Hacked Customer Support Portal Being Used to Send Phishing Emails

Jul 2, 2024 1:55:30 PM By Stu Sjouwerman

A hacked customer support portal belonging to router manufacturer Mercku is being used to respond to customer queries with phishing emails, BleepingComputer reports.

Russian Threat Actor Launches Spear Phishing Attacks Against French Diplomats

Jun 27, 2024 1:46:32 PM By Stu Sjouwerman

France’s cybersecurity agency ANSSI has issued an alert outlining a Russian spear phishing campaign targeting French diplomats, the Record reports. The agency attributes the campaign to ...

FBI Warns of Phishing Campaign Targeting the Healthcare Industry

Jun 27, 2024 1:46:27 PM By Stu Sjouwerman

The US FBI and the Department of Health and Human Services (HHS) have released a joint advisory warning of a social engineering campaign that’s targeting the healthcare industry.

The Double-Edged Sword of AI: Empowering Cybercriminals and the Need for Heightened Cybersecurity Awareness

Jun 26, 2024 2:33:03 PM By Javvad Malik

The BBC recently reported that Booking.com is warning that AI is driving an explosion in travel scams. Up to 900% in their estimation - making it abundantly clear that while AI can be a ...

Simulated Phishing Tests Matter

Jun 26, 2024 1:51:18 PM By Roger Grimes

If you had to choose between regular cybersecurity training and simulated phishing testing, the data shows you should choose simulated phishing tests.

Phishing Attacks in the UK Have Surged

Jun 25, 2024 10:15:22 AM By Stu Sjouwerman

Over 11 million phishing attacks have been reported to the UK’s Suspicious Email Reporting Service (SERS) over the past year, according to new data from Action Fraud. The UK’s National ...

BEC Attacks Accounted for More Than One in Ten Social Engineering Attacks in 2023

Jun 24, 2024 9:21:30 AM By Stu Sjouwerman

A new report from Barracuda has found that email conversation hijacking attacks have risen by 70% since 2022. Additionally, business email compromise (BEC) attacks accounted for 10.6% of ...

The Indispensable World of Red Teaming

Jun 20, 2024 11:35:56 AM By Javvad Malik

In this mad, mad world of breaches, organizations are scrambling to keep their heads above water. It's like trying to navigate a minefield while blindfolded and riding a unicycle — one ...

Brazilian Entities Increasingly Targeted by Nation-State Phishing Attacks

Jun 18, 2024 1:58:40 PM By Stu Sjouwerman

Mandiant has published a report looking at cyber threats targeting Brazil, finding that more than 85% of government-backed phishing activity comes from threat actors based in China, North ...

The Overlooked Truth: User Experience in Cybersecurity

Jun 18, 2024 1:58:36 PM By Javvad Malik

We live in a world where the term "cybersecurity" tends to make folks either shiver with anxiety or yawn with boredom. The narrative has always been about hacking, phishing, and all sorts ...

[Heads Up] Tricky Fake Invoice Phishing Attack Uses Search to Deliver Malware

Jun 17, 2024 3:16:07 PM By Stu Sjouwerman

Researchers at Trustwave warn that a phishing campaign is distributing malware via HTML attachments disguised as invoices. Notably, the HTML files abuse the Windows Search protocol to ...

No Politician Too Small: School Board Candidates Targeted By Phishing and BEC Scams

Jun 17, 2024 3:15:49 PM By Stu Sjouwerman

Cybercriminals are broadening their targets to include even local political candidates, as an escalating series of phishing attacks was recently directed at school board candidates in ...

Unmasking the Threat: Why Phishing Scams are Surging in Japan

Jun 15, 2024 10:11:49 AM By Stu Sjouwerman

Japan has a large number of Forbes Global 2000 corporations--more than the UK, Germany, and France combined. Despite this economic strength, Japan faces an alarming and growing threat ...

Phishing Campaign Targets Job Seekers With WARMCOOKIE Backdoor

Jun 14, 2024 3:47:55 PM By Stu Sjouwerman

A phishing campaign is impersonating recruiting firms to target job seekers with a new strain of malware, according to researchers at Elastic Security.

The Global Reach of Cyber Threats: Why Security Awareness Training is More Important Than Ever

Jun 14, 2024 3:47:49 PM By Javvad Malik

Based on news cycles within cybersecurity, it's easy to fall into the trap of thinking that threats only come from certain parts of the world or that they only target specific industries. ...

Cybercriminals Use New V3B Phishing Kit to Mimic 54 Different Banks in the European Union

Jun 13, 2024 2:32:39 PM By Stu Sjouwerman

A new phishing-as-a-service toolkit that leverages credential interception and anti-detection capabilities has put EU banks at severe risk of fraud.

Phishing With Deepfakes for HK$200 Million

Jun 13, 2024 2:29:59 PM By Martin Kraemer

My hacker story occurred not too long ago at the Hong Kong office of an undisclosed multinational corporation. The hackers pulled off a first-of-its-kind scam that leveraged a phishing ...

New Research Shows An Alarming Trend of Phishing Attacks Doubling For US and European Organizations

Jun 12, 2024 3:25:33 PM By Stu Sjouwerman

Cybercriminals never sleep, and their aim keeps getting better. According to new research from Abnormal Security, phishing attacks targeting organizations in Europe shot up by a ...

Sinister "More_eggs" Malware Cracks Into Companies by Targeting Hiring Managers

Jun 11, 2024 11:54:29 AM By Stu Sjouwerman

Job seekers, beware - cybercriminals have a nasty new way to slide their malicious code on corporate networks. Researchers have uncovered a devious phishing campaign that's distributing ...

DarkGate Malware Being Spread Via Excel Docs Attached To Phishing Emails

Jun 11, 2024 8:00:00 AM By Stu Sjouwerman

A phishing campaign is spreading the DarkGate malware using new techniques to evade security filters, according to researchers at Cisco Talos.

Security Awareness Training Blog

Phishing Blog

View Topics