Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

$20 Million Stolen in Cyberheists from SMEs, Money Sent to China

The FBI reported this week that between March 2010 and April 2011, cyberthieves drained approximately $20 million from the accounts of US-based small to medium enterprises (SMEs) via ...
Continue Reading

77 Million Network Accounts for Sony PlayStation Compromised by Daring Cybercrime

This morning the news is ablaze with reports of a hack into Sony's PlayStation Network, with numerous media outlets proclaiming that as many as 77 million customer accounts have been ...
Continue Reading

Inside the "Phishing Mindset" That Drives Cybercrime

I just read a fascinating interview with security maven Tim Rohrbaugh, VP for Information Security at Intersections Inc. Intersections is a provider of branded and customized identity ...
Continue Reading

The Cyberheist Book Has Arrived!

[caption id="attachment_754" align="alignleft" width="240" caption="Cyberheist"] [/caption] Cyberheist – the book – has arrived! The Kindle edition is currently selling on Amazon for ...
Continue Reading

Conde Nast Caught in $8 Million Spear-Phishing Scam

[caption id="attachment_747" align="alignleft" width="225" caption="cybercrime site"][/caption] I wanted to bring to your attention another major cyberheist scheme that is making news. It ...
Continue Reading

Understanding ISAT (Internet Security Awareness Training)

ISAT is pronounced "Eye sat", and stands for Internet Security Awareness Training. It's our bread and butter here at KnowBe4.com, so it's something we like to communicate about regularly, ...
Continue Reading

Symantec "Trends for 2010" Report Emphasizes Increased Mobile Cybercrime Threats

Every April, Symantec publishes its Internet Security Threat Report for the preceding year. This month, the company released the latest item in that series entitled " Symantec Internet ...
Continue Reading

Smartphone Users at Greatest Risk for Phishing

In the wake of the recent Epsilon e-mail hack, I came across a CNN article " Mobile users more vulnerable to e-mail phishing scams." In that story the reporter, Amy Gahran, asserts the ...
Continue Reading

Do Your PCs Come With "For Rent" Signs for Cyberthieves?

Brian Krebs is a former reporter on the information security beat for The Washington Post who now runs his own Website KrebsOnSecurity.com in Northern Virginia. IN a recent (4/8/2011) ...
Continue Reading

Three Quarters of All SMB Banking Cybercrime Happens Online

A recent study entitled "The 2011 Business Banking Trust Study" reports that three of every four small and midsized businesses that experienced banking fraud in the previous year incurred ...
Continue Reading

Millions of Consumer/Customer E-mail Addresses Stolen; Phishing Surely to Follow

Epsilon is one of the world's largest customer outreach e-mail companies, and generates legitimate traffic on behalf of a number of very large companies (see Table 1 below). Epsilon ...
Continue Reading

Cybercrime: Ventura County, CA Credit Card Tax Payment System Hacked

Ventura County, California, is a small small county (population: 802,983 according to 2009 numbers from the US Census Bureau) north of the greater Los Angeles area. According to a March ...
Continue Reading

Rustock Botnet Cybercrime Takedown, Thanks to MS-Led Multi-Party Effort

The infamous Rustock botnet, estimated by some parties to be responsible for between 30 and 50 percent of all the spam in the world—up to 30 BILLION items per day—has been taken down. ...
Continue Reading

Symantec's Latest 'State of Spam & Phishing' Report

Report #51 from Symantec, the "State of Spam & Phishing" for March 2011 is out. From the phishing side, the news is grim but not unexpected. Phishing is up 38.56% for the month, ...
Continue Reading

M86 Security Documents Clever New HTML-based Phishing Scam

In the ongoing game of cops-and-robbers that network security so often involves, the cops have recently upped the ante on phishing detection in modern Web browsers. These days browsers ...
Continue Reading

APWG Website Is a Great Anti-Phishing Resource

Continue Reading

Phishing: Malware Infected Web Sites Experience Explosive Growth

Heh! Heh! We're not sure if we were alarmed by the content in this recent CrunchGear blog post, or captivated by the cute "malweb critter" used to give the story a little visual interest ...
Continue Reading

Cybercrime: Beware of Fake IRS "Instant Return" or "Direct Deposit" Scams

This is a a good news/bad news blog. The good news is that because April 15 falls on a Friday this year, the filing deadline has been extended until April 18. The bad news is with tax ...
Continue Reading

DNS Cyberheist Hijack Prompts Credit Card Credential and Other Compromises

An interesting tidbit has emerged from the eCrime Trends Report for Q4-2010 from online security firm Internet Identity (aka IID). Over the Christmas holidays, an online payment ...
Continue Reading

SmartPhones Increasingly Targeted for Cybercrime, Spam and Attack

In its most recent Threats Report for Q4 2010 (.PDF), network security company McAfee points out what they call "a steady growth of threats to mobile platforms," with smartphones ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews