Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Microsoft Sees Phishing on the Rise

According to Microsoft security research, the percentage of inbound emails associated with phishing on average increased in the past year. For some, this may feel like obvious news, but ...
Continue Reading

MimeCast Warns of New Phishing Attacks in South Africa

With two new alerts regarding elevated risks of phishing attacks against consumers – one from DStv, and another from the New Development Bank – South Africans are warned to take care when ...
Continue Reading

Social Engineering via Elder Scrolls

Scammers are going after Elder Scrolls Online accounts by posing as the game’s developers and informing players that their accounts will be banned unless they hand over their credentials, ...
Continue Reading

63% of Workers Reuse Passwords For Multiple Work Devices and Applications

According to Enterprise Strategy Group, 63% of workers have reported using the same password for multiple work devices and/or applications. This just one statistic from ESG's upcoming ...
Continue Reading

Feds Charge Russians In Massive $100 Million Bank Phishing Scheme

The U.S. Justice and Treasury departments took action Thursday against a Russian hacking group known as “Evil Corp.,” which stole “at least” $100 million from banks using phishing attacks ...
Continue Reading

[Heads Up] Iran Has Launched Evil New Malware That Wipes Your Windows Workstations

Zak Doffman posted: "Iran’s state-sponsored hackers have deployed a new strain of malicious malware, warns IBM, which has been aimed at the “industrial and energy sectors” in the Middle ...
Continue Reading

Europol Finds Majority of Attack Groups Rely on Spear Phishing as Primary Infection Vector

A new report from Europol’s European Cybercrime Center (EC3) breaks down how targeted phishing attacks are being done, and how to avoid becoming a victim.
Continue Reading

Gift Card Scams are Decreasing in Light of Other Business Email Compromise Scams

New data from email security vendor Agari shows Business Email Compromise (BEC) attacks shifting tactics last quarter, in favor of scams resulting in larger payouts.
Continue Reading

Identity Deception-Based Phishing Attacks Show an Increase in Impersonating Individuals

The use of impersonating a person or brand as part of an attack in on the rise, giving attackers the upper hand, establishing instant credibility and lowering the defenses of the ...
Continue Reading

Phishing for Gamers Uses A Fake Skin Giveaway

BleepingComputer warns that a fake Steam skin giveaway site is stealing users’ Steam credentials. The site appears to be running a 26-day promotion giving away free skins for ...
Continue Reading

Netflix "Account Freeze" Phishing Campaign In The Wild

A Netflix phishing scam is going after users’ payment information and Netflix credentials, according to Naked Security. The phishing emails inform recipients that they’ve missed a payment ...
Continue Reading

Over Half of SMBs Experience Phishing and Social Engineering Attacks

The assertion that SMBs aren’t a cyber-target is officially dead. SMBs are victims of the very same attacks as enterprises in growing numbers, according to new research.
Continue Reading

Join Us for a Live Demo on Simulated Phishing and Awareness Training

See Ridiculously Easy Security Awareness Training and Phishing in Action!
Continue Reading

Merchant fined for failing to train employees — Former NYDFS Superintendent Vullo Talks About Cybersecurity Regs

Mark Harrop, Director of Communications, Corporates at Thomson Reuters made me aware of a very interesting interview with Maria Vullo, the former Superintendent of New York’s Department ...
Continue Reading

‘Professional’ ransomware gang targets 1,800 large organizations worldwide, Dutch investigators find

Filip Truta at Bitdefender blogged: "A confidential report from the Netherlands’ National Cyber ​​Security Center warns that ransomware operators are targeting at least 1,800 large ...
Continue Reading

Phishing scams on the up in the Netherlands

Mina Solanki, an expat in Holland wrote: "After years of declining, phishing is on the up. In 2018, the (monetary) damage caused by it had almost quadrupled compared to previous years. ...
Continue Reading

Google Sent 12K Nation-State Phishing Warnings In Three Months

Google's Threat Analysis Group (TAG) delivered thousands of alerts of government-backed attempts to spearphish gmail users over just a three-month period earlier this year, they reported.
Continue Reading

Click Confessions of a Security Expert

As a “human security” expert, I used to take a lot of pride in my well-honed security hygiene. Yeah… that all ended back in early 2017 when I joined KnowBe4. You see, up until that time, ...
Continue Reading

Phishing Simulations Should be Educational, not Punitive

Phishing training programs need to be focused on educating employees rather than on shaming them, according to David Spark and Allan Alford, co-hosts of the Defense in Depth podcast. On ...
Continue Reading

They Know If You've Been Bad or Good...

Like most of the rest of us, malicious actors the world over love the holidays. It's a prime season to run social engineering schemes on users who are already of a mind to open their ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews