Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Bogus PayPal payment alert causes malware infection

May 2, 2012 3:12:03 AM By Stu Sjouwerman
Gary Warner just reported: "A new malicious spam campaign has just launched this morning targeting Paypal users. This malware campaign attempts to "social engineer" users into clicking a ...
Continue Reading

Cybercrime uses hidden file extensions to trick users

May 2, 2012 3:00:26 AM By Stu Sjouwerman
Symantec contributor Fred Gutierrez shows clearly in this blog post why it can be deadly to click on a .JPG file: "Cybercriminals have continuously evolved their methods throughout the ...
Continue Reading

Make sure 'challenge questions' aren't a backdoor into your account!

Apr 30, 2012 9:21:33 AM By Stu Sjouwerman
The Lookout Mobile Security Blog pointed out something important. Patty talked about the man who hacked hollywood: "Finding a working e-mail address was a simple process of trial and ...
Continue Reading

Omaha cast net that caught cyberthieves

Apr 29, 2012 8:24:21 AM By Stu Sjouwerman
Matthew Hansen, World-Herald Staff Writer just wrote a great article that illustrates what I have been warning about these last years. It starts out like this: "Imagine for a moment that ...
Continue Reading

2012 Doomsday Scam Continues to Serve up Doom, Giftcards

Apr 27, 2012 9:34:49 AM By Stu Sjouwerman
Chris Boyd over at GFI wrote: "If we survive the Mayan Apocalypse of 2012, does that mean we’re technically immortals? I’ve no idea, but it will probably mean we don’t see quite as many ...
Continue Reading

How to Start an IT Security Awareness Program

Apr 27, 2012 2:44:36 AM By Stu Sjouwerman
Mike Chapple is an IT professional and assistant professor of computer applications at the University of Notre Dame. He wrote at biztechmagazine:"Are your users aware of their ...
Continue Reading

Check Out This NY Traffic Ticket Phish!

Apr 26, 2012 4:29:04 AM By Stu Sjouwerman
Kevin Mitnick sent this phish over. It's a classic attempt to get you to avaid a problem, but the moment you click this link, life will become a lot more painful. So... Stop. Look. Think ...
Continue Reading

The Latest Anti-Phishing Working Group Report

Apr 26, 2012 3:46:45 AM By Stu Sjouwerman
This week, the new APWG Global Phishing Report is being today at the Anti-Phishing Working Group meeting in Prague. This report is published every six months, detailing how phishers are ...
Continue Reading

Bogus Olympics 2012 Email Warning Blindside Users With Malware

Apr 23, 2012 4:26:22 AM By Stu Sjouwerman
The upcoming London Olympics is undoubtedly one of the most highly-anticipated sports event of the year. It is also a favorite social engineering ploy among cybercriminals. Just recently, ...
Continue Reading

Scam Of The Week: 'The Evil Unsub'

Apr 20, 2012 3:56:05 AM By Stu Sjouwerman
An ordinary piece of spam slips through the filters, and you see a gorgeous sandy beach with palm trees. It's an enticing ad for a vacation to a tropical island, basically a big picture ...
Continue Reading

Six Steps To Successful Security Awareness Training

Apr 19, 2012 3:48:25 AM By Stu Sjouwerman
Continue Reading

Video: How a crimepack works

Apr 12, 2012 5:37:16 AM By Stu Sjouwerman
Cybercriminals are as organized and industrious as any legitimate business. Case in point: exploit kits, also known as crimepacks, which bad guys can purchase and which make infecting ...
Continue Reading

SMS-controlled Malware Hijacks Android Phones

Apr 11, 2012 4:25:32 AM By Stu Sjouwerman
Researchers at NQ Mobile, working alongside researchers at North Carolina State University, have discovered new Android malware that is controlled via SMS that can do a number of things ...
Continue Reading

Finally Defined: 'Advanced Persistent Threat'

Apr 2, 2012 4:30:40 AM By Stu Sjouwerman
[caption id="" align="alignleft" width="650" caption="Advanced Persistent Threat"][/caption]
Continue Reading

Malicious Office documents target Mac OS X

Mar 29, 2012 3:32:15 AM By Stu Sjouwerman
Trendmicro reported: "We have recently analyzed a series of emails sent to specific users that leverage a certain prominent socio-political issue. One of these messages is about the ...
Continue Reading

Shield your business from cybercrooks

Mar 23, 2012 4:00:24 AM By Stu Sjouwerman
Anne Fisher, Editor of New York's Executive Inbox wrote: "Can you recognize a potentially disastrous breach of your computer system’s security when you see it? Let’s find out with two ...
Continue Reading

Look Ma, malware without files!

Mar 21, 2012 4:38:31 AM By Stu Sjouwerman
Wow, instead of an exploit dropping a file onto the file system and running it... a DLL is injected straight into memory from the exploit, leaving nothing to scan on the harddrive. Writen ...
Continue Reading

The Cridex malware trojan hides in fake LinkedIn invitations.

Mar 20, 2012 9:10:31 AM By Stu Sjouwerman
The Cridex malware trojan hides in fake LinkedIn invitations. Take care with those invites! GFI Labs recently discovered a LinkedIn email phishing scam that installs a banking trojan. It ...
Continue Reading

Its Tax Scam Season

Mar 16, 2012 4:44:38 AM By Stu Sjouwerman
Warn everyone that 'Tax Scam Season' is upon us, and that no one should respond to anything tax-related via email. The IRS does not use email or social media, don't fall for refund offers ...
Continue Reading

The Top 5 Executive Spear-phishing Scams

Mar 13, 2012 6:30:44 AM By Stu Sjouwerman
We recommend you copy and paste this section, and send it to your executive team, with a warning that they might be targeted with spear-phishing attacks. They need to 'Stop, Look, Think' ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews