Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Facebook Work-From-Home “Job” Posting Scam Goes the Extra Mile to Trick Victims

A new job posting scam found by IT security company Qualysys is focused on capturing victim’s identity details, accessing victim’s Facebook accounts, and committing fraud. In this new ...
Continue Reading

More Than Half of Data Breaches in the U.K.’s Legal Sector are Due to Insider Error

A new analysis of data breaches in the United Kingdom's legal sector shows that organizations need to be looking inward more and look for ways to elevate the security awareness of ...
Continue Reading

Scammers Target Owners of Missing Pets

Some particularly cold-hearted scammers are targeting users of lost pet forums with phony ransom demands, the BBC reports.
Continue Reading

‘Swatting’ Becomes the Latest Extortion Tactic in Ransomware Attacks

Rather than stick to traditional ransomware extortion methods that revolve around the attack itself, a new form of extortion known as Swatting puts the focus on the victim organization’s ...
Continue Reading

Ninety-Four Percent of Organizations Sustained Phishing Attacks Last Year

A survey by Egress has found that 94% of organizations were hit by phishing attacks in 2023, Infosecurity Magazine reports. Additionally, 91% of firms experienced data loss and ...
Continue Reading

Malicious APKs Drain Bank Accounts

A phishing campaign is targeting Chinese users in an attempt to distribute malicious apps, according to researchers at Palo Alto Networks’s Unit 42.
Continue Reading

Cryptocurrency Drainer Distributed Through Phishing

Mandiant has published a report on “CLINKSINK,” a cryptocurrency Drainer-as-a-Service (DaaS) that’s targeting users of the Solana currency.
Continue Reading

LinkedIn is Being Used for *Dating* – It’s a Recipe for Disaster

A new article explains how business professionals are beginning to be not-so-professional and seeking to make personal connections. It’s only a matter of time before cybercriminals jump ...
Continue Reading

Analysis of Phishing Emails Shows High Likelihood They Were Written By AI

It’s no longer theoretical; phishing attacks and email scams are leveraging AI-generated content based on testing with anti-AI content solutions.
Continue Reading

Women CyberSecurity Society Targeted by Smishing Campaign

The Canada-based Women CyberSecurity Society (WCS2) has warned that its leadership, members, and volunteers are being targeted by an SMS phishing (smishing) campaign, IT World Canada ...
Continue Reading

Three-Quarters of Organizations Have Experienced Phishing Attack in the Last 12 Months

Regardless of whether your environment remains on-premise, resides in the cloud, or is a hybrid configuration, new data makes it clear that your biggest risk is phishing attacks.
Continue Reading

[New Phishing Template] Formula 1 Exclusive: Gene Haas on Guenther Steiner's Departure

In a surprising turn of events for Formula 1 enthusiasts, the Haas F1 Team is grappling with the departure of its widely-respected Team Principal, Guenther Steiner. Let's dive into the ...
Continue Reading

Beware of "Get to Know Me" Surveys

Trained security awareness professionals are aware that whatever someone says about themselves and personal experiences can be used against them in a social engineering scam. It is always ...
Continue Reading

Microsoft Takes the Lead in Q4 2023 for Alarming Phishing Attempts

Microsoft was the most impersonated brand last quarter, accounting for a third (33%) of all brand phishing attempts in October, November, and December 2023, according to Check Point’s ...
Continue Reading

FTC Issues Warning About the Dangers of QR Code-Based Scams

The latest consumer alert posted by the federal trade commission (FTC) signals that the upticks in QR code-based scams are being seen by cybersecurity vendors are indeed a valid growing ...
Continue Reading

KnowBe4 Named a Leader in the Winter 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

We are excited to announce that KnowBe4 has been named a leader in the Winter 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for ...
Continue Reading

[Security Masterminds] Revolutionizing Cybersecurity Training: How AI Is Changing the Game

Artificial intelligence (AI) in the cybersecurity realm is a nuanced topic. On the one hand, it has the potential to enhance our abilities to detect and prevent cyber threats ...
Continue Reading

Beyond the Scams: Unraveling the Dark Tactics of Real-World Kidnapping Scams and Virtual Extortion

The world can be a scary and dangerous place. Its unethical scammers have no problem doing almost anything to make a buck, but sometimes, their plots seem to be extra messed up.
Continue Reading

Pikabot Malware Spreading Through Phishing Campaigns

Researchers at Trend Micro warn that a threat actor known as “Water Curupira” is distributing the Pikabot malware loader via widespread phishing campaigns.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews