Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Espionage Botnets

Jul 30, 2012 8:36:19 AM By Stu Sjouwerman
[caption id="" align="alignleft" width="300" caption="Espionage Botnets"][/caption] Brian Krebs just blogged about something very interesting. "A security researcher who’s spent 18 months ...
Continue Reading

Bank Sues Customer Over ACH/Wire Fraud

Jul 12, 2012 6:17:57 AM By Stu Sjouwerman
[caption id="" align="alignleft" width="180" caption="Bank Sues Customer"][/caption] Tracy Kitten at BankInfo Security reported on this: "In another legal wrangling over liability linked ...
Continue Reading

Scam Of The Week Payroll Phish

Jul 1, 2012 3:52:40 AM By Stu Sjouwerman
The nakedsecurity blog over at Sophos highlighted a new phishing scam that would be good to alert your employees about. The bad guys are pretending to be payroll processing company ADP. ...
Continue Reading

Malware Metastasizes

Jul 1, 2012 3:13:16 AM By Stu Sjouwerman
A few days ago I wrote about a 60 million Euro cyberheist. I have been digging into this a bit more, as it's the most advanced attack yet. Cybercrime is not revolutionary, it clearly ...
Continue Reading

Why pill pushing spam pays off

Jun 22, 2012 3:15:37 AM By Stu Sjouwerman
Brian Krebs is on a roll. Here is why pill pushing spam pays off. "Consumer demand for cheap prescription drugs sold through spam-advertised Web sites shows no sign of abating, according ...
Continue Reading

OMG - I did not know it was THIS horrible.

Jun 21, 2012 10:46:08 AM By Stu Sjouwerman
More from Brian Krebs's astounding blog post today. "As the chart I compiled above indicates, attackers are switching the lure or spoofed brand quite often, but popular choices include ...
Continue Reading

A Closer Look: Email-Based Ransomware Attacks

Jun 21, 2012 9:31:59 AM By Stu Sjouwerman
With the increase of email phishing attacks being the primary attack vector, ransomware payments have risen to 60%, it's important to take a closer look at email-based ransomware attacks.
Continue Reading

Kevin Mitnick Security Awareness Training Success Stories

Jun 21, 2012 7:07:00 AM By Stu Sjouwerman
Continue Reading

F-Secure Cautions about Fresh Olympic-themed Spam

Jun 4, 2012 7:31:17 AM By Stu Sjouwerman
F-Secure the security company based in Finland has recently cautioned that spam mails themed on the Olympics are targeting Internauts while carrying web-links to one malevolent PDF file ...
Continue Reading

Fake LinkedIn Emails To Reset Your Password

Jun 4, 2012 7:26:56 AM By Stu Sjouwerman
Since LinkedIn had their IPO, they have been in the news a lot more, even if only to compare them with the recent Facebook IPO Debacle. But the better known you are, the bigger target you ...
Continue Reading

Malicious PowerPoint File Contains Exploit, Drops Backdoor

Jun 4, 2012 6:24:38 AM By Stu Sjouwerman
TrendLabs discovered a malicious MS PowerPoint document that arrives attached to email messages. The file contains an embedded Flash file, which exploits a software bug found in specific ...
Continue Reading

Chinese hacker brings grief to Calgary’s Catholic school system

May 29, 2012 4:01:09 AM By Stu Sjouwerman
Hackers will find any mail server that is not protected and/or configured correctly and use it to send out as much spam as possible. This gets the unsuspecting organization blacklisted ...
Continue Reading

New Cyberweapon 'Flame': CIA and Mossad Coproduction

May 28, 2012 10:06:17 AM By Stu Sjouwerman
'Flame', the most sophisticated piece of malware to date, was discovered by the International Telecommunication Union (ITU) and Kaspersky Lab. This code is more complex and has more ...
Continue Reading

Banks warned of sophisticated new online scam

May 25, 2012 4:06:44 AM By Stu Sjouwerman
Antone Gonsalves at NetworkWorld got this story first. Here is how the scam works, so do not fall for it. You can recognize it by the grammar and spelling mistakes. "The cyber-criminals ...
Continue Reading

VIDEO The Top 5 Online Security Traps And How To Avoid Them

May 24, 2012 3:38:50 AM By Stu Sjouwerman
GFI is one of the few antivirus vendors that understands the importance of prevention and end-user training. They produced this useful video that in two minutes illustrates the top 5 ...
Continue Reading

Gmail Security Hole Allows Hackers To Automate Social Engineering Trick

May 23, 2012 5:03:39 AM By Stu Sjouwerman
Christopher Mims over at Technology Review was the first one to report on this. A large Gmail security hole could lead to mass harvesting of accounts, as hackers can automate this social ...
Continue Reading

Hackers Target the Weakest Link: The End User

May 22, 2012 6:03:59 AM By Stu Sjouwerman
I was interviewed by Jeremy Quittner yesterday. Here is how he started his article in American Banker today: "It took Stu Sjouwerman, the founder and chief executive of security firm ...
Continue Reading

Guessable Passwords: The Unpatchable Exploit

May 21, 2012 6:46:16 AM By Stu Sjouwerman
Monday morning, I found a tweet by @INFOSECSchool with the above title. I admit, it's a catchy phrase and sure enough, IF you allow easy passwords, it's an invitation to get hacked. This ...
Continue Reading

Fake Amex ID Verification

May 21, 2012 6:11:47 AM By Stu Sjouwerman
[caption id="" align="alignleft" width="260" caption="Fake Amex ID Verification"][/caption] OK, here is another one to warn everyone about, especially the employees that have a ...
Continue Reading

Russia's most effective cybercriminals

May 16, 2012 10:53:39 AM By Stu Sjouwerman
Rod Rasmussen over at SecurityWeek has a really interesting article about a Russian cyber gang driving a massive wave of fraud: "Tucked away in a small town outside Moscow, Russia one of ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews