Credential Phishing With a Masked URL

Oct 23, 2019 5:55:49 AM By Stu Sjouwerman

Cofense warns of a phishing campaign going after credentials for the Stripe online payment platform. The attackers are sending emails purporting to be from Stripe Support, telling the ...

Q3 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]

Oct 22, 2019 7:28:00 AM By Stu Sjouwerman

KnowBe4 reports on the top-clicked phishing emails by subject lines each quarter in three different categories: subjects related to social media, general subjects, and 'In the Wild' - we ...

Smishing and Carrier Impersonation

Oct 22, 2019 6:47:08 AM By Stu Sjouwerman

While most phishing campaigns involve email, SMS text messages are an ideal alternative for attackers, according to Paul Ducklin at Naked Security. Text messages are brief and uniform in ...

Alexa and Google Home abused to eavesdrop and phish passwords

Oct 21, 2019 9:35:05 AM By Stu Sjouwerman

Ars Technica is on a roll lately with some very good articles! Here is another one that made me go "Yikes!"

A Lawyer's Look at "Big Game Phishing"

Oct 17, 2019 6:50:18 AM By Stu Sjouwerman

Ransomware attacks have increasingly been going after high-value data in order to extract larger ransoms from victims, according to the well-known law firm Cooley. This trend was ...

Microsoft Recommends: "Top 6 Email Security Best Practices"... And One Of Them Is Phishing Simulations

Oct 17, 2019 6:11:20 AM By Stu Sjouwerman

Girish Chander, Microsoft's Group Program Manager of Office 365 Security wrote an excellent post on their blog titled "Top 6 email security best practices to protect against phishing ...

I Can Phish Anyone

Oct 15, 2019 7:30:00 AM By Roger Grimes

I’m a bit surprised by some aggressive corporate anti-phishing policies which say they will fire anyone for one accidental phishing offense. Send me the names and email addresses of the ...

CRN: "Kevin Mandia -- Detect Spear Phishing, Lock Down CEO Email To Stay Safe"

Oct 15, 2019 7:10:57 AM By Stu Sjouwerman

Michael Novinson at CRN had a great article that really explains the issues we are dealing with. He started out with: "Spear phishing remains the most common way for adversaries to ...

Extremely Embarrassing 250,000-record Data Breach At Hookers.nl

Oct 14, 2019 10:50:12 AM By Stu Sjouwerman

The data of 250,000 users of Hookers.nl, a forum where experiences with prostitutes and escorts are exchanged, have been stolen and offered for sale on the internet. It concerns e-mail ...

Why Hack When You Can Con?

Oct 14, 2019 9:42:25 AM By Stu Sjouwerman

U.S. Organizations Involved with Nuclear Deterrence are the Target of North Korean Phishing Attacks

Oct 14, 2019 7:00:00 AM By Stu Sjouwerman

Using some very sophisticated methods, the Kimsuky group is believed to be behind a spear phishing campaign aimed at stealing U.S. secrets.

Universities Worldwide are the Target of Phishing Attacks by a Hacking Group Aimed at Stealing Research and Intellectual Property

Oct 11, 2019 7:17:19 AM By Stu Sjouwerman

The Iranian hacker group dubbed Colbalt Dickens has hit over 60 universities around the globe attempting to steal credentials to provide access to sensitive data.

Cybercriminals Leverage the U.K.’s Strong Customer Authentication Requirement in a New String of Phishing Attacks

Oct 10, 2019 7:00:00 AM By Stu Sjouwerman

Attackers are taking advantage of the requirement to secure online shopping and banking transactions processed within the U.K. to gather personal details of consumers and users alike.

Brand-New: Multi-Factor Authentication Security Assessment Tool Helps Assess Your Organization's MFA Vulnerabilities

Oct 9, 2019 9:52:00 AM By Stu Sjouwerman

You already know that using multi-factor authentication (MFA) can decrease your cybersecurity risk, and certainly is a much stronger defense compared to using traditional passwords alone. ...

Chinese State-Sponsored Phishing

Oct 9, 2019 7:15:59 AM By Stu Sjouwerman

A sophisticated threat group is going after a variety of industries using spearphishing and an arsenal of malware, according to Nalani Fraser and Fred Plan from FireEye. Fraser and Plan ...

Is Cyberinsurance a Reason for the Rise in Ransomware Attacks?

Oct 9, 2019 7:00:36 AM By Stu Sjouwerman

Are cybercriminals counting on the victim’s simple cost-to-benefit decision to have their cyber-insurer pay the ransom? And, if so, are they targeting companies with cyberinsurance?

Casbaneiro is the Hook in Alt-Coin Phishing

Oct 9, 2019 7:00:00 AM By Stu Sjouwerman

The Casbaneiro banking Trojan is going after Latin American victims’ cryptocurrency, Verdict reports. It’s being distributed via phishing emails which trick victims into downloading a ...

Fall LinkedIn Job Postings Are a Prime Vehicle for Job Scams, Cyber Attacks

Oct 9, 2019 6:56:31 AM By Stu Sjouwerman

LinkedIn says the Fall hiring season is very hot right now. With more than 20 million jobs posted, LinkedIn is the perfect way for scammers to trick users into becoming victims.

Phishing Awareness: Considerations for Schools

Oct 7, 2019 7:14:14 AM By Stu Sjouwerman

Educating students and staff about phishing attacks is essential to protecting schools, according to Matt Britland, Director of IT and digital strategy at Alleyn’s School in London. In an ...

Amazon, Paypal, and Gmail Users are the Latest Target in a Sophisticated Multistage Phishing Attack

Oct 7, 2019 7:08:20 AM By Stu Sjouwerman

The latest attack, dubbed “Heatstroke” uses new target-specific phishing kits that may be sold as a “phishing-as-a-service” using new techniques to avoid leaving a trail.

Security Awareness Training Blog

Phishing Blog

View Topics