Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Phishing Kit Prices Rise

The price of phishing kits on the black market rose by 149% in 2019, according to researchers at Group-IB. ZDNet reports that the researchers tracked the pricing of 16,200 phishing kits ...
Continue Reading

COVID-19 Emails go From Zero to Half a Million a Day in Just Three Months

According to new data from security researchers at Forcepoint, the interest in coronavirus-themed emails and websites by cybercriminals is cause for concern.
Continue Reading

German Health Authorities Lose €1.5 Million in COVID-19 Mask Purchase Scam

Reaching an all-new low, an international team of individuals setup an elaborate online scam taking advantage of the current need for healthcare equipment to fight COVID-19.
Continue Reading

Third-Party Risk Management Questionnaire for Extended Emergencies

Here’s a questionnaire you can send to suppliers during extended work from home (WFH) periods.
Continue Reading

Apple, Netflix, and Yahoo Were the Most Impersonated Brands in Q1 2020

10% of all brand-impersonation phishing attacks spoofed Apple in the first quarter of 2020, according to a new report from Check Point. Netflix came in second with 9%, followed by Yahoo ...
Continue Reading

[HEADS UP] DHS Deadline Notice of 56 Million Security Awareness Training Funding Opportunity

The Department of Homeland Security is providing $56,000,000.00 of grant money to states for cybersecurity and security awareness training.
Continue Reading

New COVID-19 Malware Variants Render Your Endpoints Useless

Forget cybercriminals out to steal your money and credentials. Security researchers are now finding more malware intent on rewriting master boot records and wiping file systems.
Continue Reading

Quarantine Text Scam Tricks U.K. Residents into Paying “Fine”

Because of the ambiguity of current lockdown restrictions, a new text scam pretending to be from the government feels a bit too real to U.K. residents, turning them into victims.
Continue Reading

Zeus Sphinx Banking Trojan is Revived Under the Guise of COVID-19 Assistance

The 5-year old malware variant has reared its ugly head once again after a three-year hiatus – this time attempting to take advantage of the need for COVID-19 financial assistance.
Continue Reading

Netflix Scams Target People Sheltering in Place

With people sheltering in place during the pandemic emergency, they’re both teleworking and finding their entertainment online. Google searches for Netflix jumped 142% since the advice to ...
Continue Reading

It’s Look-Alike Day: While Doppelganger Humans Can Be Funny, Domains Are Not

On April 20, we celebrate National Look-Alike Day. It’s the perfect time to see which people have similar features as you, instead of that completely normal person you bumped into at the ...
Continue Reading

Damage From Phishing Doubles For Dutch Banks

Dutch banks saw damage from phishing double last year compared to the previous year. This concerns both phishing for 2FA security codes and phishing for credit and debit card numbers, ...
Continue Reading

[Heads-Up] Hacking Attacks Double Against Users Who Now Suddenly Work From Home

Reuters just reported that hacking activity against corporations in the United States and other countries more than doubled by some measures last month as digital thieves took advantage ...
Continue Reading

Re-Opening the American Economy? Malicious Actors Have a Plan...

By Eric Howes,  KnowBe4 Principal Lab Researcher.  If you've been following the news over the past week or so then you know that a robust debate has opened at federal, state, and local ...
Continue Reading

[NEW PhishER Feature] Remove, Inoculate, and Protect Against Email Threats Faster with PhishRIP

We are excited to announce the availability of PhishRIP™ as part of the PhishER platform to all PhishER customers. PhishRIP is a new email quarantine feature that integrates with ...
Continue Reading

Phishing Trend: Quality, Not Quantity?

A new report from CyberCube found that sophisticated cybercriminals are increasingly shifting to launching business email compromise (BEC) attacks against executives, Insurance Business ...
Continue Reading

Spanish Hospital Faces Netwalker Ransomware Attack in the Midst of Pandemic

At a time when hospitals are already stretched thin for budget, one of many attackers still thinks it’s a good idea to hold hospitals for ransom, showing organizations always need to be ...
Continue Reading

Coronavirus-Related Spear Phishing Attacks See a Massive 667% Increases in March

Attackers are taking advantage of the pandemic, looking for every way possible to achieve their malicious goals via targeted phishing campaigns of every kind.
Continue Reading

When the Implausible Seems, Well, More Plausible

Everyone is vulnerable to social engineering and no security tool can block every phishing email, according to Kevin Casey at The Enterprisers Project. Casey talked to a number of ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews