Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

[Heads-Up] How Hackers Use Ransomware To Hide Data Breaches And Other Devastating Attacks

Jun 10, 2019 6:15:55 AM By Stu Sjouwerman
Different sources claim that ransomware attacks are either going up or going down. The very real threat remains though and it is clear that the bad guys are moving from consumers as their ...
Continue Reading

Why Polymorphic Phishing Attacks Are Skyrocketing And How They Make It In Your User's Inbox

Jun 10, 2019 5:57:28 AM By Stu Sjouwerman
IronScales just released data showing that 42% of phishing email attacks are polymorphic, enabling them to evade many security filters. The company has observed 11,733 polymorphic ...
Continue Reading

Microsoft is Still the Most Impersonated Brand in Phishing Attacks

Jun 4, 2019 1:45:50 PM By Stu Sjouwerman
Cybercriminals are constantly looking for the easiest way to make a buck. And, in the case of phishing attacks, it appears that pretending to be Microsoft is the path of least resistance.
Continue Reading

Biometrics Can’t Replace Passwords: A Cybercriminal's Dream

Jun 4, 2019 1:11:44 PM By Stu Sjouwerman
In the quest to create a more secure environment, new ways to authenticate that replace the password are being sought. But it’s looking like passwords are here to stay.
Continue Reading

It only takes three seconds...

May 31, 2019 11:44:23 AM By Stu Sjouwerman
“Statistics suggest the average human being falls for a social engineering attack about four times — with training — before they become ‘inoculated’ against that type of attack,” “Helpful ...
Continue Reading

"Delete" Notification as Office 365 Phishbait

May 31, 2019 8:00:00 AM By Stu Sjouwerman
Attackers are posing as Office 365 support in phishing emails that warn users about an “unusual volume of file deletion” on their accounts, BleepingComputer has found. The emails claim ...
Continue Reading

Impersonation Phishing Attacks Up 67% in Last 12 Months

May 31, 2019 8:00:00 AM By Stu Sjouwerman
Social engineering attacks using impersonation tactics increased by 67% over the past twelve months, according to Mimecast’s annual State of Email Security report. Mimecast surveyed more ...
Continue Reading

Red Flags Warn of Social Engineering

May 29, 2019 7:54:53 AM By Stu Sjouwerman
The easiest way to avoid falling for scams and other social engineering attacks is to have an understanding of the tactics employed by attackers, according to Roger A. Grimes, writing in ...
Continue Reading

Phishing Canadian Targets

May 28, 2019 2:34:49 PM By Stu Sjouwerman
We have recently blogged about KrebsOnSecurity's story on compromised Canadian business email addresses. Here is some updated background on threats to Canadian organizations.
Continue Reading

A Single Tweet Saw One Woman's Bank Account Entirely Wiped Out

May 28, 2019 9:36:02 AM By Stu Sjouwerman
Dean Dunham at The Mirror in the UK reported: "Social media is often disgruntled customers first port of call when they want to make a complaint about goods or services these days, but ...
Continue Reading

Phishing Sites Increase by 30% in the First Quarter of 2019 Putting SaaS and Webmail at Risk

May 28, 2019 8:00:00 AM By Stu Sjouwerman
Cybercriminals seem to be increasing their efforts in quantity, frequency, and obfuscation, according to the latest data from the international cybercrime coalition, the Anti-Phishing ...
Continue Reading

[Heads-up] Scary Phishing Attack Uses Legal Threats From Law Firm

May 25, 2019 10:38:15 AM By Stu Sjouwerman
Brian Krebs just posted the following alert: "Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the ...
Continue Reading

U.S. Department of Homeland Security Issues List of Office 365 Security Vulnerabilities and Best Practices

May 23, 2019 2:26:17 PM By Stu Sjouwerman
The latest Analysis Report covers both areas of concern around Office 365 configurations that impact security, and offers up some simple recommendations to shore up vulnerabilities.
Continue Reading

Q1 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]

May 21, 2019 12:30:00 PM By Stu Sjouwerman
Every quarter, KnowBe4 reports on the top-clicked phishing emails by subject lines in three categories: Social, General, and 'In the Wild'. The latter category results come from the ...
Continue Reading

“Hack for Hire” Groups Offer Single Account Break-In Services For Just $750

May 20, 2019 9:32:47 AM By Stu Sjouwerman
Along with everything else malicious that’s available “as-a-Service”, the latest addition takes the burden of trying to initially hack an organization off of the plate of would-be ...
Continue Reading

Global GozNym Takedown Shows The Anatomy Of A Modern Cybercrime Supply Chain

May 17, 2019 7:12:21 AM By Stu Sjouwerman
By Javvad Malik, our new Security Awareness Advocate for EMEA. A multi-national collaborative law enforcement effort has arrested individuals allegedly behind Nymaim and Gozi, also known ...
Continue Reading

Account Takeover Attacks Increase as Cybercriminals Fine-Tune Their Brand Impersonation, Social Engineering, and Phishing Skills

May 17, 2019 6:35:31 AM By Stu Sjouwerman
The latest Spear Phishing Report from Barracuda highlights how cybercriminals are systematically improving their game… and are becoming more successful for it. The capturing of user ...
Continue Reading

Phishing Attacks Top Verizon’s List of Threat Actions Used in Data Breaches

May 13, 2019 10:01:59 AM By Stu Sjouwerman
Verizon’s latest Data Breach Investigations Report provides valuable insight into exactly how attacks are carried out, what tactics are working, and how users are helping.
Continue Reading

Phishing Continues to Rise as Attacks Go Malwareless

May 10, 2019 8:00:00 AM By Stu Sjouwerman
Cybercriminals seem to be honing their craft, picking specific attack types, victim demographics, and methods, according to new data from the latest PhishLab’s report.
Continue Reading

Russian cyberspies are using one hell of a clever Microsoft Exchange backdoor

May 8, 2019 6:38:05 AM By Stu Sjouwerman
A Russian cyber-espionage group has developed and has been using one of the most complex backdoors ever spotted on an email server, according to new research published by cyber-security ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews