Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Passkeys Are Being Pushed in a Big Way

Oct 26, 2022 10:58:37 AM By Roger Grimes
There is a good chance that you and nearly everyone else will be using passkeys in the near future.
Continue Reading

Don’t Let High-Tech Distract You from Low-Tech

Oct 26, 2022 10:58:13 AM By Stu Sjouwerman
Deepfakes, the realistic and thoroughly convincing fabrication of imagery, video, and audio that fakes the identity of some person in ways that are difficult to detect, have aroused ...
Continue Reading

CyberheistNews Vol 12 #43 [Heads Up] This New Strain of Fake Ransomware Is Sloppy but Dangerous

Oct 25, 2022 9:30:00 AM By Stu Sjouwerman
Continue Reading

[Eye Opener] Work In IT? You Get Attacked Much More Than Other Employees

Oct 24, 2022 3:17:13 PM By Stu Sjouwerman
We received an interesting email from Elevate Security you need to be aware of. Their recent research showed: "Social engineering attacks are growing more sophisticated every day, ...
Continue Reading

Major UK Outsourcer Hit With Multi-Million Dollar Fine Due to a Phishing Attack

Oct 24, 2022 1:58:54 PM By Stu Sjouwerman
Britain's data watchdog has fined major construction group Interserve with a £4.4m fine. This was due to a cyber attack stole personal and financial details for over 113,000 employees and ...
Continue Reading

Phishing for Student Email Accounts

Oct 24, 2022 9:23:57 AM By Stu Sjouwerman
University student accounts are being exploited for business email compromise. Researchers at Avanan have observed a rise in attacks that compromise legitimate college student accounts in ...
Continue Reading

BazarCall Expands Callback Phishing Campaigns to Include More Support Sites and Malicious Tactics

Oct 21, 2022 1:59:44 PM By Stu Sjouwerman
The king of callback phishing campaigns has evolved their methods to include better phishing emails, phone call scams, and final payloads to ensure they achieve their malicious goals.
Continue Reading

New Credential Harvesting Scam Impersonates Google Translate to Trick Victims

Oct 21, 2022 1:59:35 PM By Stu Sjouwerman
In an interesting twist, this latest scam identified by security researchers at Avanan attempts to establish legitimacy by making the victim think the logon page is being translated.
Continue Reading

[INFOGRAPHIC] 10 Tips for Running a Successful Compliance Training Program

Oct 20, 2022 9:46:34 AM By Stu Sjouwerman
Compliance training is often seen as a chore that organizations need to just get through. That said, compliance cannot simply be ignored. A recent report from software firm GlobalScape ...
Continue Reading

New Phishing Attack Attempts to Steal Social Security Numbers

Oct 20, 2022 8:54:27 AM By Stu Sjouwerman
A phishing campaign is impersonating the US Social Security Administration (SSA) in an attempt to steal Social Security numbers, according to researchers at INKY.
Continue Reading

Phishing Targets US Election Workers

Oct 19, 2022 2:24:49 PM By Stu Sjouwerman
Researchers at Trellix warn of phishing attacks targeting election workers in advance of the US midterm elections. These attacks spiked ahead of the primary elections in Arizona and ...
Continue Reading

Scary Metaverse - Cybersecurity Risk Implications

Oct 19, 2022 8:51:27 AM By Anna Collard
The Metaverse, while still mostly a concept at the moment, consists of the possibilities that arise when you combine the advances and affordability in extended reality (XR) space with the ...
Continue Reading

New COVID-19 Phishing Wave Misuses Google Forms to Steal Victim Information

Oct 18, 2022 2:41:20 PM By Stu Sjouwerman
This new credential harvesting scam impersonates a real U.S. Government COVID-related grant program to harvest credentials and personal details using a blatantly obvious Google form.
Continue Reading

91% of Organizations are Concerned About Ransomware Attacks in 2022

Oct 18, 2022 2:41:17 PM By Stu Sjouwerman
With ransomware attacks becoming more frequent, evasion getting more sophisticated, and ransoms increasing, new data shows organizations aren’t fighting for staff and budget.
Continue Reading

[HEADS UP] South African Post Office Sends Warning of Targeted Phishing Attacks

Oct 18, 2022 1:31:01 PM By Stu Sjouwerman
The South Africa Post Office (SAPO) recently warned customers of phishing emails to portray the post office. These cybercriminals are asking for outstanding customs fees that require ...
Continue Reading

WSJ: "Cybersecurity Tops the CIO Agenda as Threats Continue to Escalate"

Oct 18, 2022 10:42:39 AM By Stu Sjouwerman
Steven Rosenbush at the WSJ reported: "Chief information officers say cybersecurity once again will be their top investment priority in 2023, a sign of how companies are racing to manage ...
Continue Reading

Name-and-Shame Scams on Discord

Oct 18, 2022 10:05:18 AM By Stu Sjouwerman
Scammers are sending Discord messages with phony accusations to trick users into clicking on phishing links, according to Shan Abdul at MakeUseOf. The messages are sent from compromised ...
Continue Reading

CyberheistNews Vol 12 #42 [Heads Up] Almost 19% of Phishing Emails Bypass Microsoft Defender

Oct 18, 2022 9:30:00 AM By Stu Sjouwerman
Continue Reading

How To Stop Job Scams

Oct 17, 2022 4:01:57 PM By Roger Grimes
I am reading and hearing about a ton of job scams these days. So many, I wondered how anyone could get a real job or employee, especially in these days of often full-time, work-from-home ...
Continue Reading

Sloppy but Dangerous: Fake Ransomware

Oct 17, 2022 8:34:05 AM By Stu Sjouwerman
Conventional ransomware encrypts the victims’ files and holds them hostage, unavailable to their owners, promising to provide a decryptor once the victims pay the ransom. In some cases ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews