Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Spoofing-as-a-Service Site Taken Down

Dec 1, 2022 10:31:30 AM By Stu Sjouwerman
Law enforcement authorities across Europe, Australia, the United States, Ukraine, and Canada have taken down a popular website used by cybercriminals to impersonate major corporations in ...
Continue Reading

[Keep An Eye Out] Beware of New Holiday Gift Card Scams

Nov 30, 2022 10:04:25 AM By Roger Grimes
Every holiday season brings on an increase in gift card scams. Most people love to buy and use gift cards. They are convenient, easy to buy, easy to use, easy to gift, usually allow the ...
Continue Reading

CyberheistNews Vol 12 #48 [Eye Opener] Microsoft Warns Against Recent, Complex, Ransomware Campaign

Nov 29, 2022 9:30:00 AM By Stu Sjouwerman
Continue Reading

Quiet Quitting Can Potentially Lead to Insider Security Risks

Nov 29, 2022 8:52:45 AM By Stu Sjouwerman
The phenomenon known as “quiet quitting,” in which employees become disengaged from their work while formally remaining in their jobs, can lead to serious security risks, according to Tim ...
Continue Reading

Merriam-Webster has announced "gaslighting" as the 2022 word of the year

Nov 29, 2022 7:13:38 AM By Stu Sjouwerman
Merriam-Webster has announced "gaslighting" as the 2022 word of the year. One definition of gaslighting is "to manipulate (someone) into believing that he or she is going insane or that ...
Continue Reading

[New App] Empower Your Users to Engage with Security Awareness and Compliance Training Anytime, Anywhere with the KnowBe4 Learner App

Nov 28, 2022 12:40:59 PM By Stu Sjouwerman
We’re excited to introduce a new way for your users to engage with KnowBe4 security awareness and compliance training anytime and anywhere with the KnowBe4 Learner App. And the best part? ...
Continue Reading

There’s No Such Thing as a Free Yeti, Only Social Engineering Tactics

Nov 28, 2022 11:34:57 AM By Stu Sjouwerman
It’s easy to think of the typical online holiday scam as something that affects mostly individuals. Sad, maybe, and unfortunate, but not something that might seriously threaten a ...
Continue Reading

WhatsApp data breach sees nearly 500 million user records up for sale

Nov 26, 2022 3:29:06 PM By Stu Sjouwerman
Craig Hale at Techradar reported: "A post on a “well-known hacking community forum” claims almost half a billion WhatsApp records have been breached and are up for sale. 
Continue Reading

[Send This To Your Users] 5 Top Scams To Watch Out For This Holiday Season

Nov 25, 2022 4:05:48 PM By Stu Sjouwerman
Here is a 3-minute article that we suggest you copy/paste and send to all your users as part of your ongoing security culture campaign.  "The holiday season is a time when people are ...
Continue Reading

Cybersecurity incidents cost organizations $1,197 per employee, per year

Nov 25, 2022 3:39:41 PM By Stu Sjouwerman
This statistic is alarming and underscores the importance of having a robust cybersecurity program in place. According to the Ponemon Institute, the average cost of a data breach is $3.8 ...
Continue Reading

A Recent, Complex, Ransomware Campaign

Nov 22, 2022 9:39:48 AM By Stu Sjouwerman
Microsoft has observed a threat actor that’s been running a phishing campaign since August 2022. The threat actor, which Microsoft tracks as “DEV-0569,” is using phishing emails to ...
Continue Reading

New Instagram Support Phishing Attack Fakes “Unusual Logon” Experience Well Enough to Fool Victims

Nov 22, 2022 9:36:16 AM By Stu Sjouwerman
Long gone are the days of tacky landing pages that barely impersonate a brand; threat actors are improving their social engineering game well enough to make anyone believe it’s the real ...
Continue Reading

Image-Based Phishing and Phone Scams Continue to Get Past Security Scanners

Nov 22, 2022 9:34:34 AM By Stu Sjouwerman
Using the simplest tactic of not including a single piece of content that can be considered malicious, these types of scams are making their way to inboxes every single time.
Continue Reading

CyberheistNews Vol 12 #47 [Heads Up] Watch Out for This Tricky New Tactic Called Clone Phishing

Nov 22, 2022 9:17:29 AM By Stu Sjouwerman
Continue Reading

World Cup Phishing Attacks Doubled And Will Increase

Nov 21, 2022 4:17:16 PM By Stu Sjouwerman
Researchers at Trellix revealed that phishing email attacks targeting users in the Middle East doubled in October 2022 ahead of the World Cup in Qatar, as reported by The Record. The end ...
Continue Reading

MFA Fatigue Attacks

Nov 21, 2022 4:00:55 PM By Stu Sjouwerman
Researchers at Specops Software describe a technique attackers are using to bypass multi-factor authentication (MFA). In an article for BleepingComputer, the researchers explain that ...
Continue Reading

4 out of 10 Emails are Unwanted as nearly 40% of all Attacks Start with Phishing

Nov 21, 2022 3:59:17 PM By Stu Sjouwerman
New data focused on emails sent through Microsoft 365 highlights the methods used to ensure a successful attack beginning with a malicious email.
Continue Reading

10 Million Health Records from Australian Insurer Medibank are Leaked After Refusing to Pay the Ransom

Nov 21, 2022 1:33:41 PM By Stu Sjouwerman
The aftermath of a ransomware attack last month demonstrates just how bad an attack can get when the cybercriminals don’t get what they want.
Continue Reading

2022 Black Friday and Cyber Monday Scams

Nov 21, 2022 11:57:45 AM By Jacqueline Jayne
In years gone by, Black Friday was a 24-hour rush to the shops (you remember those places with actual people and merchandise that you could touch) where there was a set time for you to ...
Continue Reading

Over One-Third of Companies Who Pay the Ransom are Targeted for a Second Time

Nov 21, 2022 11:33:06 AM By Stu Sjouwerman
Despite the somewhat logical notion that once you’ve paid the ransom, the attack is over, new data shows that paying the ransom doesn’t help you anywhere near how much you think it does.
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews