Spamming Tools are a Commodity in the Criminal Underworld

Feb 25, 2020 8:21:25 AM By Stu Sjouwerman

Cheap and easy-to-use phishing kits and other social engineering tools are readily available for purchase on the black market, according to researchers at Digital Shadows. Criminals ...

Spear Phishing Tops the Canadian Anti-Fraud Center’s List of Attacks

Feb 24, 2020 5:13:16 PM By Stu Sjouwerman

The latest data out of the Canadian Government points out how targeted spear phishing fraud attacks via email are the most lucrative method of attack for cybercriminals in 2019.

WSJ: "Losing $450,000 in Three Days: Hackers Trick Victims Into Big Wire Transfers"

Feb 24, 2020 12:32:09 PM By Stu Sjouwerman

Rachel Louise Ensign wrote a great story for the WSJ about CEO Fraud, also known by the FBI as Business Email Compromise. I'm quoting an extract and I strongly recommend sending a link to ...

A Single BEC Gang is Launching Thousands of Attacks Per Year

Feb 24, 2020 8:22:44 AM By Stu Sjouwerman

A unique cybercriminal group launched business email compromise (BEC) attacks against more than 2,100 companies in the US between April and August 2019, according to researchers at Agari. ...

[EYE-OPENER] Dutch Minister Of Justice And Security: "Fighting Phishing Starts With Awareness"

Feb 24, 2020 8:00:01 AM By Stu Sjouwerman

"The fight against phishing starts with raising the awareness of internet users, stated Justice and Security Minister Grapperhaus. He responded to figures from Dutch banks showing that ...

[Heads-up] Ransomware Criminals Hack An Accounting Company And Cause A Data Breach For Their Customers

Feb 24, 2020 7:00:00 AM By Stu Sjouwerman

Last December, a ransomware infection of Albany, New York-based accounting firm BST & Co. CPAs LLC exposed the confidential data of their customers, causing a data breach for one of ...

Massive 13,467% Growth in WhatsApp Phishing URLs Seen as Top Impersonated Domains Are on the Decline

Feb 21, 2020 6:44:06 PM By Stu Sjouwerman

The latest data from email security vendor Vade Secure shows drastic shifts in domain impersonation trends cybercriminals are using to carry out phishing attacks.

Ransomware Attack Leaves 43,000 Employees Without Email

Feb 21, 2020 6:41:31 PM By Stu Sjouwerman

The recent attack on facilities management company ISS has created a significant disruption in their operations, communication, and services worldwide.

The Real-life Email You Never Want To Get From Your CEO Because The Feds Called...

Feb 21, 2020 12:56:19 PM By Stu Sjouwerman

From The Desk Of Mark *********, CEO, ********* Corporation

Here Is A Real-life Bank Phone Scam Blocked By A Security Awareness Trained Employee

Feb 21, 2020 12:01:58 PM By Stu Sjouwerman

Brad Mathis at our partner Keller Schroeder sent me the following real-life story from Matt, a KnowBe4 Security Awareness Training client...

Emotet Malware Shows Up in SMiShing Attacks Disguised as Bank Notifications

Feb 21, 2020 8:27:20 AM By Stu Sjouwerman

A newly discovered attack looks to try to make a victim of mobile device holders using a two-pronged attack that uses Emotet and, perhaps, Trickbot.

Most Organizations Stick to Legacy Password Security Practices Despite Experiencing Cyberattacks

Feb 21, 2020 8:24:51 AM By Stu Sjouwerman

In a surprising twist, new data sheds light on the lack of proper security around passwords and authentication by IT at a time when cyberattacks are all but an absolute given.

Courts: Banks $2 Million in Losses from a BEC Attack Aren’t Covered by Cyberinsurance

Feb 20, 2020 6:25:04 AM By Stu Sjouwerman

Using emails impersonating the wife of a senior executive at Crown Bank, cybercriminals were able to take the bank for $2 million – an amount the courts held the bank responsible for.

Phishing URLs Increase 640% as Organizations (Finally!) Embrace Security Awareness Training

Feb 20, 2020 6:16:10 AM By Stu Sjouwerman

The latest data from security vendor Webroot shows how cybercriminals are changing their attack methods and targets – and how Security Awareness Training makes the difference.

New Spear Phishing Campaign Targets 27 Famous Brands With Malicious SLK Files

Feb 20, 2020 6:04:08 AM By Stu Sjouwerman

A new spear phishing campaign is targeting twenty-seven companies around the world with malicious SLK (Symbolic Link) files, according to BleepingComputer. The attackers pose as a real ...

5 Ways to Improve Your Security Awareness Training Program

Feb 19, 2020 9:41:26 AM By Joanna Huisman

In today’s world, it’s essential to implement security awareness training in the workplace. Without security awareness training, how would your employees know how to stay safe? A lot of ...

Catphish and Honey Traps

Feb 19, 2020 8:25:28 AM By Stu Sjouwerman

Hundreds of Israeli soldiers had their phones compromised by malware after falling for catfishing attacks purportedly launched by Hamas, Forbes reports. The Israel Defense Forces (IDF) ...

A U.S. Natural Gas Operator Shuts Down For 2 Days After A Phishing Attack Infects It With Ransomware

Feb 19, 2020 6:29:18 AM By Stu Sjouwerman

Dan Goodin at Ars Technica reported something worrisome: "A US-based natural gas facility shut down operations for two days after sustaining a ransomware infection that prevented ...

Over 500 Browser Extensions Secretly Stealing Millions of Users Private Data Yanked From Chrome Store

Feb 19, 2020 5:59:07 AM By Stu Sjouwerman

Unfortunately, cyber criminals never stop their innovation. Now they have come up with a novel method to both poison Google's extension ecosystem, combined with social engineering tactics ...

New Convincing Verizon Smishing Scam Makes SIM Swaps A Breeze

Feb 18, 2020 1:42:27 PM By Stu Sjouwerman

Cybercriminals intent on using a mobile device as a second factor of authentication are now using texts and very realistic-looking mobile sites to steal details needed to perform SIM ...

Security Awareness Training Blog

View Topics