Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

[FREE Resource Kit] Cybersecurity Awareness Month 2021 Now Available

Cybersecurity Awareness Month is right around the corner, but we’ve got you covered!
Continue Reading

U.K. Organizations See Double the Number of Ransomware Attacks in the First Half of 2021

New analysis of ransomware incidents reported to the UK's Information Commissioner's Office (ICO) in the first half of 2021 show a massive rise when compared to 2020.
Continue Reading

Cryptominers are Tricked out of Cryptocurrency Using Phishing Scams Involving the Purchase of Mining Equipment

The leveraging of Google Docs, a spoofed website, a realistic-feeling buying process, and asking for payment in cryptocurrency is all it takes to separate victims from thousands of ...
Continue Reading

Cybercriminals Can Post Jobs on LinkedIn Posing as Any Employer They Want

Lax verification around what company is offering a given job on LinkedIn allows attackers to create bogus job postings for malicious purposes.
Continue Reading

A COVID-19 Phishing Caper

A new phishing campaign is exploiting the ongoing uncertainty about company policies related to COVID-19, according to Roger Kay at INKY. The campaign uses emails that purport to come ...
Continue Reading

A Look at a Ransomware Affiliate

The US Federal Bureau of Investigation (FBI) has issued an advisory describing a ransomware affiliate that calls itself “OnePercent Group,” the Record reports. The Record notes that the ...
Continue Reading

Nigerian Threat Actors Solicit Victim Organization Employees to Deploy Demon Ransomware

The use of employees as insider accomplices potentially changes how social engineering is being used in exchange for a direct request for internal assistance.
Continue Reading

Arrests in International Fraud Scheme Due to Social Engineering

Police in Romania, the Netherlands, and Ireland have arrested and charged twenty-three people accused of conducting sophisticated social engineering attacks. The organized crime group ...
Continue Reading

Hospitals Continue to be Ransomware Targets as Half Experience Shutdowns in the Last 6 Months

With financial impacts as high as $46K per hour, shutting down some or all of operations due to a ransomware attack is not a decision taken lightly by hospitals, but may be the only ...
Continue Reading

Microsoft Warns of New Phishing-Turned-Vishing-Turned-Phishing Attack Aimed at Installing Ransomware

In what appears to be a phishing attack that includes a mix of emails and phone calls, Microsoft reminds us to be wary of only opening emails and attachments from known contacts.
Continue Reading

“Compromise” is the “C” in “MICE”

The FBI is warning Silicon Valley companies to be wary of insider threats, Protocol reports. FBI special agent Nick Shenkin told Protocol in an interview that authoritarian ...
Continue Reading

CISA shares guidance on how to prevent ransomware data breaches

Bleepingcomputer reported: "The US Cybersecurity and Infrastructure Security Agency (CISA) has released guidance to help government and private sector organizations prevent data breaches ...
Continue Reading

Phishing Attacks Have Increased by 22% This Year

The volume of phishing attacks has increased 22% this year compared to the first half of 2020, according to researchers at PhishLabs.
Continue Reading

Defending Against Ransomware Attacks Should Start (and Can End) With Security Awareness Training

The world’s most dangerous, expensive, and impactful cyberattack can potentially be stopped with little more than a conscientious user who is paying attention.
Continue Reading

Can the Microsoft 365 Platform Be Trusted to Stop Security Breaches?

Lax security policies, a lack of security measures and solutions in place, and an expectation that Microsoft will address any security issues is putting organizations at risk.
Continue Reading

Deepfakes Continue to be a Concern as the Technology Improves and Becomes More Convincing

In the wake of the FBI’s warning about more deepfake-based cyber attacks coming in the next year, organizations should remain vigilant against this compelling form of social engineering.
Continue Reading

Trend Micro: Most Organizations in the World Will Likely Be Compromised in the Next 12 Months

A new report from security vendor Trend Micro quantifies the current level of risk most organizations are facing, highlighting how ill-prepared we really are, how many have already been ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews