Scammers Use a $100 Amazon Gift Card to Deliver the Banking Trojan Dridex to Their Victims

Dec 31, 2020 10:16:06 AM By Stu Sjouwerman

It appears the holidays aren’t without a cyber-grinch, as attackers use the lure of free money in the form of a gift card as an easy means to trick victims into infecting their own ...

2020 Top Phishing and Vishing Attacks And Trends

Dec 31, 2020 10:06:25 AM By Roger Grimes

It’s an extra challenging year, harder than most, to choose the most impactful cybersecurity events. The year ended with a bang – the Solarwinds supply chain attack – which possibly ...

What You Need to Know About DMARC

Dec 29, 2020 10:13:23 AM By Stu Sjouwerman

It's true - not enough organizations utilize DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But before you implement ...

BEC Attacks Nearly Doubled in 2020

Dec 29, 2020 8:25:24 AM By Stu Sjouwerman

A new report from Barracuda Networks found that business email compromise (BEC) attacks have nearly doubled over the past year. These attacks made up 12% of all spear phishing attacks in ...

Cybercriminals Attempt to Exploit Australian Fears on COVID-19

Dec 28, 2020 10:03:02 AM By Stu Sjouwerman

The bad guys are attempting to take advantage of Australian fears of COVID-19 in 2021. The National Identity and Cyber Support Service of Australia and New Zealand ID Care recently warned ...

A Friend Needs Money Urgently? You're Probably Getting Scammed

Dec 28, 2020 9:26:22 AM By Stu Sjouwerman

People need to be on the lookout for phishing attacks sent from legitimate but compromised social media accounts, according to Paul Ducklin at Naked Security. Ducklin describes a scam ...

How Can You Be More at Risk With MFA?

Dec 23, 2020 1:43:26 PM By Roger Grimes

In my recent comment on the Solarwinds’ cyber attack, I made the claim that using multifactor authentication (MFA) can sometimes make you more at risk than using a simple login name and ...

Private Online Shopping Risks Affect Businesses, Too

Dec 23, 2020 10:00:26 AM By Stu Sjouwerman

Consumers aren’t the only ones who can be victimized by social engineering attacks while shopping online, according to Arab News. Employees who use work devices for personal shopping are ...

FireEye's Mandia on SolarWinds hack: 'This was a sniper round'

Dec 22, 2020 11:16:19 AM By Stu Sjouwerman

Joe Warminsky at Cyberscoop wrote: "The foreign espionage operation that breached several U.S. government agencies through SolarWinds software updates was unique in its methods and ...

Just 8% of U.K. Firms Offer Regular Security Training

Dec 22, 2020 11:06:01 AM By Stu Sjouwerman

A majority of UK businesses are failing to adequately train their remote working employees to spot security threats, according to new research from iomart. The cloud services company ...

[HACK ALERT] Here Is A Whole New Way Cyber Criminals Empty Out Your Bank Account

Dec 22, 2020 10:46:07 AM By Stu Sjouwerman

Researchers at IBM discovered a brand new type of massive banking fraud campaign that raked in millions of dollars over the course of a few days before it was put to a stop.

No, it's not You in the Facebook Video... it's a Phishing Link

Dec 21, 2020 8:28:13 AM By Stu Sjouwerman

Scammers are using compromised Facebook accounts to circulate phishing attack to the hacked accounts’ friends, according to Paul Ducklin at Naked Security. The links are sent via Facebook ...

New Office 365 Credential Scam Uses a Received Fax to Trick Victims

Dec 18, 2020 8:22:43 AM By Stu Sjouwerman

A clever mix of brand impersonation, a supposedly received message, a thumbnail preview, and new spoofed Office 365 logon pages are all that’s needed to trick victims into giving up ...

[INFOGRAPHIC] Holiday Phishing Red Flags to Watch Out For

Dec 17, 2020 8:26:15 AM By Stu Sjouwerman

Phishing attacks never slow down during the holiday season. Experian reported that 1 in 4 victims fell victim to fraud during the holidays.

Learning More on Social Engineering Tactics are the Key to Preventing Phishing Expeditions

Dec 17, 2020 8:24:48 AM By Stu Sjouwerman

Understanding social engineering attacks is the key to thwarting them, according to Juan Badell and Russell Petrich, content designers for Sophos’s phishing simulation service. Badell and ...

University-themed Phishbait Angles for Students

Dec 16, 2020 8:21:15 AM By Stu Sjouwerman

Researchers at Zix have observed phishing emails sent from legitimate but compromised university email accounts, impersonating the university’s IT department. The emails notified users ...

Facebook Describes APT32 Social Engineering Campaign

Dec 15, 2020 8:31:31 AM By Stu Sjouwerman

Facebook’s security team has taken action against a phishing operation run by APT32 (also known as OceanLotus), a threat actor associated with the Vietnamese government. Facebook says the ...

[HEADS UP] New York DMV Warns of Phishing Attack

Dec 14, 2020 1:00:36 PM By Stu Sjouwerman

According to the Press Republican, the New York State Department of Motor Vehicles warned New Yorkers last Friday of ongoing SMS phishing (aka smishing) attack.

Zoom Phishing is Still Rampant

Dec 14, 2020 10:04:05 AM By Stu Sjouwerman

Cybercriminals are still using Zoom and other conferencing platforms as phishbait, according to Zlati Meyer at Fast Company. This phishing theme isn’t likely to let up any time soon, so ...

Shame! Shame! I Got Phished

Dec 14, 2020 8:00:00 AM By Roger Grimes

I can’t be phished. At least that’s what I used to believe.

Security Awareness Training Blog

Phishing Blog

View Topics