Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For

Jan 9, 2024 9:24:06 AM By Stu Sjouwerman

Verizon has published an article outlining various forms of social engineering attacks, including SMS/text messaging phishing (smishing), voice phishing (vishing), and spear phishing ...

Black Basta Ransomware Decryptor Released to Help Some Victims

Jan 5, 2024 1:19:14 PM By Stu Sjouwerman

A flaw found by security researchers in the encryption software allows victim organizations to use “Black Basta Buster” to recover some of their data – but there’s a catch.

Beware of Fraudulent Charge Messages

Jan 5, 2024 1:19:09 PM By Roger Grimes

Be careful of emails, SMS messages, or calls claiming to be from your bank about your card being used fraudulently. If this ever happens, call the phone number on the back of your card.

Phishing Reigns as the Most Likely and Most Feared Cyber Attack

Jan 5, 2024 9:00:05 AM By Stu Sjouwerman

With over half of organizations being the victim of password-based attacks in the last year, new data sheds light on the risk of phishing attacks and the use of password-based credentials.

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Jan 4, 2024 8:00:00 AM By Stu Sjouwerman

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

Lockbit 3.0 Ransomware Disrupts Emergency Care at Multiple German Hospitals

Jan 3, 2024 10:57:52 AM By Stu Sjouwerman

Hitting three hospitals within a Germany-based hospital network, the extent of the damage in this confirmed ransomware attack remains undetermined but has stopped parts of operations.

New Research: Phishing Attacks Stole $295 Million In Crypto In 2023

Jan 3, 2024 8:12:02 AM By Stu Sjouwerman

Researchers at Scam Sniffers have found that phishing attacks stole nearly $295 million worth of cryptocurrency from 324,000 victims in 2023, CryptoSlate reports. The cryptocurrency is ...

A Dream Team Security Awareness Training Program?

Jan 2, 2024 1:29:27 PM By Roger Grimes

Every person and organization is different and requires slightly different methods and ways of learning. But every person and organization can benefit by more frequent security awareness ...

Impersonation Attack Data Breaches Predicted to Increase in 2024

Dec 28, 2023 1:30:00 PM By Stu Sjouwerman

With so much of an attack riding on a cybercriminals ability to gain access to systems, applications and data, experts predict the trend of rising impersonation is only going to get worse.

U.K. Government 'Ill-Prepared' to Deal With High Risk of Catastrophic Ransomware Attacks

Dec 28, 2023 11:06:43 AM By Stu Sjouwerman

A new report from the U.K. government’s Joint Committee on the National Security Strategy (JCNSS) outlines both just how likely an attack on critical national infrastructure is and where ...

[Heads Up] SMTP Smuggling - How It Easily Circumvents Your Email Defenses

Dec 28, 2023 8:00:00 AM By Stu Sjouwerman

A newly-discovered technique misusing SMTP commands allows cybercriminals to pass SPF, DKIM and DMARC checks, allowing impersonated emails to reach their intended victim.

We Do What We Are Trained To Do

Dec 27, 2023 3:45:17 PM By Roger Grimes

When I was young, I was an oceanfront lifeguard, firefighter and EMT paramedic. All disciplines involved frequent education and training.

Ransomware Attacks Rise 85% Compared to the Previous Year

Dec 27, 2023 1:00:00 PM By Stu Sjouwerman

With November demonstrating multiple increases when compared to various previous time periods, new data signals that we may be in for a bumpy ride in 2024.

Cyber Scammers Beef Up the Number of Fake Delivery Websites Just in Time for Christmas

Dec 27, 2023 10:58:02 AM By Stu Sjouwerman

Cybersecurity researchers at Group-IB have identified a single scam campaign leveraging over 1500 websites impersonating postal carriers and shippers leading up to Christmas this year.

Missing the Lock Icon in Chrome’s Address Bar? It’s a Move to Make You More Secure

Dec 21, 2023 1:30:00 PM By Stu Sjouwerman

In response to what Google calls “over trust” in the web address lock icon to indicate that a site is authentic and its’ communications are secure, they’ve swapped the lock out in an ...

Underground Cyber Crime Marketplaces are Now Showing Up on the Open Web

Dec 21, 2023 1:00:00 PM By Stu Sjouwerman

Marketplaces such as OLVX are shifting from the dark web to the open web to take advantage of traditional web services to assist in marketing to and providing access to new customers.

Interest in AI-Generated ‘Undressing’ Increases 2000% as it Becomes a Mainstream Online Business

Dec 21, 2023 12:30:00 PM By Stu Sjouwerman

The advent of non-consensual intimate imagery (NCII) as a monetized business on the Internet has shifted pornography into the realm of undressing anyone you like.

Cancer Center Patients Become Attempted Victims of Data Extortion

Dec 21, 2023 11:44:36 AM By Stu Sjouwerman

Cybercriminals of the lowest kind breached as many as 800,000 patients and then sent emails threatening to sell their data if they didn’t pay a fee to block it from selling.

“Mr. Anon” Infostealer Attacks Start with a Fake Hotel Booking Query Email

Dec 20, 2023 11:52:39 AM By Stu Sjouwerman

This new attack is pretty simple to spot on the front, but should it be successful in launching its’ malicious code, it’s going to take its victims for everything of value they have on ...

Holiday Scams Include Thousands of Impersonation Phishing Domains per Brand

Dec 19, 2023 11:23:04 AM By Stu Sjouwerman

Midstride in this year’s holiday shopping, it’s important to realize just how many websites exist that impersonate legitimate online retailers. More importantly, your users need to know ...

Security Awareness Training Blog

Phishing Blog

View Topics