Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Security Awareness Training Can Help Defeat Deepfake and AI Phishing

Dec 1, 2023 12:26:58 PM By Roger Grimes
There is no doubt that more pervasive deepfake and AI technologies will make for more realistic, sophisticated, phishing attacks, and add to an already huge problem.
Continue Reading

Vishing Gang Takes Victims for “Tens of Millions” Using Little More than Social Engineering

Dec 1, 2023 12:26:52 PM By Stu Sjouwerman
Czech and Ukrainian police have arrested six individuals responsible for a call center-based vishing scam designed to trick victims into thinking they were already victims of fraud.
Continue Reading

The Israel-Palestine Conflict is the Latest Example of Phishing Attacks Taking Advantage of Current Events

Nov 30, 2023 11:12:12 AM By Stu Sjouwerman
Using something as simple as an attachment with an Israel/Palestine-related filename seems to be all it takes for new social engineering attacks disguised as donation confirmations.
Continue Reading

Criminals Are Cautious About Adopting Malicious Generative AI Tools

Nov 30, 2023 11:12:08 AM By Stu Sjouwerman
Researchers at Sophos have found that the criminal market for malicious generative AI tools is still disorganized and contentious.
Continue Reading

Top Four Security Tips for Cyber Safety on National Computer Security Day

Nov 30, 2023 8:00:00 AM By Erich Kron
To celebrate National Computer Security Day, which is recognized on November 30 every year, KnowBe4 encourages all IT and security professionals to train their workforce how to stay safe ...
Continue Reading

No One Knows How Online Pharmacy Company was Hit with a Data Breach Impacting 2.3 Million Customers

Nov 29, 2023 10:56:21 AM By Stu Sjouwerman
This is a cautionary tale of both how your data can legally end up in the hands of an organization you never intended and how victims can be largely left in the dark post-breach.
Continue Reading

QR Code Phishing Campaigns on the Rise

Nov 29, 2023 10:55:48 AM By Stu Sjouwerman
There’s been a “precipitous rise” in QR code phishing campaigns in 2023, according to Matthew Tyson at CSO.
Continue Reading

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Nov 29, 2023 8:00:00 AM By Stu Sjouwerman
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

Users Fall for Smishing Attacks 6-10 Times More Than Email-Based Attacks

Nov 28, 2023 12:20:35 PM By Stu Sjouwerman
With organizations heavily focusing on protecting the corporate endpoint, cybercriminals are switching focus onto mobile devices where users are more prone to fall for their social ...
Continue Reading

Who Knew Neanderthals were so High-Tech?

Nov 28, 2023 12:20:27 PM By Stu Sjouwerman
Researchers at ESET describe various types of scams launched by users of Telekopye, a telegram bot that assists in crafting social engineering attacks.
Continue Reading

Initial Access Broker Activity Doubles in One Year’s Time

Nov 27, 2023 2:00:13 PM By Stu Sjouwerman
New data sheds light on just how active the Initial Access Broker (IAB) business is, and the growth uncovered doesn’t bode well for potential victim organizations.
Continue Reading

Huntress Finds Business Email Compromise (BEC) Increases In Q3, 2024

Nov 27, 2023 2:00:05 PM By Stu Sjouwerman
Huntress has released a report finding that business email compromise (BEC) attacks have risen in the third quarter of 2023.
Continue Reading

New Data Covers How the Retail Market is at Greater Risk of Industry-Specific Cyberthreats

Nov 22, 2023 4:04:08 PM By Stu Sjouwerman
A new analysis of the retail market’s threat landscape discusses the challenges faced by this industry and what threat tactics are being used to take advantage of retail’s cyber ...
Continue Reading

Digital Skimming Increases by 50%, Just in Time for the Holiday Season

Nov 22, 2023 4:03:50 PM By Stu Sjouwerman
Security researchers identify growth in the use of an ongoing cyberskimming campaign that involves compromising legitimate website checkout code.
Continue Reading

Phishing Attacks Expected to More Than Double During the Black Friday and Cyber Monday Shopping Week

Nov 22, 2023 2:13:32 PM By Stu Sjouwerman
Another day, another warning about holiday scams! Lookout Inc., a data-centric cloud security company, is warning employees and businesses that phishing attacks are expected to more than ...
Continue Reading

Visa Warns of Increased Phishing Scams During Holiday Season

Nov 22, 2023 2:13:10 PM By Stu Sjouwerman
Visa Payment Fraud Disruption (PFD) expects phishing attacks to increase between November 2023 and January 2024. Findings in its Holiday Edition Threats Report outline the popular fraud ...
Continue Reading

Old Bloomberg Crypto Account Bio Link Used in Discord Phishing Attack

Nov 21, 2023 4:25:38 PM By Stu Sjouwerman
Scammers used an outdated link found in an X (formerly Twitter) account belonging to Bloomberg Crypto to send users to a phishing site designed to steal Discord credentials, ...
Continue Reading

73% of Organizations Affected by Ransomware Attacks Globally in 2023, According to Statista

Nov 21, 2023 4:25:14 PM By Stu Sjouwerman
I recently wrote about how 1 in 34 organizations globally has experienced an attempted ransomware attack. But that statistic doesn’t provide enough context around the impact felt by the ...
Continue Reading

Cybercrime Group "Scattered Spider" is a Social Engineering Threat

Nov 20, 2023 3:08:35 PM By Stu Sjouwerman
The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a joint Cybersecurity Advisory describing the Scattered Spider cybercriminal gang’s activities.
Continue Reading

QR Code Phishing Attacks Surging

Nov 17, 2023 10:14:02 AM By Stu Sjouwerman
The massive uptick in QR Code phishing is an indicator that scammers are seeing success in taking victims from the initial attack medium to one under the attacker’s control.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews