Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

ALERT - CryptoLocker Has A Competitor That Is Worse: CryptoDefense

As we said before, there is furious competition between cybergangs. Late February 2014 a copycat ransomware competitor to Cryptolocker was released which outdoes CryptoLocker. The malware ...
Continue Reading

Attacks Give Lift to Cyber Insurance

Today in the Wall Street Journal, reporter Leslie Scism quoted Bloomberg News that "Target's data breach 'was the equivalent of 10 free Super Bowl ads."
Continue Reading

Hackers hit Monster Jobs users with Gameover Zeus malware

Companies that are recruiting new employees are being targeted through Monster Jobs. The bad guys are using malware called Gameover Zeus, security firm F-secure reported in a blog post ...
Continue Reading

Florida Blue takes security awareness training personally

Great post about security awareness by Douglas B. Robison, Florida Blue, a 2014 CSO40 award recipient. Here is an excerpt:
Continue Reading

Scam Of The Week: You Owe Taxes, Pay Now Or Else

This scam uses a combination of phishing emails and spoofed Caller ID scam calls. The scammers intimidate the victim, threaten with arrest, deportation or loss of a business or driver’s ...
Continue Reading

Target Breach: Where The Weak Points Were

Dave Kearns posted March 18 that he's been fascinated by the information that keeps coming out of the Taget Stores data breach. He's got a great analysis, and he ends off with words that ...
Continue Reading

Phishing FaceBook: Malaysia Plane MH370 Has Been Spotted

Hackers jump on every opportunity they can to trick people. This time they hijacked to story about the missing Malaysian Airlines plane.
Continue Reading

Scam Of The Week: "You may have cancer" phishing email

Amy Stevens of the PR group Davies Murphy became part of the story when Eduard Kovacs at SoftPedia picked up on her tweet about a phishing email she just received. If you recently had a ...
Continue Reading

When A Stranger Calls

Dr. Neal Krawetz posted something very useful over at the hackerfactor. Apart from that it's also very entertaining. He is legally recording various cold-calls he gets. Some of them are ...
Continue Reading

Sophisticated Scam Of The Week: Cell Phone Voucher

There's a fresh, well thought-out social engineering scam sticking up its ugly head right now. The bad guys are promising cell phone users amounts of up to $100 in vouchers using a ...
Continue Reading

Inevitable: Phishing That Pretends To Be Salesforce.com

Just a heads-up, screen shot above. The lifehacker site in Australia warned about a phishing scam using a "salesforce" email as bait. The bad guys will use anything to get you to click, ...
Continue Reading

How to Test the Phishing Savvy of Your Staff

Continue Reading

Average Enterprise Is Hit by a Cyber Attack Every 1.5 Seconds

FireEye released its yearly Advanced Threat Report, and they did some interesting math. Enterprises are hit by cyber attacks on average once every 1.5 seconds, which is double from the ...
Continue Reading

41 Percent Of Infected Pay The Cryptolocker Ransom

I have warned about the Cryptolocker ransomware before, but now we have some hard numbers about the percentage of people that are forced to pay up when a workstation or server has been ...
Continue Reading

Kiss Your Old Security Awareness Training Program Goodbye!

Is Your Security Awareness Training Program Not Working? Are Users Still Clicking Phishing Links And Opening Infected Attachments?
Continue Reading

This Week Top 10 Phishing Scams

It's my job to keep an eye out for the most recent phishing scams and let everyone know. One of the newsletters I get as a source for this is called "hoaxslayer". They just reported some ...
Continue Reading

Fake LinkedIn Phishing Profiles Going Pro

Continue Reading

Why Cybercrime Pays Off

Continue Reading

ransomware phishing warning issued by European Cybercrime Centre

Looks like the bad guys are also targeting Europe with ransomware phishing scams.
Continue Reading

CyberheistNews Vol 4, # 05

CyberheistNews Vol 4, # 05
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews