Attackers Abuse Google Docs for Phishing Attacks

Jun 24, 2021 8:48:29 AM By Stu Sjouwerman

Attackers are using a new technique to exploit Google Docs for phishing attacks, according to researchers at Avanan. The attackers take advantage of the fact that Google Docs ...

Leaked Copies of Windows 11 Could Be Tempting Phishbait for Techies

Jun 22, 2021 10:15:55 AM By Stu Sjouwerman

The latest anticipated release of Windows should be a reminder that even IT folks can be driven into a frenzy enough to miss the signs of a malicious campaign.

Why Phishing Attacks Are So Easy, Successful and Profitable – and What to do About It

Jun 22, 2021 10:15:40 AM By Stu Sjouwerman

With phishing attacks being thought to have started literally 25 years ago, what makes this age-old method so continually valuable as a tool for cybercriminals and scammers?

The Number of Phishing Sites in March Was Twice That of the Previous Year

Jun 22, 2021 10:15:22 AM By Stu Sjouwerman

With the number of phishing sites in Q1 overall up 47%, according to new data from Phishlabs, the bad guys are starting their year off letting you know… they mean business.

[Heads Up] If You're an Amazon Prime Shopper, Heed This Prime Day Phishing Alert

Jun 17, 2021 10:00:25 AM By Stu Sjouwerman

Amazon Prime Day is approaching on June 21st with special promotions. This also mean cybercriminals are ready to strike with leveraging 'special deals' on the online days that they will ...

The Number of Phishing Websites Hits an All-Time High Reaching Nearly 350% Growth

Jun 16, 2021 3:55:58 PM By Stu Sjouwerman

According to the newly released data from the Anti-Phishing Working Group, every metric measuring phishing attacks is up this year over last, spelling trouble for organizations.

New BEC Phishing Attack Steals Office 365 Credentials and Bypasses MFA

Jun 15, 2021 2:01:41 PM By Stu Sjouwerman

Leveraging Microsoft Exchange’s Basic Authentication support, scammers were able to use harvested online credentials and bypass any MFA in place, giving them access to mailboxes.

New “Ransomware Update” Phishing Attack Seeks to Enjoy the Same Successes as the Recent Pipeline Attack

Jun 14, 2021 4:21:43 PM By Stu Sjouwerman

When your users receive a realistic-looking helpdesk email informing them they should update their system to prevent ransomware attacks, what could possibly go wrong?

Fax/Scan Phishing Attacks Jump Nearly 500% as Workers Return to the Office

Jun 14, 2021 4:21:40 PM By Stu Sjouwerman

The bad guys take advantage of any major event as the source of a new phishing campaign. According to new data from Avanan, this latest campaign aligns with heading back to the office.

Insights Into Credential Phishing

Jun 9, 2021 10:36:37 AM By Stu Sjouwerman

Cybercriminals are quick to put hacked accounts to use, according to Agari by Help Systems. The researchers found that 91% of compromised accounts are accessed by attackers within one ...

FINRA Warns U.S. Brokerage Firms of New Phishing Campaign Threatening Penalties for Non-Compliance

Jun 9, 2021 10:09:40 AM By Stu Sjouwerman

In the latest phishing campaign targeting FINRA member firms, attackers impersonate requests from the regulatory authority citing the potential to “attract penalties” if request ...

Phishing Trends Show Adult Themes Have Skyrocketed 974%

Jun 7, 2021 8:48:15 AM By Stu Sjouwerman

Phishing lures with adult themes have spiked over the past year, according to researchers at GreatHorn. The researchers explain that these emails are effective at getting people to click, ...

Use of TLS to Obfuscate Malicious C2 Communications Doubles in the Last Year

Jun 2, 2021 4:57:30 PM By Stu Sjouwerman

With 98% of all web traffic going over HTTPS, the malicious use of TLS (transport layer security) helps the cybercriminal conceal their activity specifics while also potentially doing so ...

Cyber Hygiene not a Focus for Cybersecurity Leaders, Despite Being Targets of Attacks Themselves

Jun 2, 2021 4:46:48 PM By Stu Sjouwerman

New findings from a survey of over 100 global cybersecurity leaders across all major industries sheds light on the apathy around needed proper cyber hygiene in their own lives.

New Email Attack Takes a Phishing-Turned-Vishing Angle to Steal Credit Card Info

May 28, 2021 9:56:51 AM By Stu Sjouwerman

Details on this new scam demonstrate how cybercriminal gangs are working to try use new mediums and social engineering methods to trick users into becoming victims.

Cybersecurity Insurance Landscape Is Fundamentally Changing Right Now

May 26, 2021 8:36:48 AM By Roger Grimes

By Roger Grimes. Ransomware is stealing so much money and interrupting so many businesses that it might be the beginning of their undoing. It is certainly radically changing the ...

UK Royal Mail Smishing Crew Nabbed By City Of London Police

May 24, 2021 3:34:30 PM By Stu Sjouwerman

According to a report by ZDNet, there were arrests made due to suspicions of sending 'smishing' texts. Smishing is a form of phishing that sends SMS messages in order to steal personal ...

More Targeted Phishing Attacks Are Coming!

May 24, 2021 9:40:11 AM By Roger Grimes

I have been in the cybersecurity business for 34 years. I am not an innately brilliant, but one of the things I seem to do well is to spot trends as they happen early in their cycle. It ...

Low-Grade Ways of Bypassing Email Scanners

May 24, 2021 9:38:59 AM By Stu Sjouwerman

Cybercriminals are replacing common words in phishing scams with synonyms in order to bypass security filters, according to researchers at Avanan. For example, one phishing lure contained ...

The FBI’s Internet Crime Complaint Center Marks Its 6 Millionth Complaint as Pace Accelerates

May 21, 2021 1:11:14 PM By Stu Sjouwerman

The rate at which cyberattacks are increasing are being noticed by both their victims and the FBI, who are seeing more people affected by online crimes and scams.

Security Awareness Training Blog

Phishing Blog

View Topics