Phishing Nightmare? New "Deadline" Email From Equifax Settlement Administrator Notifies of Changes in Filing.

Sep 12, 2019 3:10:42 PM By Stu Sjouwerman

You’d better check your email queue for a new email from The Equifax Breach Settlement Administrator that was sent out several days ago to those who previously filed a claim. It will ...

[On-Demand Webinar] Crafty Ways the Bad Guys Use Pretexting to Own Your Network

Sep 12, 2019 1:44:01 PM By Stu Sjouwerman

Today’s phishing attacks have evolved way beyond spray-and-pray emails that mass target victims. Instead, the bad guys have carefully researched your organization in order to set the ...

FBI Cyber Warning: Attacks On Key Employees Up 100%, As 281 Are Arrested

Sep 12, 2019 6:21:21 AM By Stu Sjouwerman

Zak Doffman, contributor at Forbes reported: "There is a cyberattack epidemic hitting businesses around the world, targeting individuals responsible for requesting fund transfers or ...

The Legal Profession's Catfishing Problem

Sep 11, 2019 8:25:59 AM By Stu Sjouwerman

Scammers frequently impersonate lawyers in fraudulent emails in order to get recipients to take those emails seriously, according to Victoria Hudgins at Legaltech News. Legal threats or ...

The FBI Updates Their Numbers And BEC Is Now A 26 Billion Dollar Scam

Sep 10, 2019 1:32:55 PM By Stu Sjouwerman

FBI's Internet Crime Complaint Center (IC3) says that Business Email Compromise (BEC) scams —aka CEO Fraud—are continuing to grow every year, with a 100% increase in the identified global ...

Cybersecurity: 99% of email attacks rely on victims clicking links

Sep 10, 2019 6:57:48 AM By Stu Sjouwerman

Danny Palmer at ZDNet had the scoop: "Social engineering is by far the biggest factor in malicious hacking campaigns, warn researchers – so how can it be stopped?"

Nemty Ransomware Infests Bogus PayPal Site

Sep 10, 2019 6:45:31 AM By Stu Sjouwerman

BleepingComputer describes a PayPal phishing site that’s delivering a new strain of Nemty ransomware. The attackers used Unicode characters from different alphabets to make their URL look ...

Cybercriminals Unleash Ransomware Attack Designed to Compromise the Security of 120 French Hospitals

Sep 10, 2019 6:31:49 AM By Stu Sjouwerman

A ransomware infection has left one hospital in a group of 120 resorting to pen and paper as they work to remediate an attack custom-designed to attempt to take down all 120.

Targeted Business Email Compromise Now Includes Validating Your Email

Sep 10, 2019 6:25:56 AM By Stu Sjouwerman

A new scammer group out of Nigeria is taking additional steps to verify email addresses are valid before launching BEC campaigns designed to commit fraud.

Social Media and Their Exploitation in Social Engineering

Sep 9, 2019 7:04:30 AM By Stu Sjouwerman

Phishing is most commonly associated with email, but social media are quickly becoming a major hunting grounds for scammers, according to Elliot Volkman from PhishLabs. Social media ...

U.K. Charity Workers Most At Risk From Phishing

Sep 7, 2019 8:35:41 AM By Stu Sjouwerman

Tessian report finds a large amount of U.K. charity workers aren't getting proper security awareness training. Michael Moore at ITProPortal wrote: "UK charities are leaving themselves ...

Advanced Android SMS Phishing

Sep 6, 2019 8:25:05 AM By Stu Sjouwerman

Attackers can launch SMS phishing attacks to remotely change settings on a victim’s Android device, researchers at Check Point have found. These attacks take advantage of weak ...

Email Account Takeover and Lateral Phishing Attacks Increase Risk to Enterprises

Sep 5, 2019 11:53:21 AM By Stu Sjouwerman

The latest method of attack uses sender familiarity to lower victim defenses and increase the potential for scams, attacks, or fraud to succeed.

New Ursnif Malware Attacks Use Phishing, Social Engineering and Microsoft Word

Sep 5, 2019 11:49:28 AM By Stu Sjouwerman

The decade-old malware traditionally used to capture banking details has been given new life and spotted in the wild, being distributed via malicious Word documents.

Phishing for Cloud Providers A New Supply Chain Threat

Sep 5, 2019 7:29:23 AM By Stu Sjouwerman

Attackers are going after cloud-based customer relationship management (CRM) providers in order to launch unusually convincing phishing campaigns, KrebsOnSecurity reports.

Watch Out For Hurricane Dorian Phishing Scams. We have Templates Ready For You.

Sep 4, 2019 11:53:31 AM By Stu Sjouwerman

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain vigilant for malicious cyber activity targeting Hurricane Dorian disaster victims and potential ...

Multistage Phishing Attacks Target Financial Information

Sep 4, 2019 7:12:21 AM By Stu Sjouwerman

Trend Micro researchers have published details about a sophisticated phishing campaign they’ve named “Heatstroke.” The attackers behind Heatstroke go after victims’ private email ...

Double the Phish, Double the Phun

Sep 3, 2019 7:00:00 AM By Stu Sjouwerman

By Eric Howes, KnowBe4 Principal Lab Researcher. Over the past week we spotted something new and interesting in the malicious emails being reported to us by customers using the Phish ...

Phishing Scheme Gains Entry To Oregon Judicial Department Emails

Aug 30, 2019 2:55:14 PM By Stu Sjouwerman

Aubrey Wieber at the DemocratHerald reported: "A phishing scheme succeeded in breaking into the email accounts of five Oregon Judicial Department employees, exposing personal information ...

Why Are Insurance Companies Insisting To Pay Ransom For Ransomware Attacks?

Aug 29, 2019 2:12:15 PM By Stu Sjouwerman

This week, ProPublica published a report describing how insurance companies now prefer to fork over hundreds of thousands of dollars / pounds / Euros in ransom to minimize the detriment ...

Security Awareness Training Blog

Phishing Blog

View Topics