Europol Finds Majority of Attack Groups Rely on Spear Phishing as Primary Infection Vector

Dec 4, 2019 6:52:41 AM By Stu Sjouwerman

A new report from Europol’s European Cybercrime Center (EC3) breaks down how targeted phishing attacks are being done, and how to avoid becoming a victim.

Gift Card Scams are Decreasing in Light of Other Business Email Compromise Scams

Dec 4, 2019 6:48:49 AM By Stu Sjouwerman

New data from email security vendor Agari shows Business Email Compromise (BEC) attacks shifting tactics last quarter, in favor of scams resulting in larger payouts.

Identity Deception-Based Phishing Attacks Show an Increase in Impersonating Individuals

Dec 4, 2019 6:45:59 AM By Stu Sjouwerman

The use of impersonating a person or brand as part of an attack in on the rise, giving attackers the upper hand, establishing instant credibility and lowering the defenses of the ...

Phishing for Gamers Uses A Fake Skin Giveaway

Dec 4, 2019 6:42:02 AM By Stu Sjouwerman

BleepingComputer warns that a fake Steam skin giveaway site is stealing users’ Steam credentials. The site appears to be running a 26-day promotion giving away free skins for ...

Netflix "Account Freeze" Phishing Campaign In The Wild

Dec 3, 2019 6:26:54 AM By Stu Sjouwerman

A Netflix phishing scam is going after users’ payment information and Netflix credentials, according to Naked Security. The phishing emails inform recipients that they’ve missed a payment ...

Over Half of SMBs Experience Phishing and Social Engineering Attacks

Dec 2, 2019 7:00:00 AM By Stu Sjouwerman

The assertion that SMBs aren’t a cyber-target is officially dead. SMBs are victims of the very same attacks as enterprises in growing numbers, according to new research.

Merchant fined for failing to train employees — Former NYDFS Superintendent Vullo Talks About Cybersecurity Regs

Nov 30, 2019 1:09:56 PM By Stu Sjouwerman

Mark Harrop, Director of Communications, Corporates at Thomson Reuters made me aware of a very interesting interview with Maria Vullo, the former Superintendent of New York’s Department ...

‘Professional’ ransomware gang targets 1,800 large organizations worldwide, Dutch investigators find

Nov 30, 2019 12:40:01 PM By Stu Sjouwerman

Filip Truta at Bitdefender blogged: "A confidential report from the Netherlands’ National Cyber Security Center warns that ransomware operators are targeting at least 1,800 large ...

Phishing scams on the up in the Netherlands

Nov 30, 2019 12:30:08 PM By Stu Sjouwerman

Mina Solanki, an expat in Holland wrote: "After years of declining, phishing is on the up. In 2018, the (monetary) damage caused by it had almost quadrupled compared to previous years. ...

Google Sent 12K Nation-State Phishing Warnings In Three Months

Nov 27, 2019 6:54:24 AM By Stu Sjouwerman

Google's Threat Analysis Group (TAG) delivered thousands of alerts of government-backed attempts to spearphish gmail users over just a three-month period earlier this year, they reported.

Click Confessions of a Security Expert

Nov 26, 2019 7:00:00 AM By Perry Carpenter

As a “human security” expert, I used to take a lot of pride in my well-honed security hygiene. Yeah… that all ended back in early 2017 when I joined KnowBe4. You see, up until that time, ...

Phishing Simulations Should be Educational, not Punitive

Nov 25, 2019 10:46:55 AM By Stu Sjouwerman

Phishing training programs need to be focused on educating employees rather than on shaming them, according to David Spark and Allan Alford, co-hosts of the Defense in Depth podcast. On ...

They Know If You've Been Bad or Good...

Nov 25, 2019 10:39:53 AM By Eric Howes

Like most of the rest of us, malicious actors the world over love the holidays. It's a prime season to run social engineering schemes on users who are already of a mind to open their ...

[Heads-up. This Is Ugly] After Refusing The Maze Ransomware Payment, Their Stolen Data Was Leaked

Nov 22, 2019 6:47:54 AM By Stu Sjouwerman

After a deadline was missed for receiving a ransom payment, the group behind Maze Ransomware has published almost 700 MB worth of data and files stolen from a security staffing firm. Our ...

An Australian Watering Hole (but in Canberra, not the Outback)

Nov 20, 2019 7:12:14 AM By Stu Sjouwerman

The Australian Federal Parliament suffered a malware infection earlier this year after some users fell victim to a watering hole attack, the Australian Broadcasting Corporation (ABC) ...

Cybercriminal Gang, Silent Starling, Creates New ‘Vendor Email Compromise’ Category

Nov 19, 2019 2:38:04 PM By Stu Sjouwerman

New attacks focus on organizations with global supply chains looking to trick a supplier’s customers into paying fake invoices and have already impacted 500 organizations worldwide.

Now HERE is an interesting Phishing Campaign!

Nov 19, 2019 8:51:01 AM By Stu Sjouwerman

It's a phishing campaign against phishing campaigns! :-D It's a public service program that educates organizations and societies globally on the greatest cyber risk of all - the falsehood ...

Ransomware Attack Hits Louisiana State Servers

Nov 19, 2019 8:43:15 AM By Stu Sjouwerman

Louisiana Governor John Bel Edwards on Monday revealed that a ransomware attack hit state servers, prompting a response from the state’s cyber-security team. The incident appears to have ...

Real Estate Scams Have Gone Global. Bad Guys Caused Tens of Thousands of Dollars Damage Down Under

Nov 18, 2019 3:32:04 PM By Stu Sjouwerman

Scammers hijacked a total of $70,000 by imitating an Australian settlement agent’s email address, and then tricking two property buyers into sending the money to the wrong account, Perth ...

A Majority of Organizations Experience Breaches Despite a Majority Saying They Are Prepared to Defend Against Them

Nov 18, 2019 7:00:00 AM By Stu Sjouwerman

The mismatch of signals by IT organizations shows a potential overestimation on IT’s part about its ability to prevent and protect against new cyberthreats.

Security Awareness Training Blog

Phishing Blog

View Topics