Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Half of Travel-Themed Spam Emails Are Scams

Jul 31, 2024 1:31:04 PM By Stu Sjouwerman
Researchers at Bitdefender have found that half of all travel-themed spam emails contain scams.
Continue Reading

The First Half of 2024 Results in More Than 1 Billion Data Breach Victims

Jul 31, 2024 1:31:00 PM By Stu Sjouwerman
New data shows that cyber attacks have resulted in double the number of data breaches in 2024 than throughout all of 2023.
Continue Reading

New Phishing Kit Uses Voice Call Generator to Impersonate Spanish Banks

Jul 30, 2024 1:47:23 PM By Stu Sjouwerman
A new cybercriminal group is selling “a sophisticated AI-powered phishing-as-a-service platform” that targets 36 Spanish banks, according to researchers at Group-IB.
Continue Reading

Scammers Exploit Interest in Generative AI Tools

Jul 29, 2024 1:50:36 PM By Stu Sjouwerman
Researchers at Palo Alto Networks’s Unit 42 are tracking phishing attacks exploiting interest in generative AI tools. The researchers observed spikes in suspicious domain registrations ...
Continue Reading

QR Code Phishing is Still on the Rise. The SEG is Dead.

Jul 29, 2024 8:19:34 AM By Stu Sjouwerman
Organizations need to be aware of the threat posed by QR code phishing (quishing), according to researchers at Trend Micro.
Continue Reading

New Phishing Scam Leverages Chat To Add Credibility And Ensure Success

Jul 26, 2024 11:53:18 AM By Stu Sjouwerman
A new phishing scam is leveraging trusted aspects of ecommerce to make their scams look legitimate.
Continue Reading

Phishing Campaigns Continue To Exploit CrowdStrike Outage

Jul 26, 2024 8:34:01 AM By Stu Sjouwerman
As expected, threat actors are taking advantage of the global IT outage caused by a faulty CrowdStrike update last Friday, SC Media reports.
Continue Reading

Russian Super-Threat Group Fin7 Comes Back from the Dead

Jul 26, 2024 8:33:58 AM By Stu Sjouwerman
Declared “dead” by the U.S. Attorney’s Office in 2023, the Russian cyber crime group Fin7 is impersonating some of the top global brands.
Continue Reading

Phishing Campaigns Abuse Cloud Platforms to Target Latin America

Jul 23, 2024 1:55:11 PM By Stu Sjouwerman
Several threat actors are abusing legitimate cloud services to launch phishing attacks against users in Latin America, according to Google’s latest Threat Horizons Report.
Continue Reading

Phishing Attacks Will Likely Follow Last Week’s Global IT Outage

Jul 22, 2024 2:36:16 PM By Stu Sjouwerman
Organizations should expect to see phishing attacks exploiting the global IT outage that occurred last Friday, the Business Post reports.
Continue Reading

CrowdStrike Phishing Attacks Appear in Record Time

Jul 19, 2024 3:59:42 PM By Stu Sjouwerman
I have been the CEO of an anti-virus software developer. We had a special acronym for catastrophic events like this, a so-called "CEE". As in Company Extinction Event. But first: Our ...
Continue Reading

CISA’s Red Team Exercise Shows Value of Phishing, but Misses the Best Recommendation

Jul 19, 2024 1:52:49 PM By Roger Grimes
Phishing is used to completely compromise the victim’s environment after other repeated methods failed.
Continue Reading

Cyber Threats Targeting the 2024 Paris Olympics

Jul 18, 2024 1:41:32 PM By Stu Sjouwerman
Our friends at the CyberWire reported: "ZeroFox and Fortinet have both published reports on threats facing the 2024 Olympics in Paris. ZeroFox says the primary cybersecurity threat will ...
Continue Reading

IRS Warns of Phishing Attacks Targeting Car Dealerships

Jul 16, 2024 11:37:55 AM By Stu Sjouwerman
The US Internal Revenue Service (IRS) has issued an advisory warning of phishing campaigns targeting car dealerships. The IRS says car dealers should be on the lookout for targeted ...
Continue Reading

Phishing Continues to Be the Primary Entry to Ransomware Attacks

Jul 15, 2024 10:54:34 AM By Stu Sjouwerman
Phishing remains a top initial access vector for ransomware actors, according to researchers at Cisco Talos. The threat actors often use phishing to steal legitimate credentials so they ...
Continue Reading

[Warn Your Users] High Scam Risk After Failed Trump Assassination

Jul 14, 2024 8:05:51 AM By Stu Sjouwerman
Pictures of Donald Trump rushed from a campaign stage, his cheek brushed with blood from an assassination attempt, are an unsettling shock.
Continue Reading

Phishing Attacks Against State and Local Governments Are Surging

Jul 11, 2024 2:01:51 PM By Stu Sjouwerman
Researchers at Abnormal Security have observed a 360% increase in phishing attacks against state and local government entities over the past year.
Continue Reading

Russian Spear Phishing Campaigns Target NATO Entities

Jul 10, 2024 10:00:52 AM By Stu Sjouwerman
Researchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has ...
Continue Reading

From Policy to Practice in Security Culture: What Security Frameworks Recommend

Jul 10, 2024 10:00:48 AM By Anna Collard
Recently I had to prepare for a governance, risk and compliance conference. I promptly realized that although I used to be quite immersed in this field as an ISO 27k implementation ...
Continue Reading

Dodgy New Phishing Platform Targets Microsoft 365 Accounts at Financial Firms

Jul 9, 2024 1:59:55 PM By Stu Sjouwerman
Analysis of the latest phishing-as-a-service (PhaaS) platform ONNX Store highlights just how successful these platforms can be.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews