Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Don't Let Your Users Download Malicious Chrome Extensions

Sep 25, 2019 6:46:08 AM By Stu Sjouwerman
Here's a relatively "innocent" example of this risk. The ‘AdBlock’ and ‘uBlock’ look just like legitimate Chrome extensions but instead engage in cookie stuffing to defraud affiliate ...
Continue Reading

Less Than a Third of Small Businesses Deliver Annual Cybersecurity Training

Sep 25, 2019 6:18:54 AM By Stu Sjouwerman
Only 31% of employees receive annual cybersecurity training, Chubb’s Third Annual Cyber Report has found. According to Small Business Trends, the report shows that employees’ perception ...
Continue Reading

Disgusting Fake Employment Site Targets Veterans And Installs Remote Access Trojan

Sep 24, 2019 4:59:04 PM By Stu Sjouwerman
Just when you think they could not sink any lower, you see something like this. A fake website pretending to be an organization that offers job opportunities for U.S. veterans is ...
Continue Reading

CyberheistNews Vol 9 #39 [Scam of the Week] Heads-Up: Amazon Phishing Attack in Progress

Sep 24, 2019 9:37:22 AM By Stu Sjouwerman
Continue Reading

A Short, Very Useful Guide to Social Engineering

Sep 24, 2019 6:50:34 AM By Stu Sjouwerman
Knowing how to identify indicators of social engineering can alert you when someone tries to manipulate you, according to Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist. In an ...
Continue Reading

No, Really, They're Just Not That Into You

Sep 24, 2019 6:44:40 AM By Stu Sjouwerman
There are numerous ways to check the authenticity of someone on a dating site so you don’t fall for a romance scam, according to HackRead. You should always be cautious when interacting ...
Continue Reading

The Emotet Trojan Botnet is Back in Business

Sep 23, 2019 10:11:44 AM By Stu Sjouwerman
The Emotet botnet is up and running again after four months of inactivity, according to Ars Technica. Multiple security firms have reported seeing phishing emails delivering the malware ...
Continue Reading

Massive phishing wave of account hijacks hits YouTube creators

Sep 23, 2019 7:47:49 AM By Stu Sjouwerman
Over the past few days, a massive wave of account hijacks has hit YouTube users, and especially creators in the auto-tuning and car review community, a ZDNet investigation discovered ...
Continue Reading

PDF Phishing Attacks Using Microsoft OneDrive Surge Nearly 200%

Sep 19, 2019 3:23:25 PM By Stu Sjouwerman
Scammers use a mixture of familiar brand, unsuspecting users, legitimate document types and locations, and credential harvesting in this attack aimed at getting into your Office 365.
Continue Reading

CEO Fraud Attacks Now Use Deepfake Audio and AI to Mimic Executives Over the Phone

Sep 19, 2019 2:54:32 PM By Stu Sjouwerman
While deepfake video gets most of the attention on social media, it’s deepfake audio that is quickly becoming the cybercriminal’s tools of choice for committing fraud.
Continue Reading

In the Hot Seat: Three Experts Tackle 10 Critical Security Awareness Issues

Sep 19, 2019 9:35:00 AM By Stu Sjouwerman
Three experts. 10 hot topics. Sixty minutes. What happens when you lock highly opinionated security awareness experts in a room with a microphone and a list of top security issues facing ...
Continue Reading

Amazon Phishing Scam in Progress

Sep 19, 2019 7:49:14 AM By Stu Sjouwerman
HackRead has come across a phishing scam that’s trying to trick Amazon customers into handing over their account credentials, personal information, and financial details. The phishing ...
Continue Reading

The U.S. Cybersecurity and Infrastructure Security Agency Lays Out Strategic Vision and Priorities in the Wake of Texas Ransomware Attacks.

Sep 18, 2019 7:27:45 AM By Stu Sjouwerman
This new document, entitled Strategic Intent highlights ways to “defend today, secure tomorrow” and comes out as the CISA director admits that ransomware is “only getting worse.”
Continue Reading

Microsoft Remains the Most Impersonated Brand in Phishing Attacks, with Facebook Phishing Surging

Sep 18, 2019 7:23:56 AM By Stu Sjouwerman
For the fifth quarter in a row, Microsoft is the favorite domain of choice for scammers using phishing attacks to lure their victims into clicking on malicious content.
Continue Reading

Advice For Women: "Breaking Into the InfoSec Business"

Sep 18, 2019 7:21:15 AM By Stu Sjouwerman
KnowBe4’s Senior Vice President of Cyber Operations Rosa Smothers was recently interviewed on the CyberWire’s Daily Podcast, where she discussed her background working for the CIA and ...
Continue Reading

18 Months, 61 Billion Credential-Stuffing Attacks

Sep 18, 2019 7:16:16 AM By Stu Sjouwerman
Akamai observed 61 billion credential stuffing attacks between January 2018 and June 2019, according to Computer Business Review. In a new report on Internet security, Akamai researchers ...
Continue Reading

CyberheistNews Vol 9 #38 [Heads-Up] Holy SIMoly! SIM Card Attack Used to Spy on Mobile Phone Users

Sep 17, 2019 9:51:14 AM By Stu Sjouwerman
Continue Reading

Phishing Attacks Up, Especially Against SaaS And Webmail Services

Sep 17, 2019 7:04:22 AM By Stu Sjouwerman
Phishing attacks continued to rise into the summer of 2019 with cybercrime gangs’ focus on branded webmail and SaaS providers remaining very keen, according to the APWG report. The report ...
Continue Reading

Oklahoma Pension Fund Robbed of $4.2 million via Compromised Email

Sep 17, 2019 6:56:45 AM By Stu Sjouwerman
Attackers stole millions of dollars from Oklahoma’s pension fund for retired law enforcement officers, the Oklahoman reports. The Oklahoma Law Enforcement Retirement System (OLERS) said ...
Continue Reading

[Phishing Alert] UK Home Office primes Brexit spam cannon for a million texts reminding folk to check passports

Sep 16, 2019 2:18:57 PM By Stu Sjouwerman
The Register reported: "The UK Home Office will send a million text messages reminding people that the rules for travelling to the European Union will change in the event of a no-deal ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews