[HEADS UP] The Online Scams exploiting Queen Elizabeth's Death are Here

Sep 13, 2022 4:34:58 PM By Stu Sjouwerman

The Sun just reported that experts are sending a warning about online scams in relation to Queen Elizabeth's passing.

Scammer Continues Phishing From Prison

Sep 13, 2022 10:46:52 AM By Stu Sjouwerman

Dutch authorities have announced that an imprisoned scammer was running a phishing operation from his jail cell, Cybernews reports. The crook used four mobile phones to post malicious ads ...

Report: 80% of Phishing Attacks Leverage Legitimate Web Infrastructure and Services

Sep 12, 2022 1:51:30 PM By Stu Sjouwerman

Threat actors are taking advantage of every free tool and service they can to improve their changes of successfully fooling security solutions, with compromised websites taking the lead.

Gaming-Related Phishing Trends

Sep 12, 2022 9:37:39 AM By Stu Sjouwerman

Researchers at Kaspersky have found that the vast majority of gaming-related malware lures are targeted at Minecraft players. Roblox came in at a distant second, and the researchers note ...

Singapore: Top Ten Scams in the First Half of 2022 Cost Over $227 Million, Scam Frequency Rises by 94%

Sep 9, 2022 8:46:03 AM By Stu Sjouwerman

Queries of reported cases to Singapore Police reveal a rise in scam costs by 59% as phishing cases double and job-related scams increase 7x from the first half of 2021.

New Phishing-as-a-Service Platform

Sep 8, 2022 8:46:47 AM By Stu Sjouwerman

Researchers at Resecurity have discovered a new Phishing-as-a-Service (PhaaS) platform called “EvilProxy” that’s being offered on the dark web. EvilProxy is designed to target accounts on ...

[On-Demand Webinar] Combatting Rogue URL Tricks: Quickly Identify and Investigate the Latest Phishing Attacks

Sep 7, 2022 11:41:56 AM By Stu Sjouwerman

Everyone knows you shouldn’t click phishy links. But are your end users prepared to quickly identify the trickiest tactics bad actors use before it’s too late? Probably not.

Spear Phishing Campaign Targets Financial Institutions in African Countries

Sep 7, 2022 11:00:00 AM By Stu Sjouwerman

Researchers at Check Point have discovered a spear phishing campaign dubbed “DangerousSavanna” that's targeting financial entities in at least five African countries.

The Number of Phishing Attack Cases in Japan Hit an All-Time High

Sep 6, 2022 10:30:00 AM By Stu Sjouwerman

The number of reported cases of phishing to Japan’s Council of Anti-Phishing reached over 100,000 in July, just as a notice of scams impersonating Japan’s National Tax Agency is released.

So, Your MFA is Phishable, What To Do Next

Aug 31, 2022 9:54:49 AM By Roger Grimes

We’ve written a lot about multi-factor authentication (MFA) not being the Holy Grail to prevent phishing attacks, including here:

Phishing Attacks Leveraging Legitimate SaaS Platforms Soars 1100%

Aug 31, 2022 9:30:27 AM By Stu Sjouwerman

As threat actors look for ways to evade detection by security solutions, the use of cloud applications has seen a material jump in the last 12 months, according to new data.

Phishing and Malicious Emails Are Still the Primary Initial Attack Vector

Aug 31, 2022 9:30:19 AM By Stu Sjouwerman

As cybercriminals continue to evolve their techniques, they continue to rely on phishing as the most successful tried and true method of initial attack, according to new data from Acronis.

[KREBS ON SECURITY] How 1-Time Passcodes Became a Corporate Liability

Aug 30, 2022 11:45:43 AM By Stu Sjouwerman

[The following article is at it appears at Krebs on Security here.] Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes ...

The Extent of Social Engineering

Aug 30, 2022 10:25:14 AM By Stu Sjouwerman

Researchers at NordVPN have published the results of a survey that found that 84% of Americans have experienced some form of social engineering, although only 54% have heard of the term ...

Phishing Remains the Initial Infection Vector in 78% of Attacks Against OT-Heavy Industries

Aug 25, 2022 9:14:05 AM By Stu Sjouwerman

Companies heavily reliant on operational technology (OT) to function are just as much a target as businesses relying in traditional IT and are facing some of the same challenges to stop ...

Teach Two Things to Decrease Phishing Attack Success

Aug 24, 2022 8:25:03 AM By Roger Grimes

We know everyone is busy. Everyone already has too much on their plate and is trying to learn as much as they can every day.

Vishing is a Rising Threat to the Enterprise

Aug 23, 2022 10:05:48 AM By Stu Sjouwerman

Most of us are all too familiar with vishing, the scam voice calls that offer to erase your credit card debt, to extend your automobile warranty, to get you to donate to that worthy cause ...

Impersonation Phishing Attacks Increase as Credentials Take the Lead as the Primary Target

Aug 18, 2022 8:16:56 AM By Stu Sjouwerman

New data shows an upswell of email-based cyberattacks, with over 256 brands being impersonated, as social media, Microsoft, shipping, and ecommerce brands top the list.

Hybrid Vishing Attacks Increase 625% in Q2

Aug 18, 2022 8:16:42 AM By Stu Sjouwerman

Reaching a six-quarter high in Q2, hybrid vishing attacks have increased six times that of the hybrid-vishing attacks experienced in Q1 2021.

Organizations Holding Cyber Insurance Policies May Get Stuck with the Bill in a Phishing Loss

Aug 18, 2022 8:16:28 AM By Stu Sjouwerman

Plenty of new anecdotal and legal case-based stories are demonstrating that just because your organization has a policy doesn’t mean it’s actually going to pay out after an attack.

Security Awareness Training Blog

Phishing Blog

View Topics