Phishing Kits Undergo an Evolution in Feature Set, Demand, and Branding

Dec 4, 2023 10:33:44 AM By Stu Sjouwerman

Now being commonly referred to as “Scama” – short for Scamming Method – these kits are being sold promoting highly advanced feature sets, turning the novice scammer into a pro.

Guarding Against the Rise of QR Code Phishing Attacks: How to Protect Yourself and Your Organization

Dec 4, 2023 10:33:41 AM By Stu Sjouwerman

In the ever-evolving landscape of cyber threats, scammers and hackers are relentless in exploiting every avenue of communication. From emails to texts, calls to QR codes, malicious actors ...

[On-Demand Webinar] Combatting Rogue URL Tricks: Quickly Identify and Investigate the Latest Phishing Attacks

Dec 4, 2023 8:00:00 AM By Stu Sjouwerman

Everyone knows you shouldn’t click phishy links. But are your end users prepared to quickly identify the trickiest tactics bad actors use before it’s too late? Probably not.

Security Awareness Training Can Help Defeat Deepfake and AI Phishing

Dec 1, 2023 12:26:58 PM By Roger Grimes

There is no doubt that more pervasive deepfake and AI technologies will make for more realistic, sophisticated, phishing attacks, and add to an already huge problem.

Vishing Gang Takes Victims for “Tens of Millions” Using Little More than Social Engineering

Dec 1, 2023 12:26:52 PM By Stu Sjouwerman

Czech and Ukrainian police have arrested six individuals responsible for a call center-based vishing scam designed to trick victims into thinking they were already victims of fraud.

The Israel-Hamas Conflict is the Latest Example of Phishing Attacks Taking Advantage of Current Events

Nov 30, 2023 11:12:12 AM By Stu Sjouwerman

Using something as simple as an attachment with an Israel/Hamas-related filename seems to be all it takes for new social engineering attacks disguised as donation confirmations.

Criminals Are Cautious About Adopting Malicious Generative AI Tools

Nov 30, 2023 11:12:08 AM By Stu Sjouwerman

Researchers at Sophos have found that the criminal market for malicious generative AI tools is still disorganized and contentious.

Top Four Security Tips for Cyber Safety on National Computer Security Day

Nov 30, 2023 8:00:00 AM By Erich Kron

To celebrate National Computer Security Day, which is recognized on November 30 every year, KnowBe4 encourages all IT and security professionals to train their workforce how to stay safe ...

No One Knows How Online Pharmacy Company was Hit with a Data Breach Impacting 2.3 Million Customers

Nov 29, 2023 10:56:21 AM By Stu Sjouwerman

This is a cautionary tale of both how your data can legally end up in the hands of an organization you never intended and how victims can be largely left in the dark post-breach.

QR Code Phishing Campaigns on the Rise

Nov 29, 2023 10:55:48 AM By Stu Sjouwerman

There’s been a “precipitous rise” in QR code phishing campaigns in 2023, according to Matthew Tyson at CSO.

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Nov 29, 2023 8:00:00 AM By Stu Sjouwerman

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

Users Fall for Smishing Attacks 6-10 Times More Than Email-Based Attacks

Nov 28, 2023 12:20:35 PM By Stu Sjouwerman

With organizations heavily focusing on protecting the corporate endpoint, cybercriminals are switching focus onto mobile devices where users are more prone to fall for their social ...

Who Knew Neanderthals were so High-Tech?

Nov 28, 2023 12:20:27 PM By Stu Sjouwerman

Researchers at ESET describe various types of scams launched by users of Telekopye, a telegram bot that assists in crafting social engineering attacks.

Initial Access Broker Activity Doubles in One Year’s Time

Nov 27, 2023 2:00:13 PM By Stu Sjouwerman

New data sheds light on just how active the Initial Access Broker (IAB) business is, and the growth uncovered doesn’t bode well for potential victim organizations.

Huntress Finds Business Email Compromise (BEC) Increases In Q3, 2024

Nov 27, 2023 2:00:05 PM By Stu Sjouwerman

Huntress has released a report finding that business email compromise (BEC) attacks have risen in the third quarter of 2023.

New Data Covers How the Retail Market is at Greater Risk of Industry-Specific Cyberthreats

Nov 22, 2023 4:04:08 PM By Stu Sjouwerman

A new analysis of the retail market’s threat landscape discusses the challenges faced by this industry and what threat tactics are being used to take advantage of retail’s cyber ...

Digital Skimming Increases by 50%, Just in Time for the Holiday Season

Nov 22, 2023 4:03:50 PM By Stu Sjouwerman

Security researchers identify growth in the use of an ongoing cyberskimming campaign that involves compromising legitimate website checkout code.

Phishing Attacks Expected to More Than Double During the Black Friday and Cyber Monday Shopping Week

Nov 22, 2023 2:13:32 PM By Stu Sjouwerman

Another day, another warning about holiday scams! Lookout Inc., a data-centric cloud security company, is warning employees and businesses that phishing attacks are expected to more than ...

Visa Warns of Increased Phishing Scams During Holiday Season

Nov 22, 2023 2:13:10 PM By Stu Sjouwerman

Visa Payment Fraud Disruption (PFD) expects phishing attacks to increase between November 2023 and January 2024. Findings in its Holiday Edition Threats Report outline the popular fraud ...

Old Bloomberg Crypto Account Bio Link Used in Discord Phishing Attack

Nov 21, 2023 4:25:38 PM By Stu Sjouwerman

Scammers used an outdated link found in an X (formerly Twitter) account belonging to Bloomberg Crypto to send users to a phishing site designed to steal Discord credentials, ...

Security Awareness Training Blog

Phishing Blog

View Topics