Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Old Bloomberg Crypto Account Bio Link Used in Discord Phishing Attack

Scammers used an outdated link found in an X (formerly Twitter) account belonging to Bloomberg Crypto to send users to a phishing site designed to steal Discord credentials, ...
Continue Reading

73% of Organizations Affected by Ransomware Attacks Globally in 2023, According to Statista

I recently wrote about how 1 in 34 organizations globally has experienced an attempted ransomware attack. But that statistic doesn’t provide enough context around the impact felt by the ...
Continue Reading

Cybercrime Group "Scattered Spider" is a Social Engineering Threat

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a joint Cybersecurity Advisory describing the Scattered Spider cybercriminal gang’s activities.
Continue Reading

QR Code Phishing Attacks Surging

The massive uptick in QR Code phishing is an indicator that scammers are seeing success in taking victims from the initial attack medium to one under the attacker’s control.
Continue Reading

New ASD Cyber Threats Report Shows A Cybercrime Incident Is Reported in Australia Every Six Minutes

The annual Cyber Threat Report by the Australian Signals Directorate (ASD) was released this week, containing insights that every Australian business and citizen should read. The ASD ...
Continue Reading

It’s Official: Scams Via Email and Text are Inescapable as Nearly Every American Receives Fake Messages Daily

New findings show that the overwhelming majority of people have to sort through scam messages and texts.
Continue Reading

Online Scammer Poses as Skype, Swindles Victims Through Cryptocurrency Scam

Researchers at SlowMist describe a phishing campaign that’s distributing a phony version of Skype in order to steal cryptocurrency, Cointelegraph reports. The malicious app was likely ...
Continue Reading

“Skillful Social Engineering of the IT Support Desk” One of the Most Common Tactics in Ransomware Attacks

As ransom payments reach an all-time high, it’s time to look at attacks from a data perspective and find the greatest opportunities to stop these attacks.
Continue Reading

New Phishing Campaign Abusing .top Domains

A phishing campaign is exploiting a large number of .top domains, according to researchers from WhoisXML API. In an article for CircleID, the researchers analyzed a phishing operation ...
Continue Reading

New State of Phishing Report 2023: An Alarming Surge in Phishing Threats

The fight against cyber threats remains a top priority for all organizations, including phishing attacks. SlashNext just released its much-anticipated annual "State of Phishing Report for ...
Continue Reading

Targeted Social Engineering on the Rise With Lowering Phishing-as-a-Service Costs

Targeted individuals were the most common victims of social engineering attacks in the second half of 2022 and the first half of 2023, according to researchers at AtlasVPN.
Continue Reading

Healthcare Sector Experiencing Increases in Ransomware, Ransoms and Downtime

An analysis of ransomware attacks on healthcare organizations from 2016 through October of 2023 shows the healthcare sector is likely to continue to suffer as a viable ransomware target.
Continue Reading

Cybersecurity Expert: AI Lends Phishing Plausibility for Bad Actors

Cybersecurity experts expect to see threat actors increasingly make use of AI tools to craft convincing, highly targeted and sophisticated social engineering attacks, according to Eric ...
Continue Reading

September Sees a 32% Increase in the Number of Ransomware Attacks in Just One Month

Continued analysis of ransomware attacks shows an upward trend in the number of attacks, with September resulting in the highest number of assaults so far this year.
Continue Reading

Cybercriminal Group Octo Tempest and Its Menacing Phishbait

Microsoft is tracking a cybercriminal group called “Octo Tempest” that uses threats of violence as part of its social engineering and data theft extortion campaigns.
Continue Reading

Exposed: Scam Artists Mimicking PepsiCo in Phishing Schemes

Researchers at INKY warn that a phishing campaign is attempting to distribute malware by impersonating PepsiCo.
Continue Reading

New Amazon-Themed Phishing Campaign Targets Microsoft Live Outlook Users

Several months ago, Netskope Threat Labs uncovered a surge in PDF phishing attachments infiltrating Microsoft Live Outlook. These attacks were part of a larger series of phishing ...
Continue Reading

Human-Crafted Phishing Emails Only Three Percent More Successful Than AI-Generated Ones, According To IBM

Red teamers at IBM X-Force warn that AI-generated phishing emails are nearly as convincing as human-crafted ones, and can be created in a fraction of the time. The researchers tricked ...
Continue Reading

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

Most Organizations Believe Malicious Use of AI is Close to Evading Detection

As organizations continue to believe the malicious use of artificial intelligence (AI) will outpace its defensive use, new data focused on the future of AI in cyber attacks and defenses ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews