Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Charming Kitten Phishing and Smishing Attacks Use Legitimate Google Links and a Tricky Redirection Strategy to Fool Security Solutions

This breakdown of the latest attack from the Charming Kitten cybercriminal gang shows just how much thought goes into obfuscating their tactics and evading detection.
Continue Reading

Familiar Advice, but Worth Repeating

Researchers at ESET outline some security best practices to avoid falling for phishing emails. In an article for TechZone360, the researchers explain how to identify suspicious links.
Continue Reading

68% of Organizations Experiencing One Cyberattack Experience a Second Within 12 Months!

New data from cybersecurity vendor CrowdStrike shows just having security technologies in place won’t prevent one… let alone two… cyberattacks.
Continue Reading

Google Finds an Alarming Thousands of Phishing Sites Everyday in 2020

Google discovered a record number of phishing sites in 2020, according to researchers at AtlasVPN. The researchers cite Google’s Transparency Report, which says the search giant detected ...
Continue Reading

How to Spot the (Phish) Hook

Users should act as quickly as possible after they realize they’ve fallen for a phishing attack, according to Mallika Mitra at Money. The faster your IT department can contain a malware ...
Continue Reading

Email Scammers Impersonate U.S. Government Agencies Offering Pandemic Financial Assistance

Taking advantage of people in their time of need, these bottom feeders of the cybercriminal world promise assistance and, instead, collect personal details to make a buck.
Continue Reading

Fake Scandal Video Serves Malware

Researchers at Trustwave warn that a phishing campaign is attempting to deliver malware via a file for a fake scandal video with 'Trump' included in the title. The file is a Java Archive ...
Continue Reading

PayPal Phishing: “Your Account is Limited”

A PayPal smishing campaign is trying to trick users into handing over their credentials and personal information, BleepingComputer reports. The text messages state, “PayPal: We've ...
Continue Reading

A Close Look at a Banking Scam

A phishing campaign is targeting customers of Portugal’s Banco Millennium BCP (Portuguese Commercial Bank), according to Tomas Meskauskas at PCRisk. The emails inform recipients that ...
Continue Reading

See Ridiculously Easy Security Awareness Training and Phishing

Join us for a live demo on Security Awareness Training and phishing in action!
Continue Reading

[On-Demand Webinar] Malicious Browser Notifications: The New Phishing Attack Not Blocked by Your Current Cyber Defense

Cybercriminals have added a devious weapon to their attack arsenals - malicious browser notifications. And the worst part is they’re not blocked by any current cyber defense. These ...
Continue Reading

Why Small Businesses Often Say ‘Why Bother?’ When Dealing With Cybercrime

Well, it happened again. As a security professional, I hear a lot of things being said that are exaggerated or just plain untrue. I’ve become used to that, however, there is one phrase ...
Continue Reading

2020 Phishing Attack Report Shows Over Half of Respondents Noticed Increase in Attacks

Cybersecurity Insiders released a report on the 2020 Phishing Attack Landscape Report, which noted the increase of phishing attacks in 2020 due to the COVID-19 pandemic.
Continue Reading

Securing Remote Employees is the Top 2021 Cybersecurity Challenge for Organizations

Security vendor CheckPoint provides insight into what are the organizational cybersecurity priorities for next two years, as well as where cybersecurity is going to be challenging.
Continue Reading

Scammers Use a $100 Amazon Gift Card to Deliver the Banking Trojan Dridex to Their Victims

It appears the holidays aren’t without a cyber-grinch, as attackers use the lure of free money in the form of a gift card as an easy means to trick victims into infecting their own ...
Continue Reading

2020 Top Phishing and Vishing Attacks And Trends

It’s an extra challenging year, harder than most, to choose the most impactful cybersecurity events. The year ended with a bang – the Solarwinds supply chain attack – which possibly ...
Continue Reading

What You Need to Know About DMARC

It's true - not enough organizations utilize DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But before you implement ...
Continue Reading

BEC Attacks Nearly Doubled in 2020

A new report from Barracuda Networks found that business email compromise (BEC) attacks have nearly doubled over the past year. These attacks made up 12% of all spear phishing attacks in ...
Continue Reading

Cybercriminals Attempt to Exploit Australian Fears on COVID-19

The bad guys are attempting to take advantage of Australian fears of COVID-19 in 2021. The National Identity and Cyber Support Service of Australia and New Zealand ID Care recently warned ...
Continue Reading

A Friend Needs Money Urgently? You're Probably Getting Scammed

People need to be on the lookout for phishing attacks sent from legitimate but compromised social media accounts, according to Paul Ducklin at Naked Security. Ducklin describes a scam ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews