IBM: ”Phishing Is A Popular Cybercrime Attack Vector”

Oct 11, 2021 9:11:27 AM By Stu Sjouwerman

Researchers at IBM describe how criminals use phishing kits to launch widespread phishing campaigns with minimal effort. Phishing kits are software products that automate the process of ...

Phishing: Low- Middle- and High-Level

Oct 5, 2021 9:05:27 AM By Stu Sjouwerman

Phishing attacks have varying levels of technical sophistication, according to Mark Nicholls from Redscan. In an article published by ITProPortal, Nicholls explains that the lowest level ...

New James Bond Movie is Cybercriminals Shiniest Phishbait

Oct 4, 2021 8:41:31 AM By Stu Sjouwerman

Cybercriminals are using the new James Bond movie, No Time to Die, as phishbait, the National reports. Researchers at Kaspersky warn that malicious ads and phishing sites are claiming, ...

Hackers rob thousands of Coinbase customers using phishing attacks and an MFA flaw

Oct 3, 2021 10:02:42 AM By Stu Sjouwerman

Bleepingcomputer was first to report: "Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company's ...

Phishing Attacks Maintain “New Normal” Elevated Levels into the Middle of 2021

Oct 1, 2021 1:08:46 PM By Stu Sjouwerman

New data from the Anti-Phishing Working Group (AWPG) shows the Q2 of 2021 showed similar phishing activity to that of Q1, indicating no slowdown in attacks.

Phishing Campaign Impersonates Zix Messages

Oct 1, 2021 1:06:13 PM By Stu Sjouwerman

Researchers at Armorblox have spotted a credential phishing campaign that’s impersonating encrypted communications from Zix. The emails contain a link to download an HTML attachment.

Phishing Kits and Phishing-as-a-Service Responsible for Over 300,000 URLs Used in Phishing Attacks

Sep 30, 2021 8:19:15 AM By Stu Sjouwerman

Lowering the barrier to market even more, this new Phishing as a Service (PhaaS) spotted by Microsoft puts quality phishing templates and sites into the hands of any would-be cyber ...

Someone's Impersonating the California DMV in Texts

Sep 29, 2021 9:00:09 AM By Stu Sjouwerman

The California DMV has warned of an ongoing smishing campaign seeking customers’ personal and financial information, Pasadena Now reports.

New Tactic: Shortened LinkedIn URLs Are Now Used As Phish Hooks

Sep 27, 2021 8:32:30 AM By Stu Sjouwerman

Scammers are using shortened LinkedIn URLs to disguise phishing links, according to Jeremy Fuchs at Avanan. LinkedIn automatically shortens links that are longer than 26 characters. The ...

Travel-Related Phishing Scams and Websites Surge More Than 400%

Sep 22, 2021 4:04:22 PM By Stu Sjouwerman

Pent-up demand for traveling – both domestically and internationally – has driven an interest by cybercriminals to take advantage of those traveling to become phishing victims.

$1 Trillion Infrastructure Bill is the Catalyst for DOT-Impersonated Phishing Attacks Targeting Contractors

Sep 22, 2021 4:04:15 PM By Stu Sjouwerman

Offering targeted victim organizations an opportunity to bid on infrastructure projects, this scam seeks to harvest credentials using a new mix of tactics to evade detection.

Recent Cryptocurrency Scam Posed as “The Elon Musk Mutual Aid Fund”

Sep 21, 2021 9:34:46 AM By Stu Sjouwerman

A phishing campaign is pushing cryptocurrency scams posing as the “Elon Musk Mutual Aid Fund,” according to BleepingComputer. The emails have odd subject lines and content, but contain an ...

New Phishing Attack on Microsoft 365 Users Leverages Open Redirects to Avoid Detection

Sep 16, 2021 8:55:52 AM By Stu Sjouwerman

The use of open redirects from legitimate domains makes phishing emails that much more believable and credible, obfuscating the dangerous nature of these attacks.

That's Not the US Department of Transportation, It's a Phishing Attack

Sep 16, 2021 8:55:37 AM By Stu Sjouwerman

A phishing campaign is impersonating the US Department of Transportation (USDOT), according to Roger Kay at INKY. The campaign is targeting infrastructure contractors who are eager to bid ...

Social Media as Artillery Preparation for Spear Phishing

Sep 14, 2021 9:18:49 AM By Stu Sjouwerman

Researchers at ESTsecurity warn that a North Korean threat actor known as “Kumsong 121” is using compromised social media accounts to launch spear phishing attacks, the Daily NK reports. ...

A Look at Phishing Keywords

Sep 9, 2021 10:37:52 AM By Stu Sjouwerman

Researchers at Expel offer a useful list of the top keywords used in phishing emails. First on the list is the word “invoice,” which is a general term that will be relevant to most ...

The Amount of Weekly New Phishing URLs Has Grown Nearly 2.5x Since 2020

Sep 8, 2021 4:06:10 PM By Stu Sjouwerman

The increase in remote users mixed with a lack of adjusting to cloud-based security services likely created the perfect opportunity for cybercriminals.

Phishing for the German Bundestag

Sep 8, 2021 8:45:15 AM By Stu Sjouwerman

The German government has called out Russia for carrying out phishing attacks against German politicians ahead of the country’s upcoming parliamentary elections, the Associated Press ...

Windows 11 Phishbait by Active Threat Group Now Delivers Malware

Sep 7, 2021 8:53:55 AM By Stu Sjouwerman

Researchers at Anomali warn that the financially motivated threat group FIN7 is using Windows 11-themed phishing documents to deliver malware. The documents claim to have been created on ...

Be Wary of Unrequested Disc Images

Sep 3, 2021 9:16:15 AM By Roger Grimes

Microsoft’s recent announcement that the new version of Microsoft Windows, Microsoft Windows 11, will be released soon is capturing headlines around the world. Microsoft will allow ...

Security Awareness Training Blog

Phishing Blog

View Topics