Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Phishing Emails on the Rise as Spear Phishing Continues to Return Bigger Payouts

Jan 7, 2020 8:59:42 AM By Stu Sjouwerman
New data from Microsoft Security Insights sheds some needed light on exactly what the bad guys are doing and how they’re shifting tactics. Sometimes it feels like the bad guys are ...
Continue Reading

Smishing and Deepfakes Top the List of Cyber Attack Methods Expected in 2020

Jan 7, 2020 8:54:30 AM By Stu Sjouwerman
You want to know what to expect from data breaches, phishing attacks, and other calculated methods in 2020? There’s no better source than Experian’s seventh-annual Data Breach Industry ...
Continue Reading

New TrickBot Malware Attack Leverages Google Drive to Deliver Its Payload and Ensure Infection

Jan 7, 2020 8:37:59 AM By Stu Sjouwerman
New details from Palo Alto Network’s Unit 42 research team show TrickBot rearing its ugly head once again, using legitimate cloud services – and employee greed – as its path to success. ...
Continue Reading

Penn State Warns of Spear Phishing Attacks

Jan 7, 2020 8:30:37 AM By Stu Sjouwerman
Penn State is warning its community about a recent spike in phishing attacks targeting the university’s employees. Attackers are sending emails posing as real Penn State employees and ...
Continue Reading

Security Generation Gaps

Jan 6, 2020 8:48:51 AM By Stu Sjouwerman
People from different generations tend to approach cybersecurity differently. Organizations should tailor their security programs and phishing tests with this in mind. According to Azeem ...
Continue Reading

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Jan 3, 2020 2:27:46 PM By Stu Sjouwerman
Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. ...
Continue Reading

Seven Kinds of Malware, and all Arrive by Social Engineering

Jan 3, 2020 9:25:59 AM By Stu Sjouwerman
Naked Security outlines seven different categories of malware and describes how each of them through social engineering techniques can affect your organization. Some or all of these ...
Continue Reading

Global Climate Change Phishbait

Jan 3, 2020 8:54:43 AM By Stu Sjouwerman
A number of phishing campaigns have been using Christmas-themed emails encouraging recipients to support climate activist Greta Thunberg, according to Paul Ducklin at Naked Security. ...
Continue Reading

More Fake Windows 10 Updates Spell Hefty Ransoms for Victims

Jan 3, 2020 7:00:00 AM By Stu Sjouwerman
With Windows 7 ending support this month, organizations moving to or already on Windows 10 need to be wary of “update” phishing scams intent on installing ransomware.
Continue Reading

New Report Shows the Success of Business Email Compromise Come from a Calculated Attack Approach

Jan 3, 2020 7:00:00 AM By Stu Sjouwerman
The newest data from security vendor Barracuda provides insight into exactly how attackers execute BEC attacks and what makes them so successful.
Continue Reading

[Heads-up] Sextortion Crime Gang Now Uses New Tactics To Bypass Your Spam Filters

Jan 3, 2020 7:00:00 AM By Stu Sjouwerman
In a business environment, employees use Google Translate on a regular basis to get access to documents they need to work with, or websites that are in another language.
Continue Reading

Cities and Governments are the Latest Target in a New “Leakware” Attack

Jan 3, 2020 7:00:00 AM By Stu Sjouwerman
This new type of attack focuses on threatening to steal and publish data on the web, asking for a ransom to be paid to keep the attackers from doing so.
Continue Reading

Online Credential Scam Becomes a Phone Port Attack and then Turns into a Sextortion Scam

Jan 3, 2020 7:00:00 AM By Stu Sjouwerman
If experiencing a single cyberattack isn’t enough, this complex attack that shifted mid-stream demonstrates how attackers take advantage of victim details as an attack unfolds.
Continue Reading

FBI Warns U.S. Companies About Maze Ransomware

Jan 2, 2020 4:13:36 PM By Stu Sjouwerman
The FBI is warning U.S. companies about a series of recent ransomware attacks in which the perpetrator, sometimes posing as a government agency, steals data and then encrypts it to ...
Continue Reading

Phishing Remains the Most Widespread Risk

Jan 2, 2020 8:27:21 AM By Stu Sjouwerman
As organizations look to improving their defenses, it’s worth remembering that attackers usually get through those defenses by manipulating the human beings those security measures are in ...
Continue Reading

The Good, the Better, and the Best in Information Security

Dec 31, 2019 12:16:27 PM By James McQuiggan
Every day, there is news about the latest data breaches, phishing attacks, the number of records that were exposed, how organizations are not doing enough to protect themselves. All of ...
Continue Reading

Tax Season Warning: the IRS on Social Engineering

Dec 31, 2019 8:25:18 AM By Stu Sjouwerman
We have had occasion to warn of this before, but as 2020 begins and April 15th approaches, it may be worth another mention. The US Internal Revenue Service wants taxpayers to keep a sharp ...
Continue Reading

Major Dutch University Still Fighting Ransomware Downtime; Expert Says Russian Hacker Group Responsible

Dec 30, 2019 10:53:39 AM By Stu Sjouwerman
Major Dutch Maastricht University was still trying to recover from a crippling cyber attack nearly a week after the university's computer systems were infected by ransomware. New ...
Continue Reading

Phishing in a Port

Dec 30, 2019 10:49:03 AM By Stu Sjouwerman
Among the ransomware that caused so much disruption in the latter half of 2019 was the strain known as Ryuk, and Ryuk has typically been spread by phishing. According to ZDNet, a recent ...
Continue Reading

PayPal Scammers Want More than Just Your PayPal Credentials

Dec 27, 2019 9:30:25 AM By Stu Sjouwerman
Researchers at ESET have come across phishing sites that try to steal PayPal logins along with a wide range of personal and financial information. The scam begins with phishing emails ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews