Milanote Exploited to Host Phishing Content

Jul 26, 2021 9:39:19 AM By Stu Sjouwerman

Researchers at Avanan warn that attackers are exploiting the collaboration and note-taking app Milanote to host phishing links.

[HEADS UP] 2021 Tokyo Olympics Mean Olympic-Themed Phishing Attacks

Jul 21, 2021 8:59:13 AM By Stu Sjouwerman

Last year, we reported that authorities warned of the Tokyo Olympics phishing attacks. Then the global pandemic occurred, and the games were postponed. Well, now the games have ...

Microsoft Continues to be the Top Impersonated Brand in Phishing Attacks

Jul 20, 2021 9:58:29 AM By Stu Sjouwerman

New data from CheckPoint identifies those brands being used by threat actors to trick victims into opening attachments, clicking links, providing credentials, and giving up personal ...

The Cost and Impact of Cybercrime Can Now Be Measured in a Single Minute

Jul 20, 2021 9:57:55 AM By Stu Sjouwerman

With the number of threat actors growing rapidly, along with an increased frequency of attacks, RiskIQ has put together a sobering perspective of how cybercrime impacts us in just 60 ...

[INFOGRAPHIC] New Report Shows Users Are Falling for Security and HR-Related Phishing Attacks

Jul 19, 2021 5:04:04 PM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...

Nearly Every Organization Has Had an Insider-Caused Data Breach in the Last Year

Jul 19, 2021 1:45:35 PM By Stu Sjouwerman

Whether it’s from an accidental leak of data or falling victim to a phishing attack, new data from email security vendor Egress puts the insider’s role in breaches into critical ...

[On-Demand Webinar] 2021 Phishing By Industry Benchmarking Report

Jul 19, 2021 8:00:00 AM By Stu Sjouwerman

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to ...

84% of Organizations Experienced Ransomware and Phishing-Related Security Events in the Last 12 Months

Jul 15, 2021 10:44:04 AM By Stu Sjouwerman

New research from Trend Micro and Osterman Research highlights where organizations are strongest and weakest at stopping phishing attacks resulting in ransomware.

Phishing Campaign Uses Novel Technique to Deliver Malware

Jul 14, 2021 11:25:51 AM By Stu Sjouwerman

Researchers at McAfee warn that a phishing campaign is delivering malware via Word documents that don’t contain any malicious code. When a user opens the document and enables content, the ...

Year-Long Phishing Campaign Targets Energy, Oil & Gas Companies Using Spoofed B2B Correspondence

Jul 14, 2021 9:23:26 AM By Stu Sjouwerman

Uncovered by the research team at cloud protection vendor Intezer, this new phishing campaign seeks to steal information and position each victim as the foothold to spear phish additional ...

Spear Phishing Campaign Targets Energy Companies

Jul 13, 2021 10:29:13 AM By Stu Sjouwerman

Researchers at Intezer have spotted a phishing campaign that’s targeting energy companies in South Korea, the United States, the United Arab Emirates, and Germany. Most of the targets are ...

Phishbait Follows Current Events

Jul 12, 2021 9:49:35 AM By Stu Sjouwerman

Crisis draws opportunistic criminals, and the Kaseya ransomware incident is no different. Kaseya’s updates on the incident have included repeated warnings not to be taken in by emails or ...

The Pandemic’s Paradigm Shift with Cybersecurity

Jul 9, 2021 1:18:00 PM By Anna Collard

Just over a year ago, a much-prized perk – the ability to work from home – became an everyday reality for many. ITWeb, in partnership with KnowBe4, conducted a survey to gain insight into ...

[On-Demand Webinar] Implement DMARC the Right Way to Keep Phishing Attacks Out of Your Inbox

Jul 9, 2021 8:00:00 AM By Stu Sjouwerman

DMARC, SPF, and DKIM are global anti-domain-spoofing standards, which can significantly cut down on phishing attacks. Implemented correctly they allow you to monitor email traffic, ...

Social Engineering and Organizational Culture

Jul 8, 2021 9:40:03 AM By Stu Sjouwerman

Consistent awareness training is necessary to fend off phishing attacks, according to Keatron Evans, a principal security researcher, instructor, and author with Infosec. In an interview ...

Lazarus Group Continues Targeting Defense Contractors

Jul 7, 2021 8:57:49 AM By Stu Sjouwerman

North Korea’s Lazarus Group has been launching phishing campaigns against more defense contractors and engineering companies, according to researchers at AT&T Alien Labs. The ...

WhatsApp Phishing Scams Significantly Increase

Jul 6, 2021 9:18:16 AM By Stu Sjouwerman

The Southwark Police in London have warned of a spike in WhatsApp phishing scams, according to Paul Ducklin at Naked Security. The station tweeted, “We have seen a surge in WhatsApp ...

HMRC-Branded Phishing Attacks Targeting U.K. Users Saw an 87% Increase During COVID

Jul 6, 2021 9:18:13 AM By Stu Sjouwerman

Phishing scams impersonating the UK’s tax, payments and customs authority related to tax rebates or refunds have soared, according to new data obtained by a Freedom of Information (FoI) ...

[BREAKING] NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign

Jul 1, 2021 12:15:33 PM By Stu Sjouwerman

NSA and its US and British partners (the UK's NCSC and the US FBI and CISA) late this morning released an advisory detailing a Russian campaign ("almost certainly ongoing") to brute-force ...

New IcedID and QBot Phishing Campaigns Are Running Amuck

Jul 1, 2021 10:48:05 AM By Stu Sjouwerman

Researchers at Kaspersky recently spotted two widespread phishing campaigns delivering the IcedID and QBot banking Trojans. The majority of users targeted by the IcedID campaign were ...

Security Awareness Training Blog

Phishing Blog

View Topics