Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Scam Of The Week: Mobile Apps As Phishing Lures

May 9, 2014 11:52:00 AM By Stu Sjouwerman
The bad guys use social engineering to make end-users click on links, and their scams rely mostly on exploiting trust. If they can make you believe a message is from a trusted source, ...
Continue Reading

Phishing campaign uses VoIP to steal card data

Apr 30, 2014 1:39:00 PM By Stu Sjouwerman
An Eastern European Cyber Mafia has been found to run a multi-year campaign that targets small U.S. banks and credit unions with a sophisticated VoIP phishing scheme (aka vishing) to ...
Continue Reading

Police Grapple With Cybercrime And Have Trouble Keeping Up

Apr 21, 2014 10:43:00 AM By Stu Sjouwerman
Danny Yadron at the WSJ got the picture right. State, and local law enforcement are struggling to keep up as their online case load grows. They are even gettting a hand from the FBI here ...
Continue Reading

Scam Of The Week: Blended XP Phishing Security Threat

Apr 20, 2014 11:22:00 AM By Stu Sjouwerman
During the first quarter, I have been warning about the coming wave of Windows XP-related scams having to do with the April 8 End Of Life of XP. Here is what you can expect, and many ...
Continue Reading

Scam Of The Week: Starbucks Gift From a Friend Phishing Emails

Apr 17, 2014 12:03:00 PM By Stu Sjouwerman
Love your tall latte? Better watch it, as a "friend" might send you an email with a fake Starbucks Coffee Gift offer. These emails read something like this in broken english. "Your friend ...
Continue Reading

Phishing Attacks Work Best On Wednesday, Coming From IT

Apr 15, 2014 4:16:00 PM By Stu Sjouwerman
I had a look at the recent Mandiant M-Trends report. Interesting stuff. They observed that employees seem to fall for hacking tricks mostly on Wednesdays, and are most likely to click on ...
Continue Reading

More Than Half Of End Users Did Not Get Security Awareness Training

Apr 10, 2014 9:23:00 AM By Stu Sjouwerman
This week I attended a webinar about Security Awareness Training hosted by David Monahan, Research Director Security and Risk Management of Enterprise Management Associates.
Continue Reading

The 7 Steps Of The Cyber Kill Chain

Apr 6, 2014 10:09:00 AM By Stu Sjouwerman
Cyber security professionals are slowly but surely grabbing more and more military jargon. No surprises there, with a possible cyberwar brewing. The "kill chain" is a traditional warfare ...
Continue Reading

ALERT - CryptoLocker Has A Competitor That Is Worse: CryptoDefense

Apr 1, 2014 6:58:00 PM By Stu Sjouwerman
As we said before, there is furious competition between cybergangs. Late February 2014 a copycat ransomware competitor to Cryptolocker was released which outdoes CryptoLocker. The malware ...
Continue Reading

Attacks Give Lift to Cyber Insurance

Mar 27, 2014 2:34:00 PM By Stu Sjouwerman
Today in the Wall Street Journal, reporter Leslie Scism quoted Bloomberg News that "Target's data breach 'was the equivalent of 10 free Super Bowl ads."
Continue Reading

Hackers hit Monster Jobs users with Gameover Zeus malware

Mar 27, 2014 7:38:00 AM By Stu Sjouwerman
Companies that are recruiting new employees are being targeted through Monster Jobs. The bad guys are using malware called Gameover Zeus, security firm F-secure reported in a blog post ...
Continue Reading

Florida Blue takes security awareness training personally

Mar 24, 2014 3:55:00 PM By Stu Sjouwerman
Great post about security awareness by Douglas B. Robison, Florida Blue, a 2014 CSO40 award recipient. Here is an excerpt:
Continue Reading

Scam Of The Week: You Owe Taxes, Pay Now Or Else

Mar 21, 2014 5:00:00 PM By Stu Sjouwerman
This scam uses a combination of phishing emails and spoofed Caller ID scam calls. The scammers intimidate the victim, threaten with arrest, deportation or loss of a business or driver’s ...
Continue Reading

Target Breach: Where The Weak Points Were

Mar 18, 2014 4:47:00 PM By Stu Sjouwerman
Dave Kearns posted March 18 that he's been fascinated by the information that keeps coming out of the Taget Stores data breach. He's got a great analysis, and he ends off with words that ...
Continue Reading

Phishing FaceBook: Malaysia Plane MH370 Has Been Spotted

Mar 15, 2014 11:04:00 AM By Stu Sjouwerman
Hackers jump on every opportunity they can to trick people. This time they hijacked to story about the missing Malaysian Airlines plane.
Continue Reading

Scam Of The Week: "You may have cancer" phishing email

Mar 13, 2014 7:19:00 PM By Stu Sjouwerman
Amy Stevens of the PR group Davies Murphy became part of the story when Eduard Kovacs at SoftPedia picked up on her tweet about a phishing email she just received. If you recently had a ...
Continue Reading

When A Stranger Calls

Mar 10, 2014 10:18:00 AM By Stu Sjouwerman
Dr. Neal Krawetz posted something very useful over at the hackerfactor. Apart from that it's also very entertaining. He is legally recording various cold-calls he gets. Some of them are ...
Continue Reading

Sophisticated Scam Of The Week: Cell Phone Voucher

Mar 9, 2014 8:37:00 AM By Stu Sjouwerman
There's a fresh, well thought-out social engineering scam sticking up its ugly head right now. The bad guys are promising cell phone users amounts of up to $100 in vouchers using a ...
Continue Reading

Inevitable: Phishing That Pretends To Be Salesforce.com

Mar 6, 2014 8:38:00 AM By Stu Sjouwerman
Just a heads-up, screen shot above. The lifehacker site in Australia warned about a phishing scam using a "salesforce" email as bait. The bad guys will use anything to get you to click, ...
Continue Reading

How to Test the Phishing Savvy of Your Staff

Mar 5, 2014 1:28:00 PM By Stu Sjouwerman
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews