Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Whaling: Like Phishing, but After Bigger Game

Organizations have to acknowledge their responsibility for ensuring their employees are able to recognize targeted phishing attacks, according to James McGachie, Legal Director of DLA ...
Continue Reading

Top 9 IT Security Trends You Need to Watch Out For in 2020

Cyber security and security awareness training landscapes are constantly changing.  IT Professionals, like you, always need to know what is coming next in order to build (and maintain) ...
Continue Reading

Royal Mail Scam: Sorry, You Haven't in Fact Won that iPhone 11 Pro

An SMS phishing scam is targeting people in the UK with fake notifications that appear to come from the Royal Mail postal service, The Sun reports. The messages are personalized, and they ...
Continue Reading

Dancing with Hackers

Dancing with the Stars pro Witney Carson announced on Twitter that her Facebook account had been hacked. Unknown miscreants gained control of Carson’s Facebook through a unique phishing ...
Continue Reading

1000+ Schools Hit In October Alone By Still Active Ransomware Attack Wave

October was the first month we got some visibility on how the bad guys are now targeting school districts and students across the USA in a wave of new ransomware attacks. This attack is ...
Continue Reading

Take the Free Weak Password Test and Enter to Win a Stormtrooper Helmet!

Are your users' passwords…P@ssw0rd? Verizon's Data Breach Report showed that 81% of hacking-related phishing attacks used either stolen and/or weak passwords. Employees are the weakest ...
Continue Reading

Best Practices for Creating Order from Phish Reporting Chaos

When Greg Kras, KnowBe4’s Chief Product Officer, first rolled out our Phish Alert Button (your users can use it to report suspicious emails), he thought it would be a great way for you to ...
Continue Reading

Financial Advisor Fined After Falling for BEC Scam

The Financial Industry Regulatory Authority (FINRA) fined and temporarily suspended a financial advisor working for UBS after he was tricked into transferring $511,870 from a client’s ...
Continue Reading

[NEW RISK] The MAZE Ransomware Gang Outs Their Victims On A Public Web Site

In a continuing escalation of its extortion tactics, independent security researcher, Brian Krebs reported on Krebsonsecurity.com that the criminals behind the MAZE Ransomware gang just ...
Continue Reading

Money Mules and Evil Corp.

Last week we reported that the U.S. Justice and Treasury Departments filed charges against and placed sanctions on the members of “Evil Corp.,” the criminal group behind the Dridex ...
Continue Reading

Spear Phishing in the Royal Canadian Mint

The Royal Canadian Mint, which produces Canada’s coins, nearly sent an employee’s paycheck to an attacker following a spear phishing attack, CBC News reports. The attacker sent an email ...
Continue Reading

Identify & Respond to Email Threats Faster with PhishER

Your users are likely already reporting potentially dangerous emails in some fashion within your organization. The increase of this email traffic can present a new problem!
Continue Reading

Mysterious Global Phishing Campaign Uncovered

A mysterious phishing campaign was spotted by threat researchers from Anomali. The global credential gathering phishing campaign was directed primarily at government procurement ...
Continue Reading

ReVil Ransomware Threatens to Squeeze Their Victims with Public Exposure of Data

The REvil Ransomware crew are getting ready to put more pressure on their ransomware victims to pay up by threatening to release data if the ransom isn't paid.
Continue Reading

Insurance Company On The Hook for 1.7 Million Dollars After Denying BEC Scam Claim

An article in the insurance Journal reports that the 11th Circuit Court in Atlanta agreed with a district court ruling that insurance company "Ironshore" is still on the hook for paying a ...
Continue Reading

What's in it for the Social Engineers?

A necessary skill for any successful hacker is an understanding of how the human mind works, according to a post in IT Pro. Knowing how to manipulate technology is a major part of the ...
Continue Reading

Last Chance to Try the Free Domain Spoof Test to Win $500 Amazon Gift Card!

Are you aware that one of the first things hackers try is to see if they can spoof the email address of someone in your own domain?
Continue Reading

67% of UK Employees Flout Internal IT Security Rules

Businesses are leaving themselves unnecessarily exposed to significant security risks, it’s claimed by a cloud and IT business continuity services company, According to Databarracks’ data ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews