Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

[SCAM OF THE WEEK] Phishing Campaign Targets Crypto Users

Nov 16, 2022 2:46:22 PM By Stu Sjouwerman
Major cryptocurrency company FTX recently filed for bankruptcy, and there's a big phishing campaign on the loose targeting FTX users.
Continue Reading

Fangxiao Domain-Spoofing for Revenue

Nov 16, 2022 9:07:56 AM By Stu Sjouwerman
Researchers at Cyjax describe a large phishing campaign being run by a China-based financially motivated threat actor called “Fangxiao.” The threat actor has been active since at least ...
Continue Reading

[FREE Resource Kit] Stay Safe This Holiday Season with KnowBe4

Nov 15, 2022 12:32:09 PM By Stu Sjouwerman
It's the best time of the year! But also, it's the busiest time for cybercriminals. Since your users will be distracted with seasonal activities, cybercriminals will take advantage of the ...
Continue Reading

CyberheistNews Vol 12 #46 [EYE OPENER] Here Is What You Can Do to Inspect SMS URL Links Before Clicking

Nov 15, 2022 9:30:00 AM By Stu Sjouwerman
Continue Reading

“Hired Hand” in the Kingdom of Saudi Arabia Uses Domain Spoofing

Nov 15, 2022 8:59:27 AM By Stu Sjouwerman
Sometimes a social engineering campaign has a clear geographical focus, often shaped by language, holidays, or current events. In this case, the scammers are taking opportunistic ...
Continue Reading

The Rise in Unwanted Emails, Now Found to be Nearly 41%

Nov 14, 2022 9:10:54 AM By Stu Sjouwerman
How many business emails do the recipients actually want? Or, conversely, how many of them are unwanted? A study by Hornetsecurity looked at this question (along with a number of other ...
Continue Reading

[HEADS UP] FBI Warns of Tech Support Scams That Impersonate Payment Portals for Fake Refunds

Nov 10, 2022 3:59:40 PM By Stu Sjouwerman
In the latest FBI warning, cybercriminals are now impersonating financial institutions' refund payment portals. This effort is to contain victims' personal information with legitimacy.
Continue Reading

Phishing Campaign Abuses Microsoft Customer Voice

Nov 10, 2022 11:28:15 AM By Stu Sjouwerman
Researchers at Avanan warn that a phishing campaign is using Microsoft’s Dynamic 365 Customer Voice feature to send malicious links. Customer Voice is designed to collect feedback from ...
Continue Reading

Three-Quarters of Employees Feel It’s the Company’s Job to Ensure Security, Despite Three-Quarters Also Personally Experiencing a Cyberattack

Nov 10, 2022 9:49:14 AM By Stu Sjouwerman
Even with employees seeing cyberattacks first-hand and understanding the seriousness of such attacks, organizations have a culture problem where users just don’t care.
Continue Reading

Ransomware Attacks Targeting Manufacturing are up 52% Over the Course of 12 Months

Nov 10, 2022 9:49:04 AM By Stu Sjouwerman
While every sector is taking strides to improve their security stances against ransomware and other cyberattacks, the latest data shows that for Manufacturing the impacts are huge and the ...
Continue Reading

Cyberattacks Globally Increased by 28% in the Third Quarter of 2022 as the Average Org Experiences Over 1,100 Attacks Weekly

Nov 10, 2022 9:49:01 AM By Stu Sjouwerman
Check Point Research provides highlights that color the third quarter of 2022, painting a picture of increases in attack frequency and intensity in every single sector.
Continue Reading

Here Is What You Can Do To Inspect SMS URL Links Before Clicking

Nov 9, 2022 4:39:12 PM By Roger Grimes
Phishing via Short Message Service (SMS) texts, what is known as smishing, is becoming increasingly common (some examples are shown below). There is probably not a person on Earth who ...
Continue Reading

Cookie-stealing Feature Added by Phishing-as-a-Service Provider To Bypass MFA

Nov 9, 2022 8:50:47 AM By Stu Sjouwerman
The Robin Banks phishing-as-a-service platform now has a feature to bypass multi-factor authentication by stealing login session cookies, according to researchers at IronNet. The phishing ...
Continue Reading

[EYES OUT] This Scary Strain of Sleeper Ransomware Is Really a Data Wiper in Disguise

Nov 9, 2022 6:54:55 AM By Stu Sjouwerman
This Data wiper replaces every other 666 bytes of data with junk. Techradar reported that a new data-wiping malware has been detected, infecting more and more endpoints with each passing ...
Continue Reading

PhishER Turns Golden Hour Into Golden Minute

Nov 8, 2022 10:00:35 AM By Roger Grimes
Hospital emergency rooms around the world are fine-tuned to meet the requirements of the “Golden Hour”. The Golden Hour is a well-accepted medical fact that critically injured or ill ...
Continue Reading

CyberheistNews Vol 12 #45 [EYE OPENER] Phishing Attacks Up 61% Over 2021. A Whopping 255 Million Attacks This Year So Far...

Nov 8, 2022 9:30:00 AM By Stu Sjouwerman
Continue Reading

New Business Email Compromise Gang Impersonates Lawyers

Nov 7, 2022 10:23:46 AM By Stu Sjouwerman
A criminal gang is launching business email compromise (BEC) attacks by posing as “real attorneys, law firms, and debt recovery services.” The attackers send legitimate-looking invoices ...
Continue Reading

[HEADS UP] Australia Continues to be Vulnerable to Cybercrimes as Half a Billion Has Been Lost to Scammers

Nov 7, 2022 10:23:44 AM By Stu Sjouwerman
Australia is the new hot spot for cyber attacks. The Australian Cyber Security Centre (ACSC) recently reported that Australia has been targeted by cybercriminals every 7 minutes, and the ...
Continue Reading

[New Product] Users Making Security Mistakes? Coach Them in Real-Time with SecurityCoach

Nov 7, 2022 9:14:42 AM By Stu Sjouwerman
We are thrilled to announce a brand-new product designed to help you develop a strong security culture. SecurityCoach enables real-time security coaching of your users in response to ...
Continue Reading

Russian trolls and bots are back, targeting Tuesday’s U.S. midterms.

Nov 7, 2022 6:51:03 AM By Stu Sjouwerman
Steven Lee Myers at the NYT had the scoop on this typical Russian influence operation which really is social engineering at scale: "The user on Gab who identifies as Nora Berka resurfaced ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews