Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Name-and-Shame Scams on Discord

Oct 18, 2022 10:05:18 AM By Stu Sjouwerman
Scammers are sending Discord messages with phony accusations to trick users into clicking on phishing links, according to Shan Abdul at MakeUseOf. The messages are sent from compromised ...
Continue Reading

CyberheistNews Vol 12 #42 [Heads Up] Almost 19% of Phishing Emails Bypass Microsoft Defender

Oct 18, 2022 9:30:00 AM By Stu Sjouwerman
Continue Reading

How To Stop Job Scams

Oct 17, 2022 4:01:57 PM By Roger Grimes
I am reading and hearing about a ton of job scams these days. So many, I wondered how anyone could get a real job or employee, especially in these days of often full-time, work-from-home ...
Continue Reading

Sloppy but Dangerous: Fake Ransomware

Oct 17, 2022 8:34:05 AM By Stu Sjouwerman
Conventional ransomware encrypts the victims’ files and holds them hostage, unavailable to their owners, promising to provide a decryptor once the victims pay the ransom. In some cases ...
Continue Reading

Cyberattacks are the biggest risk to the UK financial system – Bank of England research

Oct 15, 2022 9:38:11 AM By Stu Sjouwerman
Cyberattacks are the biggest risk to the UK financial system, according to new research from the Bank of England.
Continue Reading

New Phishing Campaign Uses Office Docs to Install Cobalt Strike Beacon

Oct 14, 2022 9:03:08 AM By Stu Sjouwerman
Under the guise of determining applicant eligibility for a U.S. federal government job, this latest phishing attack plants the seed for a future attack on the victim organization.
Continue Reading

Cyber-Zombie Apocalypse: Ransomware Gangs Continue to Come Back from the Dead

Oct 14, 2022 9:03:02 AM By Stu Sjouwerman
With ransomware gangs making so much money and then dropping off the face of the earth, what’s the motivation to come back to life and potentially risk getting caught?
Continue Reading

German Hackers Arrested for Stealing €4 Million in 7-Month Banking Phishing Scams

Oct 14, 2022 9:02:56 AM By Stu Sjouwerman
The recent arrest demonstrates how very small and unsophisticated a cybercriminal team can be to launch a very successful phishing campaign that takes victims for millions.
Continue Reading

Small Business Grants as Phishbait

Oct 13, 2022 9:10:04 AM By Stu Sjouwerman
INKY has published a report on the use of small business grants as phishing lures. Scammers are impersonating the US Small Business Administration (SBA) to distribute phony grant ...
Continue Reading

Scams, Scams, Everywhere!

Oct 13, 2022 8:13:09 AM By Erich Kron
Scammers have been around as long as history has been recorded. Think about the famous ‘Trojan Horse’ for example. A perfect scam that allowed attackers to get behind the city walls. The ...
Continue Reading

A New Phishing-as-a-Service Kit

Oct 12, 2022 12:00:00 PM By Stu Sjouwerman
Researchers at Mandiant have published an analysis of a phishing-as-a-service kit called “Caffeine,” which further lowers the bar for inexperienced cybercriminals by offering a publicly ...
Continue Reading

79 Million Malicious Domains Flagged in the First Half of 2022

Oct 12, 2022 12:00:00 PM By Stu Sjouwerman
Security researchers at Akamai identify an average of 13 million newly observed domains (NOD) each month this year, representing about 20% of the NODs resolved in the same timeframe.
Continue Reading

Three-Quarters of Ethical Hackers Can Collect and (Potentially) Exfiltrate Data in 10 Hours or Less

Oct 12, 2022 12:00:00 PM By Stu Sjouwerman
New insight from the SANS Institute surveying 300 ethical hackers sheds some light on how they perceive your security stance – and how easy it is for them to break in despite your efforts.
Continue Reading

Encrypted Files are the Overwhelming Way Organizations “Detect” Ransomware Attacks

Oct 12, 2022 12:00:00 PM By Stu Sjouwerman
New analysis of cyberattacks shows that organizations aren’t able to properly detect ransomware attacks, resulting in a majority of victims paying the ransom to retrieve data.
Continue Reading

Could 100% of Phishing Be Eliminated One Day?

Oct 11, 2022 12:59:34 PM By Roger Grimes
Occasionally you will hear people or organizations claiming that they are on the verge of eliminating all social engineering from reaching end-users. Could it be true? Could it happen one ...
Continue Reading

CyberheistNews Vol 12 #41 [HEADS UP] The Old Nigerian Prince Scam Resurfaces as Russian Billionaire Fraud

Oct 11, 2022 11:28:34 AM By Stu Sjouwerman
Continue Reading

[Heads Up] Almost 19 percent of phishing emails bypass Microsoft Defender

Oct 9, 2022 1:05:35 PM By Stu Sjouwerman
Check Point Software is one of the world's best-known and largest infosec companies. In September 2021 they acquired email security company Avanan and recently they updated Check Point's ...
Continue Reading

[Head Scratcher] The cyber insurance market is badly broken. But why exactly?

Oct 9, 2022 11:41:09 AM By Stu Sjouwerman
Greg Noone at the Techmonitor site covered this problem early October 2022, starting with a horror story.
Continue Reading

KnowBe4 Celebrates Winning a Tech Cares Award From TrustRadius 2022

Oct 6, 2022 2:52:36 PM By Stu Sjouwerman
For the third consecutive year, we received a Tech Cares Award from TrustRadius! This third annual award celebrates companies that have gone above and beyond to provide strong Corporate ...
Continue Reading

Cybercriminal Gets 25 Years Prison Time Over Romance Scams and Business Email Compromise Attacks

Oct 6, 2022 8:56:35 AM By Stu Sjouwerman
A man from Atlanta, Georgia has been convicted of running romance scams and business email compromise attacks that netted him over $9.5 million, the US Justice Department has announced.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews