Security Awareness Training Blog

Cybercrime Blog

We report on the latest trends in cybercrime to help you stay informed and aware of what the current threat landscape looks like.

Threat Group UNC3944 Continues to See Success Using Text-Based Social Engineering

A new update on UNC3944 group's activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.
Continue Reading

Pharma Industry Seeing Reduction in Data Breach Costs, But Still Have Much to Do

Insights from IBM’s Cost of a Data Breach Report on the Pharmaceutical Industry shows that while the overall cost has improved, there are clear areas of risk that need to be addressed.
Continue Reading

Cyber Insurance Claims Increased by 12% in First Half of 2023, Attacks More Frequent and Severe Than Ever

The latest cyber claims report from Coalition, a digital risk insurance provider, finds a 12% increase in cyber insurance claims in the first half of 2023 over the second half of 2022, ...
Continue Reading

New Threat Actor Impersonates the Red Cross to Deliver Malware

Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.
Continue Reading

Ukrainian Military Targeted in Sophisticated Phishing Attack Using Drone Manuals

Securonix is tracking a phishing campaign that’s targeting the Ukrainian military with malware-laden attachments posing as drone instruction manuals. The threat actor is using Microsoft ...
Continue Reading

Cybercriminals Use Google Looker Studio to Host Crypto Scam to Steal Money and Credentials

Security researchers at Check Point have discovered yet another attack that leverages legitimate web applications to host attacks in order to bypass security scanners.
Continue Reading

Tools From Cybercrime Software Vendor W3LL Found to be Behind the Compromise of 56K Microsoft 365 Accounts

A new report uncovers the scope and sophistication found in just one cybercrime vendor’s business that has aided credential harvesting and impersonation attacks for the last 6 years.
Continue Reading

TikTok Impersonations of Elon Musk Scam Victims of Their Bitcoin

There’s been a surge of Elon Musk-themed cryptocurrency scams on TikTok, BleepingComputer reports. The scammers inform the victims that they can claim their reward after spending a small ...
Continue Reading

The International Joint Commission Falls Victim to Ransomware Attack; 80GB Of Data Stolen

The International Joint Commission (ICJ), an organization that handles water issues along the Canada–United States border, was hit by a ransomware attack, the Register reports.
Continue Reading

New Scam Impersonates QuickBooks to Steal Credentials, Extract Money

Establishing urgency through a false need to “upgrade” or lose services, this new attack takes advantage of the widespread use of the popular accounting app to attract victims.
Continue Reading

Microsoft (Once Again) Tops the List of Most Impersonated Brands in 2023

Out of the over 350 brands regularly impersonated in phishing attacks, Microsoft continues to stand out because they provide attackers with one unique advantage over other brands.
Continue Reading

Board Members' Lack of Security Awareness Puts Businesses at Risk of Cyber Attacks, Finds Savanti Report

A report from cybersecurity consultancy Savanti reveals that board members are facing challenges in understanding cyber risks, and this has important implications for businesses.
Continue Reading

AP Stylebook Data Breach Compromises Customer Personal Information

The Associated Press (AP) has disclosed a data breach affecting the legacy AP Stylebook website that led to phishing attacks against impacted customers, BleepingComputer reports.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews