Human Risk Management Blog

Keeping you informed. Keeping you aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Brunswick Church Falls For Phishing Scam Of Almost $2 Million

Staff at St. Ambrose Roman Catholic Church in Brunswick say the church was scammed out of nearly $2 million. The church said a phishing email led it to believe that a construction firm ...

PSA: How To Recognize Disinformation

One of the skills everyone needs to prevent social engineering attacks is to recognize disinformation. False information that is intended to mislead people has become an epidemic on the ...

Why Marketing Departments Are Cyber Security Targets

Because of what they do, marketing departments are potential cybersecurity risks themselves, and digital bad actors are well aware of it. "Since marketers are more closely connected to ...

BEC Scams are a Growing Threat to Retailers

Cybercriminals are improving their social engineering skills to target online retailers with sophisticated business email compromise (BEC) scams, according to Rafael Lourenco at ...

Business Email Compromise Doubled in 2018, Topping the FBI’s List of Internet Crimes

Despite the massive uptick in just about every cybercrime category, good old-fashioned fraud via email phishing and social engineering dominate as the threat to be most concerned about.

U.K. Study Finds only 15% of People Sufficiently Know How to Protect Themselves Online

With 80% of people saying cybersecurity is a priority, the disparity between what they believe is important and their ability to protect themselves puts organizations at risk.

Cryptojacking Phishing Attacks Target Enterprises With NSA-Linked Exploits

Summary: Researchers at Symantec are tracking a cryptojacking campaign that —for now—seems mostly to affect businesses in China. They're calling the campaign "Beapy," and the worm ...

PDFs Return as Phishbait

The use of malware-laden PDF email attachments has spiked in recent months, internet security company SonicWall has found. Over the course of 2018, SonicWall detected 47,000 new attack ...

Scott County Schools victim of $3.7 million CEO Fraud Phishing Scam

GEORGETOWN, Ky. (WKYT) - Scott County Schools has announced the district is a victim of a multi-million dollar online CEO fraud scam.

[BREAKING NEWS] US Supreme Court Curbs Class Action Lawsuits Caused By W-2 Phishing Fraud

BREAKING NEWS: The upshot: This case made it all the way to the Supreme Court and sets a new precedent. A phished employee sent out 1,300 confidential employee W-2 data.

[Heads up] Sneaky Phishing Attacks Exploit Legitimate Services & Platforms to Fly Below Your AV's Radar

By Eric Howes, KnowBe4 Principal Lab Researcher. Over the last few months, we have seen a rising trend of the bad guys using legitimate services—mainly file hosting platforms, but also ...

Phishing Emails Will Always Get Through

Attackers have proven their ability to adapt to improved security measures, and organizations should never assume they’re safe from phishing emails, says Paul Gillin at SiliconANGLE.

Executives are Out and Employees are In as Cybercriminals Change Their Primary Targets for Cyberattack

Phishing and Social Engineering scammers are shifting tactics, focusing efforts on low-level employees using a variety of methods as a means to cast a wider net within a targeted ...

Phishing Attacks See Massive Increases and Improvements in Execution with Social Engineering at the Helm

With 98% of malicious emails that hit inboxes containing no malware, the evolution and future of the phish lies squarely in the hands of effective social engineering.

Manufacturing giant Aebi Schmidt hit by ransomware

Aebi Schmidt, a European manufacturing giant with operations in the U.S., has been hit by a ransomware attack, TechCrunch has learned.

PayPal receives patent for ransomware detection technology

The United States Patent and Trademark Office has granted this week a patent to online payments company PayPal for a technique for detecting and stopping ransomware attacks.

Evil TeamViewer Attacks Under the Guise of the U.S. State Department

A targeted, email-borne attack against embassy officials and government finance authorities globally is making use of a malicious attachment disguised as a top-secret U.S. document. It ...

Why Ransomware Continues to Be an Immensely Profitable Business for Bad Actors

Ransomware, arguably the most efficient malware used by cybercrooks in recent years, continues to wreak havoc on a global scale, affecting everyone and everything, from regular Internet ...


Get the latest insights, trends and security news. Subscribe to CyberheistNews.