FBI Director Warns of “Unprecedented” Cyberespionage Attacks Originating in China

May 24, 2022 9:53:06 AM By Stu Sjouwerman

FBI Director Christopher Wray highlighted China’s role in cyberespionage in a recent 60-Minutes news segment, saying the level of attacks the U.S. is seeing is “unprecedented in history.”

New Phishing Attack Uses Malicious Chatbot For Real Time Social Engineering

May 24, 2022 9:52:21 AM By Stu Sjouwerman

Researchers at Trustwave have observed a phishing campaign that uses a chatbot to add legitimacy to the scam. The chatbot is on a harmless website, and is designed to convince the user to ...

Phishing Attacks Increase by 54% as Initial Attack Vector for Access and Extortion Attacks

May 20, 2022 8:33:23 AM By Stu Sjouwerman

New analysis of threat activity for the first quarter of this year shows anyone with access to corporate email is a now on the front lines of modern cyberattacks of all kinds.

It's More Than Phishing; How to Supercharge Your Security Awareness Training

May 19, 2022 4:12:55 PM By Stu Sjouwerman

Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple in Europe.

Phishing Campaign Impersonates Shipping Giant Maersk

May 19, 2022 8:56:27 AM By Stu Sjouwerman

Researchers at Vade Secure warn of a large phishing campaign that's impersonating shipping giant Maersk to target thousands of users in New Zealand.

Spear Phishing a Diplomat

May 17, 2022 9:30:09 AM By Stu Sjouwerman

Researchers at Fortinet observed a spear phishing attack that targeted a Jordanian diplomat late last month. The researchers attribute this attack to the Iranian state-sponsored threat ...

Think BEC Won’t Cost You Much? How Does $130 Million Sound?

May 13, 2022 8:05:12 AM By Stu Sjouwerman

A new lawsuit brings to light the all-too common occurrence of an attack, with this occurring during a business acquisition and costing the buyer more than they bargained for.

Homeland Security: U.S. Ransomware Attacks Have Doubled in the Last Year

May 13, 2022 8:04:41 AM By Stu Sjouwerman

A March 2022 report from the Senate Committee on Homeland Security and Governmental Affairs zeros in on the growing problem of ransomware and lessons learned so far.

Trezor Crypto Wallet Attacks Results in Class Action Lawsuit Against MailChimp Owner Intuit

May 12, 2022 12:23:17 PM By Stu Sjouwerman

Months after the MailChimp data breach targeting 102 companies in the crypto sector, a new lawsuit has been filed seeking millions of dollars in damages.

Happy Credit Union Customers Become the Target of Spoofing Scams Due to a Lack of Email Security

May 12, 2022 12:22:16 PM By Stu Sjouwerman

Taking advantage of heightened levels of customer trust and satisfaction, along with lowered levels of properly implemented security, credit unions are seeing a rise in email-based scams.

European Wind-Energy Sector Is the Latest Target of Russian State-Sponsored Attacks

May 12, 2022 12:21:37 PM By Stu Sjouwerman

While Russia consistently denies any launching of cyberattacks, attack details point to reasonable intent by and cybercriminal ties to the Russian government.

Beware of Spoofed Vanity URLs

May 12, 2022 8:58:50 AM By Stu Sjouwerman

Researchers at Varonis warn that attackers are using customizable URLs (also known as vanity URLS) on SaaS services to craft more convincing phishing links. The attackers have used this ...

Another Report of SEO in Phishing

May 11, 2022 8:56:12 AM By Stu Sjouwerman

Researchers at Netskope have observed a 450% increase in phishing downloads over the past twelve months, largely driven by attackers using SEO (search engine optimization) to improve the ...

Cozy Bear Goes Typosquatting

May 5, 2022 9:08:59 AM By Stu Sjouwerman

Researchers at Recorded Future’s Insikt Group warn that the Russian threat actor NOBELIUM (also known as APT29 or Cozy Bear) is using typosquatting domains to target the news and media ...

89% of Organizations Experienced One or More Successful Email Breach Types During the Last 12 Months

May 4, 2022 9:29:50 AM By Stu Sjouwerman

With the number of email breaches per year almost doubling in the last three years, organizations still don’t see email security solutions as being an effective means of stopping attacks.

Organizations Have a 76% Likelihood of a Successful Cyberattack in the Next Year

May 4, 2022 9:28:05 AM By Stu Sjouwerman

New data from TrendMicro and Ponemon shows how almost organizations globally are not fully prepared for the looming threat of almost-certain cyberattacks.

Man Convicted for $23 Million Phishing Scam Against the US DoD

May 3, 2022 8:48:59 AM By Stu Sjouwerman

A man in California has been convicted for stealing $23.5 million from the US Department of Defense in a phishing attack. The Justice Department explained in a press release that the man, ...

Holding a Great Employee Education Meeting

May 2, 2022 4:45:24 PM By Roger Grimes

I recently attended a customer’s annual security awareness training employee event. I have attended a bunch of these over the years and I have loved them all. But this particular customer ...

Phishing Campaign Uses Simple Email Templates

May 2, 2022 8:52:18 AM By Stu Sjouwerman

A phishing campaign is using short, terse emails to trick people into visiting a credential-harvesting site, according to Paul Ducklin at Naked Security. The email informs recipients that ...

Criminal Gang Impersonates Russian Government in Phishing Campaign

Apr 28, 2022 8:41:31 AM By Stu Sjouwerman

Researchers at IBM Security X-Force are tracking a financially motivated cybercriminal group called “Hive0117” that’s impersonating a Russian government agency to target users in Eastern ...

Security Awareness Training Blog

Phishing Blog

View Topics