Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Who Were The Two Big US Tech Companies That Lost $100 Million In CEO Fraud?

4/28/2017 UPDATE: Facebook and Google confirmed as victims of $100M phishing scam. Story at The Verge. In an update on an earlier post of April 2016, more detail came known about this ...
Continue Reading

Scam Of The Week: New FBI and IRS Alerts Against W-2 Phishing

There is a wave of W-2 phishing attacks going on. We see these coming in through thousands of reported scam attempts via our Phishing Alert Button. The FBI and the IRS have repeatedly ...
Continue Reading

SEC Phishing Emails Target Execs For Inside Info

A sophisticated phishing attack is trying to get confidential corporate information. Bad guys are sending spoofed emails claiming to be from the Security and Exchange Commission, and ...
Continue Reading

Scary new malware hides in memory, uses DNS to communicate, and spreads through phishing

Cisco has a separate threat research group called Talos. They just published a report on a scary new form of malware that’s hard to detect. They called it DNSMessenger, and the malicous ...
Continue Reading

Verizon: "Most Breaches Trace to Phishing, Social Engineering"

BankInfoSecurity wrote: "Ninety percent of data breaches seen by Verizon's data breach investigation team have a phishing or social engineering component to them. Not coincidentally, one ...
Continue Reading

2016 Exceeds All Records in Numbers of Phishing Attacks

Year over year sustained growth in phishing campaigns produces yet another record number of attacks The Anti-Phishing Working Group (APWG) observed that 2016 ended as the worst year for ...
Continue Reading

Which User Will Infect Your Network With Ransomware?

We've got something really cool for you: the new Phishing Security Test v2.0! It's got several great new features, and sending simulated phishing emails to train your employees is a fun ...
Continue Reading

Phishing Attack Uses Stuxnet Technology And Makes PCs Into Roombugs

Researchers have uncovered an advanced malware-based operation that siphoned more than 600 gigabytes from about 70 targets in a broad range of industries, including news media, and ...
Continue Reading

Survey: Most Hackers Break In Within Six Hours

A recent survey of 70 professional hackers and penetration testers found that 60% of them take a maximum of just six hours to compromise a target. The research titled The Black Report, ...
Continue Reading

Google: "Office Inbox Receives 6.2X More Phishing And 4.3X More Malware Than Your Inbox At Home".

Google Research analyzed over a billion emails passing through Gmail, and the results were presented yesterday at the RSA security conference in San Francisco. Extremely interesting ...
Continue Reading

Scam Of The Week: Valentine’s Day Phishing Attacks

It is time to remind your users that heartless con artists use social engineering tactics to trick people looking for love. The FBI's Internet Crime Complaint Center warns every year that ...
Continue Reading

Careless Licking Gets A Nasty Ransomware Phishing Infection: 1,000+ Machines Down

More than 1,000 government computer systems shut down. A county in Ohio, US, has had to shut down its entire IT infrastructure due to a ransomware infection. County Auditor Mike Smith ...
Continue Reading

300+ New Ways to Stop Your Users from Clicking on Everything!

You now really have 300+ new ways to make sure your users Think Before They Click!
Continue Reading

Scam Of The Week: Locked PDF Phishing Attack

Wednesday Jan 4th, the SANS Internet Storm Center warned about an active phishing campaign that has malicious PDF attachments in a new scam to steal email credentials. The SANS bulletin ...
Continue Reading

Adobe's New VoCo Is PhotoShop For Audio - The Potential For Voice Phishing Is Horrendous

Our friends at www.Social-Engineer.org sent me some interesting news in their January newsletter: "Adobe recently announced Project VoCo at the November Adobe Max conference.
Continue Reading

Russia Hacking America Started With Phishing Attacks

As one of his last actions in office, President Obama expelled 35 Russian diplomats spies in retaliation for Russia interfering with the U.S. election process, after intelligence agencies ...
Continue Reading

Disk-Killer Malware Adds Ransomware Feature And Charges $200,000+ 

Talk about adding insult to injury with this new KillDisk version. Here is how social engineering can cost you dearly. The Sandworm cybercrime gang has upped its game. They were initially ...
Continue Reading

You Need To Know The Top 10 IT Security Trends For 2017

I have been looking at the coming year and what trends you will probably see actually deployed in your network. These trends are the practical things that will help you to keep your ...
Continue Reading

Scam Of The Week: George Michael Dies At 53. Watch out for phishing attacks

Today, news broke that George Michael was found dead on Sunday at his home in Goring in Oxfordshire, England. He was 53. A police statement said: “Thames Valley Police were called to a ...
Continue Reading

L.A. County Phishing Attack: 750,000 record data breach

Confidential health data or personal information of more than 750,000 people may have been accessed in a cyberattack on Los Angeles County employees in May that led to charges this week ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews