Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

4 out of 5 of Physicians Were Impacted by February’s Cyber Attack on Change Healthcare

A new survey of physicians details the devastating impact of the Change Healthcare cyber attack on the healthcare sector.
Continue Reading

Kudos! CEO Reveals He Got Phished

The other day I was participating in a company’s employee meeting when the CEO revealed he had been “caught” that morning by a real phishing attack email.
Continue Reading

Half of U.K. Businesses Experienced a Security Breach or Cyber Attack in the Last 12 Months

Analysis of cyber attacks targeting U.K. organizations highlights the effectiveness of social engineering attacks and the fact that businesses are missing the mark on how to stop it.
Continue Reading

Phishing Frenzy: Microsoft and Google Most Mimicked Brands in Cyber Scams

Microsoft and Google were the most frequently impersonated brands in phishing attacks during the first quarter of 2024, according to a report from Check Point.
Continue Reading

[WARNING] FBI Issues Alert on Major Phishing Campaign That Impersonates US Toll Services

The FBI has issued an alert warning of a widespread SMS phishing (smishing) campaign targeting people in several US states with phony notices of unpaid tolls, BleepingComputer reports.
Continue Reading

You Really Are Being Surveilled All the Time

“If the product is free, you are the product!” No truer words have ever been spoken. But in today’s internet-connected, ad-everywhere world, even if you are paying for the product or ...
Continue Reading

State-Sponsored Disinformation Campaigns Targeting Africa Driving Instability And Violence

A shocking report shows how email-based disinformation campaigns can have material real-world impacts to the citizens in the targeted countries.
Continue Reading

U.S. Department of Health Alert: Hackers are Targeting IT Help Desks at Healthcare Organizations

A new sector alert published by the U.S. Department of Health and Human Services outlines new attacks in which social engineering is used to obtain credentials for online fraud.
Continue Reading

UK Councils Under Cyber Attack: The Urgent Need for a Culture of Cybersecurity and Resilience

The very fabric that stitches our society together — our councils and local governing bodies — is under a silent siege from cyber attacks. The recent ransomware assault on Leicester ...
Continue Reading

Top Tax Scams of 2024 Your Organization Should Watch Out For

As the April 15, 2024 filing deadline approaches, tax scammers are working overtime to take advantage of rushed or stressed taxpayers.
Continue Reading

Malvertising Campaigns Surged in 2023

Researchers at BlueVoyant observed a 50% increase in large-scale malvertising campaigns in 2023 compared to 2022.
Continue Reading

Critical Improvements To The Seven Most Common Pieces of Cybersecurity Advice

I have been in the cybersecurity industry for over 35 years and I am the author of 14 books and over 1,400 articles on cybersecurity.
Continue Reading

New Phishing-as-a-Service (PhaaS) platform, 'Tycoon 2FA', Targets Microsoft 365 and Gmail Accounts

A new PhaaS service brings the power of bypassing multi-factor authentication (MFA) to the world’s most-used email platforms.
Continue Reading

Australian Government Commits to Become a World-Leader in Cybersecurity by 2030

The Australian Government has leveraged insight from cybersecurity experts to create a new six-part plan to combat cybersecurity over the coming decade.
Continue Reading

Tokyo Police Department Warns of Phishing Scam That Uses Phony Arrest Warrants

The Tokyo Metropolitan Police Department has warned of a phishing scam that’s attempting to trick individuals with phony arrest warrants, the Japan Times reports.
Continue Reading

The Cyber Achilles' Heel: Why World Leaders and High-Profile Individuals Must Prioritise Cybersecurity

Social media has become an indispensable tool for communication, outreach, and engagement. From world leaders to high-profile individuals, these platforms offer an unparalleled ...
Continue Reading

Apple Users Become the Latest Targets of MFA Attacks

A new string of multi-factor authentication (MFA) attacks targeting the reset of Apple IDs seem to be popping up in a likely attempt to steal the victim’s digital identity and more.
Continue Reading

IT Leaders Can’t Stop AI and Deepfake Scams as They Top the List of Most Frequent Attacks

New data shows that the attacks IT feels most inadequate to stop are the ones they’re experiencing the most.
Continue Reading

Malicious App Impersonates McAfee to Distribute Malware Via Text and Phone Calls

A trojanized version of the McAfee Security app is installing the Android banking Trojan “Vultur,” according to researchers at Fox-IT. The attackers are spreading links to the malicious ...
Continue Reading

New Report Shows Phishing Links and Malicious Attachments Are The Top Entry Points of Cyber Attacks

New TTP attack data covering 2023 sheds much needed light on the threat actor and user actions that are putting organizations at the most risk.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews