There Is No Herd Immunity in the Digital World

Mar 30, 2021 4:31:46 PM By Roger Grimes

When I was first starting off in my career, I wanted to be a doctor. As life often goes, I got waylaid. Wanting to be a doctor turned in an accounting major and CPA certification, quickly ...

Aussie TV Network Taken Off Air by Ransomware

Mar 29, 2021 9:54:27 AM By Stu Sjouwerman

The "early-scoop" Phil Muncaster at InfoSec Mag reported: "An Australian TV network was taken off-air for over 24 hours by suspected state-backed attackers, in what it described as the ...

Data Breach at Dutch Auto Shops Puts 7,3 Million Car Owners at Risk

Mar 29, 2021 9:31:50 AM By Stu Sjouwerman

The Netherlands is dealing with what looks like one of the largest data breaches in the nation so far. Late last week, Dutch public broadcaster NOS revealed that customer data of millions ...

Phishing Remains the Most Common Form of Attack

Mar 29, 2021 8:20:31 AM By Stu Sjouwerman

Phishing attacks are “by far” the most common vector for data breaches, according to a new survey by the UK’s Department for Digital, Culture, Media, and Sport (DCMS).

[UPDATE] What is SOAR? What Are The Pros And Potential Pitfalls?

Mar 25, 2021 1:46:58 PM By Stu Sjouwerman

Jessica Groopman at TechTarget's SearchSecurity forum has a great short post about SOAR, what it stands for and what the potential benefits and pitfalls are. Here is an extract with a ...

Forensically Investigating Phishing To Better Protect Your Organization

Mar 25, 2021 11:37:24 AM By Roger Grimes

The single best thing you can do to reduce cybersecurity risk in your environment is to prevent and mitigate social engineering – phishing in particular. The first and best thing any IT ...

Avoid Being Influenced by Instagram Scams

Mar 25, 2021 10:00:03 AM By Stu Sjouwerman

People need to be able to recognize common scams that will target them through Instagram and other social media sites, according to Harriet Stone at Naked Security. Stone points to ...

A Can of Phishbait: from Surveys to Rule Changes to Your Boss's Boss

Mar 24, 2021 8:28:28 AM By Stu Sjouwerman

Employees need to continue being wary of phishing scams as they begin to return to the office, according to Roger Kay at INKY. Kay describes several phishing templates that INKY has ...

Spoofing Tailored to Financial Departments

Mar 23, 2021 1:01:21 PM By Stu Sjouwerman

Researchers at Area 1 Security have warned of a large spear phishing campaign targeting financial departments and C-suite employees with spoofed Microsoft 365 login pages. The researchers ...

Not Your Father's Tech Support Scam

Mar 22, 2021 10:43:45 AM By Eric Howes

Over the past month or so customers using the Phish Alert Button (PAB) have been reporting a curious wave of what initially appeared to be run-of-the-mill tech support scam emails. As it ...

Another Tax Season, Another Opportunity for Scams

Mar 18, 2021 9:30:45 AM By Erich Kron

It’s the start of tax season. This is the time of year when we collect our receipts and tax forms and hope for a nice big refund from the U.S. government. Unfortunately, cybercriminals ...

Researchers Have Their Eye on Malicious Clones of Android Apps That Put Devices at Risk

Mar 18, 2021 8:29:50 AM By Stu Sjouwerman

Researchers at Check Point have found malicious apps in the Google Play Store that will download Trojans to infected devices.

FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report, Losses Exceed $4.2 Billion

Mar 18, 2021 5:58:13 AM By Stu Sjouwerman

The FBI’s Internet Crime Complaint Center has released their annual report. The 2020 Internet Crime Report includes information from 791,790 complaints of suspected internet crime—an ...

[EYE-OPENER] USA CISA Advisory on Trickbot Campaigns: Phishing Training For Employees

Mar 17, 2021 4:04:08 PM By Stu Sjouwerman

March 17, 2021 — The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have observed continued targeting through spear phishing campaigns ...

6 Advanced Email Phishing Attacks

Mar 16, 2021 10:32:51 AM By Roger Grimes

No matter how good your policies and technical defenses are, some amount of phishing will get to your end users in a given month. They must be trained to recognize social engineering ...

Beware: Lots of COVID-19 Vaccine-Related Attacks Are Active and Looking for Their Next Victim

Mar 16, 2021 8:01:00 AM By Stu Sjouwerman

From spear phishing attacks, to malicious domains, to credential-hunting – as I predicted, COVID vaccines are the hot attack theme right now from just about every angle.

[On-Demand Webinar] Avoiding Business Email Compromise Phishing Scams During Tax Season

Mar 15, 2021 8:00:00 AM By Stu Sjouwerman

Taxes are unavoidable, and unfortunately, so are the annual tax-related phishing scams. This year, with the COVID-19 pandemic continuing to keep people working from home, cybercriminals ...

The Most Commonly Spoofed Business-Related Applications in a Phishing Campaign

Mar 15, 2021 7:12:32 AM By Stu Sjouwerman

Business-related applications like Zoom, Microsoft, and DocuSign are the most commonly spoofed services in phishing attacks, according to a new report from GreatHorn. Business apps made ...

Credential Harvesting Attacks Targeting the U.S. Federal Government Nearly Double as Malware Declines

Mar 11, 2021 9:07:03 AM By Stu Sjouwerman

Shifts to a remote workforce in 2020 gave cybercriminals an opportunity to change tactics, focusing on credentialed access to systems accessed from outside government networks.

FINRA Warns of Phishing Attacks

Mar 11, 2021 8:16:40 AM By Stu Sjouwerman

The Financial Industry Regulatory Authority (FINRA) has warned of a phishing campaign that’s trying to trick users into responding to a phony regulatory non-compliance issue. The emails ...

Security Awareness Training Blog

Phishing Blog

View Topics