Election-themed Phishing is Likely to Persist

Dec 8, 2020 8:47:24 AM By Stu Sjouwerman

The US elections have come and gone, but people should still be on the lookout for election-themed phishbait, according to Roger Kay at Inky. Emotions are still running high in the US, ...

Phishing Campaign Targets COVID Vaccine Cold Supply Chain

Dec 5, 2020 10:50:50 AM By Stu Sjouwerman

Researchers at IBM’s X-Force have identified a phishing campaign targeting the COVID-19 vaccine “cold chain” (the part of the supply chain focused on “the safe preservation of vaccines in ...

Ransomware Gangs Are Now Cold-Calling Victims If They Restore From Backups Without Paying

Dec 5, 2020 10:16:20 AM By Stu Sjouwerman

Catalin Cimpanu at ZDNet reported on another evil escalation in ransomware extortion tactics. In attempts to put pressure on victims, some ransomware gangs are now cold-calling victims on ...

Exploits Leveraging Excel 4.0 Macros Increase as Organizations Continue to Rely on this Legacy Technology

Dec 4, 2020 11:12:56 AM By Stu Sjouwerman

Despite being nearly 30 years old, Excel’s very functional macro technology appears to be a little too functional, as attackers have stepped up its use to advance cyberattacks.

BEC Scam Litigation Demonstrates How Your Company Can Be Out $500,000

Dec 4, 2020 11:12:30 AM By Stu Sjouwerman

The case of Arrow Truck Sales Inc. v. Top Quality Truck & Equipment tells a familiar tale, but provides insight into how the law interprets cases and who’s at fault.

New “Back to Work” HR-Themed Phishing Scam Works to Steal Internal User Credentials

Dec 4, 2020 11:11:11 AM By Stu Sjouwerman

Using a fake internal memo from HR, per-user custom-named email attachments, SharePoint Online, and a realistic-looking HR form, this phishing attack has all the ingredients to trick your ...

Think Tanks Targeted by APT Actors

Dec 3, 2020 8:28:48 AM By Stu Sjouwerman

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory warning that nation-state advanced persistent threat (APT) actors are targeting US ...

How Are Credential-Theft Phishing Websites Avoiding Detection? They Just Invert the Website Background

Dec 3, 2020 8:21:40 AM By Stu Sjouwerman

Sometimes the easiest solution is the best solution. And in the case of phishing attacks intent of stealing credentials using a fake logon page, it appears that background inversion does ...

Number of Phishing Websites Double and Unique Phishing Campaigns Triple in Q3

Dec 3, 2020 8:19:09 AM By Stu Sjouwerman

New data shows the bad guys have been working diligently to step up their game on both the front and back end of phishing attacks, despite still being mid-pandemic.

Maze Ransomware Group Retires (Retires!), Leaving a Gap in the Ransomware Marketplace

Dec 3, 2020 8:16:06 AM By Stu Sjouwerman

The news last month of the “retirement” of Maze should be a warning to organizations wondering what ransomware will come next and how much worse will it be.

KnowBe4 Fresh Content Updates from November: Including A New Holiday Training Resource Kit

Dec 3, 2020 8:00:00 AM By Stu Sjouwerman

Here are important fresh content updates and new features to share with you for the month of November.

Average Ransomware Payment Significantly Increases Risk

Dec 2, 2020 11:05:57 AM By Stu Sjouwerman

The average ransomware payout has increased by 178% over the past year, according to researchers at Atlas VPN. In Q4 2019, the payments averaged $84,000. By Q3 2020, the average payment ...

[HEADS UP] FBI Warns US Companies of BEC Scammers

Dec 1, 2020 1:49:29 PM By Stu Sjouwerman

The Federal Bureau Investigation is issuing warnings to US companies that are taking advantage of email auto-forwarding. If successful, this would fall right into the trap of a business ...

Dutch Government Sees Phishing More Than Double in 2020

Dec 1, 2020 1:48:47 PM By Jelle Wieringa

In an exclusive article, the Dutch IRS gave its perspective on the cyber threat landscape in the Netherlands. December is typically one of the busiest months of the year for cybercrime ...

South African Post Office Issues Warning on Postal Phishing Attack

Dec 1, 2020 11:51:55 AM By Stu Sjouwerman

The South African Post Office recently issued a warning about a phishing attack. The post office advised everyone to delete the email immediately.

CyberheistNews Vol 10 #49 [Eye Opener] How Many Phishing Sites? A Whopping 2 Million in 2020 So Far

Dec 1, 2020 9:34:39 AM By Stu Sjouwerman

Zoom Impersonation a New Variant of Familiar Phishbait

Dec 1, 2020 8:23:31 AM By Stu Sjouwerman

Zoom-themed phishing attacks have spiked since the start of the pandemic, the Better Business Bureau (BBB) warns. Attackers adapted quickly earlier this year when a large portion of ...

Giving Tuesday Means an Influx of Charity Scams

Dec 1, 2020 8:00:00 AM By Stu Sjouwerman

Giving Tuesday is a great idea for organizations and people to give back to people in need, especially during the COVID-19 pandemic. However, this causes concern for an increase in ...

Computer Security Day

Nov 30, 2020 4:48:16 PM By Javvad Malik

November 30th is Computer Security Day; a day to remind us all to protect our computers… But what does protecting your computer actually mean?

Fake Zoom Invite Leads to one Australian Company's Downfall

Nov 30, 2020 1:19:51 PM By Stu Sjouwerman

We've previously written blog posts to be cautious of suspicious Zoom meeting links, and we even reported a huge increase in phishing attacks using Zoom of August this year. The heads-up ...

Security Awareness Training Blog

View Topics