to Steal Banking Credentials

May 13, 2021 8:56:37 AM By Stu Sjouwerman

The US Federal Bureau of Investigation has sent out a private industry notification (PIN) warning that cybercriminals are using search engine ads and search results to spread phishing ...

A New Smishing Trojan is Out and About

May 12, 2021 9:49:21 AM By Stu Sjouwerman

Researchers at Pradeo have observed a new Android malware campaign that uses text messages asking victims to pay a small fee for a delivery. The messages contain a link that will install ...

New QuickBooks-Themed Phishing Attack Seeks to Infect Victims with Dridex Malware

May 12, 2021 8:18:57 AM By Stu Sjouwerman

Purporting to be invoices and payment reminders, this new campaign targets users of the popular accounting software to install the banking trojan on its victims endpoints.

Security Awareness Training Blog

View Topics