Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

New Spear Phishing Campaign Targets 27 Famous Brands With Malicious SLK Files

A new spear phishing campaign is targeting twenty-seven companies around the world with malicious SLK (Symbolic Link) files, according to BleepingComputer. The attackers pose as a real ...
Continue Reading

Catphish and Honey Traps

Hundreds of Israeli soldiers had their phones compromised by malware after falling for catfishing attacks purportedly launched by Hamas, Forbes reports. The Israel Defense Forces (IDF) ...
Continue Reading

A U.S. Natural Gas Operator Shuts Down For 2 Days After A Phishing Attack Infects It With Ransomware

Dan Goodin at Ars Technica reported something worrisome: "A US-based natural gas facility shut down operations for two days after sustaining a ransomware infection that prevented ...
Continue Reading

[Heads-up] The World Health Organization Warns of New Coronavirus Phishing Attacks. Inoculate Your Employees!

The World Health Organization (WHO) is putting out an alert about ongoing Coronavirus-themed phishing attacks that impersonate the WHO and try to steal confidential information and ...
Continue Reading

Identify & Respond to Email Threats Faster with PhishER

Your users are likely already reporting potentially dangerous emails in some fashion within your organization. The increase of this email traffic can present a new problem!
Continue Reading

It Only Takes One Phish: Phishing Attack Results in Network Infiltration, IT Incompetence, and $217,000 in Paid Ransom Fees

The recent attack on a Dutch university demonstrates much of what IT organizations shouldn’t do to avoid an attack.
Continue Reading

This is the Phone Company: Give us Your D.O.B, Your Firstborn Child...

SMS scammers are posing as Verizon Wireless and sending text messages telling recipients to click a link to validate their account security, according to Chris Hoffman at How-To Geek. ...
Continue Reading

Cyberattacks in 2019 Cost over $3.5 Billion in Victim Losses with Business Email Compromise Taking in Half

The FBI’s annual year-in-review breaks down how 467,000 cyber attacks succeeded in taking consumers and businesses alike for billions of dollars.
Continue Reading

It Only Takes One Phish: Puerto Rico Gets Scammed Out of $2.6 Million

Once again, it was the human factor and skilled phishing tactics from the bad guys that was responsible for such a material loss. And, from the sound of it, policy and procedure either ...
Continue Reading

Phishing Remains the Most Frequent Attack Vector Used for Initial Access

With cybercriminals always looking for the most successful way to carry out a successful attack, phishing once again proves to be one of the most adaptable and viable attack vectors.
Continue Reading

Organizations Beware! Cyberattacks are Becoming More Prevalent, Hitting More Device OSes, and are Shifting Focus to You

The latest data from Malwarebyte’s annual State of Malware Report shows increases almost across the board, showing that the bad guys are stepping on the gas into 2020.
Continue Reading

PayPal Phishing for Passports and More

An ongoing PayPal phishing campaign is trying to steal a wide range of personal information, including Social Security numbers and passport photos, Threatpost reports. The scams were ...
Continue Reading

DOJ Charges Hackers from the Chinese People Liberation Army with 2016 Equifax Data Breach

Four hackers have been charged with hacking the U.S. credit reporting agency where data on U.S. citizens and proprietary Equifax secrets were stolen.
Continue Reading

Email Account Takeover Attacks Get Smarter, Sophisticated, and More Patient

New data from Barracuda shows attackers take their time to leverage the credential compromise and to avoid detection when taking over email accounts.
Continue Reading

FTC Alert: Coronavirus Scammers Love Scary Bad News

Scary news stories in the headlines always bring out the bad guys looking to make a quick illegal buck.
Continue Reading

Phishing Attacks Use Victim Interest in Oscar-Nominated Movies to Steal Credit Cards, Install Malware

People wanting to watch high-profile movies are the latest target in scams that trick users into offering up credit card details for a chance to download films not yet available for ...
Continue Reading

Trenton School Treasurer Spots a 'Phishing Expedition'

Someone went on a ‘phishing expedition’ trying to trick a Trenton School Board of Education member into transferring thousands of dollars into their account, but a Trenton School ...
Continue Reading

Another SMS Scam

A new PayPal SMS phishing campaign is making the rounds, according to Paul Ducklin at Naked Security. The text messages in this campaign purport to come from PayPal and inform recipients ...
Continue Reading

Email Test Finds More Than 50% of Kingston School District Employees Vulnerable to Phishing

More than half of the people who have Kingston school district email accounts opened a potentially damaging phishing email sent to them by a firm that's helping the district gauge ...
Continue Reading

January Content Update: Including the new 2020 KnowBe4 Social Engineering Red Flags Training Module

Here are a few important updates to share with you from the month of January.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews