Should You Click on Unsubscribe?

Feb 21, 2023 4:36:29 PM By Roger Grimes

Some common questions we get are “Should I click on an unwanted email’s ’Unsubscribe’ link? Will that lead to more or less unwanted email?”

Do Not Let Ransomware Steal the Show – Business Email Compromise Is the Biggest Threat You Must Prepare For!

Feb 21, 2023 10:12:12 AM By Javvad Malik

When it comes to cybersecurity, ransomware is the rockstar of threats. But taking a peek behind the curtain, business email compromise (BEC) causes huge financial losses.

A Special Case of Business Email Compromise

Feb 21, 2023 9:12:41 AM By Stu Sjouwerman

Cloudflare warns that business email compromise (BEC) phishing has assumed a new form: vendor email compromise (VEC). The classic BEC case involves the impersonation of someone within an ...

CyberheistNews Vol 13 #08 [Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach

Feb 21, 2023 9:00:00 AM By Stu Sjouwerman

CyberheistNews Vol 13 #08 | February 21st, 2023 [Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach There is a lot to learn from Reddit's ...

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Feb 21, 2023 8:36:46 AM By Stu Sjouwerman

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

Corporate Transitions Represent Times of Heightened Danger

Feb 20, 2023 10:05:40 AM By Stu Sjouwerman

When should organizations be on guard against social engineering? Always, of course, but there are certain times when they should be especially alert. A study of cyberattacks has found ...

The Curse of Cybersecurity Knowledge

Feb 17, 2023 10:54:25 AM By Javvad Malik

The curse of knowledge is a cognitive bias that occurs when someone is trying to communicate information to another person, but falsely assumes that the other person has the same level of ...

Will AI and Deepfakes Weaken Biometric MFA

Feb 17, 2023 9:31:39 AM By Roger Grimes

You should use phishing-resistant multi-factor authentication (MFA) when you can to protect valuable data and systems. But most biometrics and MFA are not as strong as touted and much of ...

[HEADS UP] Russian Hacker Group Launches New Spear Phishing Campaign with Targets in US and Europe

Feb 16, 2023 9:17:56 AM By Stu Sjouwerman

The Russian-based hacking group Seaborgium is at it again with increased spear phishing attacks targeting US and European countries in the last year.

Security Awareness: The Top Trend of 2023

Feb 15, 2023 4:31:58 PM By Jelle Wieringa

The Dutch organization Supply Value (a specialist in network optimalisation) together with the website Computable, published an article on their annual research into the top trends in IT ...

[INFOGRAPHIC] 9 Cognitive Biases Hackers Exploit the Most

Feb 15, 2023 10:18:50 AM By Stu Sjouwerman

Cybersecurity is not just a technological challenge, but increasingly a social and behavioral one.

New Survey Reveals Employees are the Attack Surface

Feb 15, 2023 9:18:35 AM By Stu Sjouwerman

A survey by Tanium has found that IT security professionals in the UK say that 64% of avoidable cyber attacks are due to human error, which usually involves falling for phishing attacks. ...

Reddit is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach

Feb 15, 2023 8:18:20 AM By Stu Sjouwerman

There is a lot to learn from Reddit's recent data breach, which was the result of an employee falling for a “sophisticated and highly-targeted” spear phishing attack.

FTC: Romance Scams Cost U.S. Victims a Total of $1.3 Billion

Feb 15, 2023 8:11:41 AM By Stu Sjouwerman

Seemingly repeating the previous year, the FTC’s latest report highlights that nearly 70,000 people reported being the victim of a romance scam last year.

Deepfake Crackdown After 4Chan Users Make Celebrity Voices Say Racist, Transphobic, and Violent Things

Feb 15, 2023 8:08:06 AM By Stu Sjouwerman

As deepfake technology continues to improve, creators of deepfake technology seek to lock down and safeguard the use of their technology after inappropriate use shows up on the web.

Cybercriminals are Using Geotargeted Phishing to Target Victims

Feb 14, 2023 9:06:54 AM By Stu Sjouwerman

Attackers are abusing a legitimate service called “GeoTargetly” to launch localized phishing attacks, according to Jeremy Fuchs at Avanan. GeoTargetly is meant to be used by advertisers ...

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

Feb 14, 2023 9:00:00 AM By Stu Sjouwerman

CyberheistNews Vol 13 #07 | February 14th, 2023 [Scam of the Week] The Turkey-Syria Earthquake Just when you think they cannot sink any lower, criminal internet scum is now exploiting ...

Spear Phishing Attacks Increase 127% as Use of Impersonation Skyrockets

Feb 9, 2023 8:51:35 AM By Stu Sjouwerman

Impersonation of users, domains, and brands is on the rise, as is the use of malicious links, in response to security vendors improving their ability to detect malicious attachments.

U.K. Citizens See 82% Increase in Advanced Fee Scams in the Last Year

Feb 9, 2023 8:51:29 AM By Stu Sjouwerman

In the wake of the rising cost of living, new scams targeting those in less-than-optimal financial situations based on “deprived” areas throughout the country.

Hackers Work Around ChatGPT Malicious Content Restrictions to Create Phishing Email Content

Feb 9, 2023 8:51:21 AM By Stu Sjouwerman

Active discussions in hacker forums on the dark web showcase how using a mixture of the Open AI API and automated bot from the Telegram messenger platform can create malicious emails.