Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Distracted in Target

It was an average Sunday…laundry, errands, football. I was standing in the checkout line at my favorite store, Target, when my son texted to remind me to get the Tostitos Scoop chips, he ...
Continue Reading

Europol Finds Majority of Attack Groups Rely on Spear Phishing as Primary Infection Vector

A new report from Europol’s European Cybercrime Center (EC3) breaks down how targeted phishing attacks are being done, and how to avoid becoming a victim.
Continue Reading

Gift Card Scams are Decreasing in Light of Other Business Email Compromise Scams

New data from email security vendor Agari shows Business Email Compromise (BEC) attacks shifting tactics last quarter, in favor of scams resulting in larger payouts.
Continue Reading

Identity Deception-Based Phishing Attacks Show an Increase in Impersonating Individuals

The use of impersonating a person or brand as part of an attack in on the rise, giving attackers the upper hand, establishing instant credibility and lowering the defenses of the ...
Continue Reading

Phishing for Gamers Uses A Fake Skin Giveaway

BleepingComputer warns that a fake Steam skin giveaway site is stealing users’ Steam credentials. The site appears to be running a 26-day promotion giving away free skins for ...
Continue Reading

5 Harsh Truths About Ransomware Attacks At LAW.COM

Frank Ready at LAW.COM wrote this very clear article with great budget ammo. I suggest you forward the link at the bottom to your Legal team, with a cc to your C-level executive who own ...
Continue Reading

Insecure Database Exposes Millions of Private SMS Messages

Researchers discovered an unprotected TrueDialog database hosted by Microsoft Azure with diverse and business-related data from tens of millions of users.
Continue Reading

Netflix "Account Freeze" Phishing Campaign In The Wild

A Netflix phishing scam is going after users’ payment information and Netflix credentials, according to Naked Security. The phishing emails inform recipients that they’ve missed a payment ...
Continue Reading

Pervasive Ransomware Infection Cost German Software Company Pilz Tens Of Millions Of Euros

A pervasive ransomware infection cost the German automation company Pilz an estimated tens of millions of euros, says Jan Tournois, director of the Dutch department of the multinational.
Continue Reading

You Can’t Always Trust a Dot-Gov Domain

It may be easier than one thinks to register a dot-gov domain, according to KrebsOnSecurity. People have tended to regard urls with the top-level domain dot gov as generally reliable, but ...
Continue Reading

Business Email Compromise Topples Over $26 Billion in Losses

This lucrative business of tricking companies into fraudulently transferring funds into cybercriminal-owned bank accounts is showing signs of growing. Scammers use many forms of attack to ...
Continue Reading

Global Utilities See Cyberattacks as Greater Threat to Operations than IT with Half Experiencing Outages

Global industrial organizations are seeing and feeling the effects of cyberattacks, recognizing the material impact potential upon operations.
Continue Reading

Over Half of SMBs Experience Phishing and Social Engineering Attacks

The assertion that SMBs aren’t a cyber-target is officially dead. SMBs are victims of the very same attacks as enterprises in growing numbers, according to new research.
Continue Reading

Insurers Get Serious About Social Engineering Attacks Citing a Lack of Awareness as the Problem

With specific endorsements to protect against social engineering scams, insurers are realizing where the true risk lies in cyberattacks and make recommendations of how to mitigate it.
Continue Reading

Top Security Trends in Europe

Defending your organization against cyber threats and phishing attacks is not a one-size-fits-all approach. Cultural differences, language barriers, regional policies and more can mean ...
Continue Reading

Shooting Ourselves in the Foot: The Biases We All Have

We humans like to believe that we are rational beings, fully in control of our decisions and actions. But psychologists and behavioral economists disagree. They argue that we are — by ...
Continue Reading

Join Us for a Live Demo on Simulated Phishing and Awareness Training

See Ridiculously Easy Security Awareness Training and Phishing in Action!
Continue Reading

Merchant fined for failing to train employees — Former NYDFS Superintendent Vullo Talks About Cybersecurity Regs

Mark Harrop, Director of Communications, Corporates at Thomson Reuters made me aware of a very interesting interview with Maria Vullo, the former Superintendent of New York’s Department ...
Continue Reading

‘Professional’ ransomware gang targets 1,800 large organizations worldwide, Dutch investigators find

Filip Truta at Bitdefender blogged: "A confidential report from the Netherlands’ National Cyber ​​Security Center warns that ransomware operators are targeting at least 1,800 large ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews