Traits of Most Scams

Feb 16, 2022 3:01:55 PM By Roger Grimes

There are a lot of scams in the world, and they seem to be proliferating at an exponential rate. My Facebook friend’s accounts are compromised all the time and I get sent scam requests ...

Phishing Attacks on Social Media Doubled Over 2021

Feb 16, 2022 8:38:03 AM By Stu Sjouwerman

Phishing attacks on social media doubled over the course of 2021, according to a new report from PhishLabs by HelpSystems. Most (68%) of these attacks targeted organizations in the ...

Meta Files Lawsuit Over Phishing Attacks

Feb 14, 2022 8:54:05 AM By Stu Sjouwerman

Meta (Facebook’s corporate parent) and the digital banking company Chime have filed a joint lawsuit against two Nigerian citizens for allegedly impersonating Chime in phishing attacks, ...

New Cyberattack Campaign Delivers Multiple RATs via Trusted Cloud Services

Feb 11, 2022 8:52:41 AM By Stu Sjouwerman

Abusing cloud providers including Microsoft Azure and AWS, cybercriminals are setting up malicious infrastructure to hide their operations and avoid detection.

Brand Impersonation and the Healthcare Sector

Feb 10, 2022 8:44:51 AM By Stu Sjouwerman

The healthcare sector is particularly vulnerable to phishing attacks, according to Mike Azzara at Mimecast. Employees in the healthcare industry need to be wary of brand impersonation ...

Use of Excel .XLL Add-Ins Soars Nearly 600% to Infect Systems in Phishing Attacks

Feb 8, 2022 6:25:28 PM By Stu Sjouwerman

Cybercriminals are taking to more advanced functionality than traditional VBA scripting to both execute complex malicious actions via Excel and to obfuscate their true intention - ...

Scammers Now Exploit 'Slinks' in LinkedIn

Feb 8, 2022 9:53:21 AM By Stu Sjouwerman

Scammers are exploiting LinkedIn redirect links, or “Slinks,” to fool users and bypass email security filters, Brian Krebs reports. These links allow companies to track their marketing ...

QR Codes in the Time of Cybercrime

Feb 7, 2022 1:55:27 PM By Javvad Malik

QR codes have been around for many years. While they were adopted for certain niche uses, they never did quite reach their full potential. They are a bit like Rick Astley in that regard, ...

As Tax Season Starts, So Do IRS Scams - Here’s What to Look For

Feb 7, 2022 9:55:24 AM By Stu Sjouwerman

It’s that time again, when we all dread finding out if we owe money or not. And cybercriminals are banking on it with a wide range of scams that all impersonate the IRS.

Phone Number Only Phishing on the Rise

Feb 4, 2022 8:59:55 AM By Stu Sjouwerman

I do not have the data to support my conclusion, but myself and others have noticed the sharp increase in email phishing attempts that include only a phishing message and a phone number ...

COVID-19 Test-Related Phishing Scams Jump 521% Into January

Feb 1, 2022 2:40:11 PM By Stu Sjouwerman

New data shows a massive increase between October 2021 and January 2022 in phishing attacks focusing on one of the world’s current concerns for home and in-office testing.

New Phishing Campaign is Impersonating Zoom to Steal Credentials

Feb 1, 2022 2:40:04 PM By Stu Sjouwerman

A phishing campaign is impersonating Zoom in order to steal users’ Microsoft credentials, according to Lauryn Cash at Armorblox. The emails landed in about 10,000 inboxes, and targeted “a ...

Beware of QuickBooks Payment Scams

Jan 31, 2022 9:16:17 AM By Roger Grimes

Many small and mid-sized companies use Intuit’s very popular QuickBooks program. They usually start out using its easy-to-use base accounting program and then the QuickBooks program ...

Increased “Shipping Delays” Now Served as Phishbait

Jan 31, 2022 9:16:14 AM By Stu Sjouwerman

Attackers are exploiting pandemic-related supply-chain disruptions to launch phishing campaigns, according to Troy Gill, senior manager of threat intelligence at Zix. In an article for ...

Microsoft Warns of Latest “Consent Phishing” Attack Intent on Reading Your Email

Jan 27, 2022 9:13:57 AM By Stu Sjouwerman

Rather than steal your user’s credentials, this latest attack takes the OAuth route to gain access to the victim’s mailbox. This gives cybercriminals continual access, regardless of ...

Dark Web Service Sells Access to Compromised Accounts and Browser Sessions

Jan 27, 2022 9:13:53 AM By Stu Sjouwerman

When we hear about compromised credentials, there’s always the question of “How are they used post-compromise?” In one case, they are fully on display for sale to the highest bidder.

Malicious Office Documents Jump to 37% of All Malware Downloads at the End of 2021

Jan 27, 2022 9:13:49 AM By Stu Sjouwerman

With the ubiquitous use of Microsoft Office today, it should come as no surprise that malicious macro-laden documents continue to reign, with PPT files delivering AgentTesla taking the ...

Irish Teaching Council Fined €60,000 for Phishing-Induced Breach

Jan 25, 2022 10:30:43 AM By Stu Sjouwerman

Ireland’s Teaching Council has been fined €60,000 by the country’s Data Protection Commission (DPC) over a breach of nearly ten thousand teachers’ data, the Irish Examiner reports. An ...

New U.K. Vishing Scam Offers Significant Phone Plan Discounts in Exchange for your Phone Provider's One-Time Security Code

Jan 21, 2022 8:24:37 AM By Stu Sjouwerman

Scammers targeting customers of mobile carrier O2 are enticing victim engagement by offering discounts on their mobile plan as much as 40%.

DHL is Now the Most Spoofed Brand in Phishing

Jan 20, 2022 9:26:04 AM By Stu Sjouwerman

International shipping company DHL was the most impersonated brand in phishing attacks during the fourth quarter of 2022, researchers at Check Point have found.

Security Awareness Training Blog

Phishing Blog

View Topics