Social Engineering for Espionage and Influence

Aug 17, 2022 9:20:19 AM By Stu Sjouwerman

Microsoft has disrupted operations carried out by a Russian government-aligned threat actor tracked as “SEABORGIUM.” The threat actor uses phishing and credential harvesting to conduct ...

Children of Conti go Phishing

Aug 16, 2022 11:57:46 AM By Stu Sjouwerman

Researchers at AdvIntel warn that three more ransomware groups have begun using the BazarCall spear phishing technique invented by the Ryuk gang (a threat group that subsequently ...

Initial Access Broker Phishing

Aug 15, 2022 9:07:30 AM By Stu Sjouwerman

Cisco has disclosed a security incident that occurred as a result of sophisticated voice phishing attacks that targeted employees, according to researchers at Cisco Talos. The researchers ...

U.S. Government Warns of Increased Texting Scams as Mobile Attacks are Up 100%

Aug 12, 2022 8:47:48 AM By Stu Sjouwerman

Cyberattacks via SMS messaging are on the rise, and are having such an impact, the Federal Communications Commission has released an advisory on Robotext phishing attacks (or smishing).

Massive Network of Over 10,000 Fake Investment Sites Targets Europe

Aug 12, 2022 8:47:44 AM By Stu Sjouwerman

Using a mix of compromised social media accounts, social engineering, call center agents, and some convincing websites, this latest scam seeks to get victims to repeatedly “invest”.

Phishing-as-a-Service Platform “Robin Banks” Helps Cybercriminals Target Customers of Financial Institutions

Aug 11, 2022 9:29:14 AM By Stu Sjouwerman

Initial Access Brokers (IABs) are one of the new breeds of cybercrime services. But this newest PhaaS platform makes it easy for anyone to target banks for as little as $50 monthly.

New Paypal Phishing Scam Uses “Legitimate” Invoices to Reach Victim Inboxes

Aug 11, 2022 9:29:02 AM By Stu Sjouwerman

Newer phishing scams are looking for ways to make legitimate websites do the work of delivering malicious messages to unsuspecting victims – this new scam achieves it perfectly.

Recent Cisco Hack by Ransomware Group Started Because of a Phishing Attack

Aug 11, 2022 8:59:06 AM By Stu Sjouwerman

In a recent article by Forbes, Cisco confirmed that they were hacked by a ransomware group as the group of cybercriminals published a partial list of files that were claimed to be ...

DPRK Operators Impersonate CoinBase

Aug 10, 2022 8:44:55 AM By Stu Sjouwerman

North Korea’s Lazarus Group is running a new phishing campaign targeting Coinbase accounts, BleepingComputer reports. The threat actors are posing as Coinbase and targeting people with ...

New Phishing Campaign is Now Targeting Coinbase Users

Aug 9, 2022 2:31:06 PM By Stu Sjouwerman

If you're a Coinbase user, you are most likely the next target of a new phishing campaign. Cybercriminals have managed to infiltrate two-factor authentication and deploying other social ...

Cash App Scams Strikes Again With New Types of Attacks

Aug 9, 2022 9:31:42 AM By Stu Sjouwerman

TradeArabia has published a report about common scams on CashApp, explaining that scammers frequently take advantage of CashApp promotions, like the weekly money giveaway, “Super Cash App ...

New Research Shows Social Engineering and Phishing are the Top Threats

Aug 9, 2022 8:56:10 AM By Stu Sjouwerman

According to the CS Hub Mid-Year Market Report 2022, new findings shows that 75% of survey respondents believe that social engineering and phishing attacks are the top threat vector to ...

Twilio hacked by phishing campaign targeting internet companies

Aug 8, 2022 3:38:47 PM By Stu Sjouwerman

Communications giant Twilio has confirmed hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials.

Cybercriminals Go to College with New Phishing Attacks

Aug 8, 2022 9:23:42 AM By Stu Sjouwerman

The summer is winding up, and the traditional academic year is approaching. And amid the welcomes from the deans of students, the activities coordinators, the academic advisors and so on, ...

LinkedIn Continues its Reign as the Most-Impersonated Brand in Phishing Attacks

Aug 4, 2022 1:09:44 PM By Stu Sjouwerman

As cybercriminals look for novel and effective ways to gain entrance to a victim network, LinkedIn is proving to be fruitful enough to keep the attention of phishing scammers.

Open Redirects Exploited for Phishing

Aug 4, 2022 11:21:34 AM By Stu Sjouwerman

Attackers are exploiting open redirects to distribute links to credential-harvesting sites, according to Roger Kay at INKY. The attackers are exploiting vulnerable American Express and ...

On-Demand Webinar: New 2022 Phishing By Industry Benchmarking Report: How Does Your Organization Measure Up

Aug 3, 2022 11:28:49 AM By Stu Sjouwerman

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to ...

New Data Breach Extortion Attack Begins with a Fake Duolingo or MasterClass Subscription Scam

Aug 3, 2022 8:50:01 AM By Stu Sjouwerman

The cybercriminal gang, dubbed ‘Luna Moth’ uses a sophisticated mix of phishing, vishing, remote support sessions, and remote access trojans to gain control of victim endpoints.

Phishing-Based Data Breaches Take 295 Days to Contain and Breach Costs Soar to $4.91 Million

Jul 28, 2022 12:33:36 PM By Stu Sjouwerman

Fresh data on data breach costs from IBM show phishing, business email compromise, and stolen credentials take the longest to identify and contain.

Microsoft 365 Users are Once Again the Target of Phishing Scams using Fake Voice Mail Messages

Jul 28, 2022 9:04:04 AM By Stu Sjouwerman

Using a simple email containing a voice mail attachment, an ingenious phishing attack captures credentials while keeping track of the domains being attacked.

Security Awareness Training Blog

Phishing Blog

View Topics