Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Phishing Attack Targets Humanitarian Organizations

Oct 28, 2019 7:01:01 AM By Stu Sjouwerman
Researchers at Lookout have discovered an ongoing phishing campaign targeting humanitarian non-governmental organizations (NGOs), including UNICEF and the Red Cross. The infrastructure ...
Continue Reading

Phishing in Office 365's Pond

Oct 28, 2019 6:55:35 AM By Stu Sjouwerman
Heimdal Security has come across a phishing campaign that uses compromised accounts to target Microsoft users. The attackers use email and social media accounts they’ve already breached ...
Continue Reading

What Reese’s Peanut Butter Cups Can Teach Us About Phishing

Oct 23, 2019 7:30:00 AM By Perry Carpenter
One of the greatest inventions in modern history is the Reese’s Peanut Butter Cup. I feel sorry for any human who existed before the “age of the cup” because they never got to know the ...
Continue Reading

Credential Phishing With a Masked URL

Oct 23, 2019 5:55:49 AM By Stu Sjouwerman
Cofense warns of a phishing campaign going after credentials for the Stripe online payment platform. The attackers are sending emails purporting to be from Stripe Support, telling the ...
Continue Reading

Q3 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]

Oct 22, 2019 7:28:00 AM By Stu Sjouwerman
KnowBe4 reports on the top-clicked phishing emails by subject lines each quarter in three different categories: subjects related to social media, general subjects, and 'In the Wild' - we ...
Continue Reading

Smishing and Carrier Impersonation

Oct 22, 2019 6:47:08 AM By Stu Sjouwerman
While most phishing campaigns involve email, SMS text messages are an ideal alternative for attackers, according to Paul Ducklin at Naked Security. Text messages are brief and uniform in ...
Continue Reading

Alexa and Google Home abused to eavesdrop and phish passwords

Oct 21, 2019 9:35:05 AM By Stu Sjouwerman
Ars Technica is on a roll lately with some very good articles! Here is another one that made me go "Yikes!"
Continue Reading

A Lawyer's Look at "Big Game Phishing"

Oct 17, 2019 6:50:18 AM By Stu Sjouwerman
Ransomware attacks have increasingly been going after high-value data in order to extract larger ransoms from victims, according to the well-known law firm Cooley. This trend was ...
Continue Reading

Microsoft Recommends: "Top 6 Email Security Best Practices"... And One Of Them Is Phishing Simulations

Oct 17, 2019 6:11:20 AM By Stu Sjouwerman
Girish Chander, Microsoft's Group Program Manager of Office 365 Security wrote an excellent post on their blog titled "Top 6 email security best practices to protect against phishing ...
Continue Reading

I Can Phish Anyone

Oct 15, 2019 7:30:00 AM By Roger Grimes
I’m a bit surprised by some aggressive corporate anti-phishing policies which say they will fire anyone for one accidental phishing offense. Send me the names and email addresses of the ...
Continue Reading

CRN: "Kevin Mandia -- Detect Spear Phishing, Lock Down CEO Email To Stay Safe"

Oct 15, 2019 7:10:57 AM By Stu Sjouwerman
Michael Novinson at CRN had a great article that really explains the issues we are dealing with. He started out with: "Spear phishing remains the most common way for adversaries to ...
Continue Reading

Extremely Embarrassing 250,000-record Data Breach At Hookers.nl

Oct 14, 2019 10:50:12 AM By Stu Sjouwerman
The data of 250,000 users of Hookers.nl, a forum where experiences with prostitutes and escorts are exchanged, have been stolen and offered for sale on the internet. It concerns e-mail ...
Continue Reading

Why Hack When You Can Con?

Oct 14, 2019 9:42:25 AM By Stu Sjouwerman
Continue Reading

U.S. Organizations Involved with Nuclear Deterrence are the Target of North Korean Phishing Attacks

Oct 14, 2019 7:00:00 AM By Stu Sjouwerman
Using some very sophisticated methods, the Kimsuky group is believed to be behind a spear phishing campaign aimed at stealing U.S. secrets.
Continue Reading

Universities Worldwide are the Target of Phishing Attacks by a Hacking Group Aimed at Stealing Research and Intellectual Property

Oct 11, 2019 7:17:19 AM By Stu Sjouwerman
The Iranian hacker group dubbed Colbalt Dickens has hit over 60 universities around the globe attempting to steal credentials to provide access to sensitive data.
Continue Reading

Cybercriminals Leverage the U.K.’s Strong Customer Authentication Requirement in a New String of Phishing Attacks

Oct 10, 2019 7:00:00 AM By Stu Sjouwerman
Attackers are taking advantage of the requirement to secure online shopping and banking transactions processed within the U.K. to gather personal details of consumers and users alike.
Continue Reading

Brand-New: Multi-Factor Authentication Security Assessment Tool Helps Assess Your Organization's MFA Vulnerabilities

Oct 9, 2019 9:52:00 AM By Stu Sjouwerman
You already know that using multi-factor authentication (MFA) can decrease your cybersecurity risk, and certainly is a much stronger defense compared to using traditional passwords alone. ...
Continue Reading

Chinese State-Sponsored Phishing

Oct 9, 2019 7:15:59 AM By Stu Sjouwerman
A sophisticated threat group is going after a variety of industries using spearphishing and an arsenal of malware, according to Nalani Fraser and Fred Plan from FireEye. Fraser and Plan ...
Continue Reading

Is Cyberinsurance a Reason for the Rise in Ransomware Attacks?

Oct 9, 2019 7:00:36 AM By Stu Sjouwerman
Are cybercriminals counting on the victim’s simple cost-to-benefit decision to have their cyber-insurer pay the ransom? And, if so, are they targeting companies with cyberinsurance?
Continue Reading

Casbaneiro is the Hook in Alt-Coin Phishing

Oct 9, 2019 7:00:00 AM By Stu Sjouwerman
The Casbaneiro banking Trojan is going after Latin American victims’ cryptocurrency, Verdict reports. It’s being distributed via phishing emails which trick victims into downloading a ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews