Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

[Heads-up] Massive Downtime Caused By Bad Guys Killing Bank's 9,500+ Systems To Hide Stealing 10 Million Dollars Via SWIFT

A cyberattack against Banco De Chile (BDC)—that country's largest financial institution—bricked a hair-raising 9,000 workstations and 500 servers. However, killing these machines was ...
Continue Reading

New Global Research Underscores Continued Increase in Phishing Threats and Impact on Staff & Productivity

Barracuda today announced key findings from a new global research report. Here are the highlights:
Continue Reading

New Phishing Campaign Uses IQY Attachments to Bypass Antivirus And Installs RATs

A malicious spam campaign, distributed by the Necurs botnet, is using a new attachment type that is doing a good job in bypassing your antivirus and mail filters.
Continue Reading

We Received A CEO Fraud Phishing Attack From Our Own Personal Accountants

This is an up-close and personal account of how my wife Rebecca and I (we hope) dodged a cybercrime bullet. You probably do not know that I am an elected official of the City of ...
Continue Reading

Kate Spade Suicide Phishing Templates

This is another celebrity death which will spawn a raft of phishing and social media attacks. We recommend to inoculate your users before they make it through the filters.
Continue Reading

Watch Out For World Cup Soccer Phishing Scams

The 2018 FIFA World Cup has drawn a worldwide audience. It's also attracted phishing scams using event tickets as bait. Tickets for the matches can only be purchased legitimately through ...
Continue Reading

Punycode Makes SMiShing Attacks More Deceiving

Phishing attacks carried out via text messages that use the “Punycode” technique to make nefarious URLs look legitimate are becoming more popular, cloud security firm Zscaler says.
Continue Reading

Cobalt Cybercrime Group Resumes Phishing Attacks

The leader of the Cobalt hacking group was arrested in Spain two months ago, but the gang resurfaced at the end of May. Their spear phishing emails started hitting victims' in-boxes again ...
Continue Reading

Why is Windows 10 Rapidly Gaining Ground in The Enterprise While Win7 Gets Ditched?

Duo Security is a provider of secure login/access tools, and they just released their yearly Trusted Access Report with some very interesting data. Here Is The Summary Stats gathered from ...
Continue Reading

It's May 25th, 2018: GDPR DAY! Here Are Phishing Templates You Can Use...

Because it is "GDPR day" our templates team has been hard at work developing GDPR/Privacy policy templates. We have 6 new templates available in the system, located in Current Events. We ...
Continue Reading

Which Users Will Cause The Most Damage To Your Network And Are An Active Liability?

The statistic that four percent of employees will click on almost anything, with “Free Coffee” and “Package Delivery” taking some of the top spots among phishbait subject lines, may not ...
Continue Reading

A Banking Trojan Goes Phishing

Roaming Mantis has drawn notoriety as a banking Trojan. Its criminal controllers, however, have recently given it some new functionality: phishing and cryptomining. The criminals have ...
Continue Reading

Scam Of The Week: GDPR Phishing Attack With Apple Flavor / Royal Wedding

Social engineering follows seasonal patterns. It's also connected to major events. We see this every year with holiday-themed phishing attacks between Thanksgiving and New Year's Day.
Continue Reading

Phishing and pretexting represent 93% of social attack-based breaches

A good article in Forbes that takes another dive into the new 2018 Verizon Data Breach Investigations Report.
Continue Reading

[Heads-up] New Attack Blindsides Microsoft Office 365 Anti-Phishing Filter And Blacklists

Phishers have found a way of moving the malicious URLs in their emails past Office 365's protections. The security company Avanan says they've observed criminals using a tag in the HTML ...
Continue Reading

Police Dept Loses 10 Months of Work to Ransomware. Gets Infected a Second Time!

Bleepingcomputer reported: "Ransomware has infected the servers of the Riverside Fire and Police department for the second time in a month. The first ransomware infection took place on ...
Continue Reading

Does Gmail's New 'Confidential Mode' Make Phishing Easier?

Gmail's new confidential mode lets its users create "expiration dates" for emails, or require recipients to provide an SMS passcode. (And Google also claims they've removed the option to ...
Continue Reading

HMRC warns of new wave of UK phishing scams

Rosie Murray West at the Financial Times reported: "Taxpayers are being targeted by a new wave of phishing scams linked to the financial calendar, HM Revenue & Customs has warned. ...
Continue Reading

The history and derivation of the word phishing...

The word "phishing" can't be found in Chaucer or Shakespeare. It is a homophone of "fishing". But why "ph" instead of "f"? Many English words of Greek origin transliterate "φ" (phi) as ...
Continue Reading

[Heads-up] New Exploit Hacks LinkedIn 2-factor Auth. See This Kevin Mitnick VIDEO

OK, here is something really scary. KnowBe4's Chief Hacking Officer Kevin Mitnick now and then calls me with some chilling news. This time, Kuba Gretzky, a white hat hacker friend of ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews