FBI’s Advice on Spotting Phishing

Jun 14, 2019 6:28:05 AM By Stu Sjouwerman

The FBI’s Internet Crime Complaint Center (IC3) released a PSA warning that attackers are exploiting people’s trust in sites that use HTTPS. Cybersecurity training has in the past rightly ...

Tax Phishing in the UK

Jun 12, 2019 1:51:27 PM By Stu Sjouwerman

Her Majesty's Revenue and Customs (HMRC) has processed 2.6 million reports of attempted phishing attacks since 2016, Infosecurity Magazine reports. More than 1.9 million of these phishing ...

Corporate Email Creates Unavoidable Phishing Risk

Jun 10, 2019 6:29:24 AM By Stu Sjouwerman

It’s impossible to avoid the risk of phishing attacks entirely, since employees still need to do their jobs, as Kelly Sheridan at Dark Reading puts it. Sheridan points to a recent report ...

[Heads-Up] How Hackers Use Ransomware To Hide Data Breaches And Other Devastating Attacks

Jun 10, 2019 6:15:55 AM By Stu Sjouwerman

Different sources claim that ransomware attacks are either going up or going down. The very real threat remains though and it is clear that the bad guys are moving from consumers as their ...

Why Polymorphic Phishing Attacks Are Skyrocketing And How They Make It In Your User's Inbox

Jun 10, 2019 5:57:28 AM By Stu Sjouwerman

IronScales just released data showing that 42% of phishing email attacks are polymorphic, enabling them to evade many security filters. The company has observed 11,733 polymorphic ...

Microsoft is Still the Most Impersonated Brand in Phishing Attacks

Jun 4, 2019 1:45:50 PM By Stu Sjouwerman

Cybercriminals are constantly looking for the easiest way to make a buck. And, in the case of phishing attacks, it appears that pretending to be Microsoft is the path of least resistance.

Biometrics Can’t Replace Passwords: A Cybercriminal's Dream

Jun 4, 2019 1:11:44 PM By Stu Sjouwerman

In the quest to create a more secure environment, new ways to authenticate that replace the password are being sought. But it’s looking like passwords are here to stay.

It only takes three seconds...

May 31, 2019 11:44:23 AM By Stu Sjouwerman

“Statistics suggest the average human being falls for a social engineering attack about four times — with training — before they become ‘inoculated’ against that type of attack,” “Helpful ...

"Delete" Notification as Office 365 Phishbait

May 31, 2019 8:00:00 AM By Stu Sjouwerman

Attackers are posing as Office 365 support in phishing emails that warn users about an “unusual volume of file deletion” on their accounts, BleepingComputer has found. The emails claim ...

Impersonation Phishing Attacks Up 67% in Last 12 Months

May 31, 2019 8:00:00 AM By Stu Sjouwerman

Social engineering attacks using impersonation tactics increased by 67% over the past twelve months, according to Mimecast’s annual State of Email Security report. Mimecast surveyed more ...

Red Flags Warn of Social Engineering

May 29, 2019 7:54:53 AM By Stu Sjouwerman

The easiest way to avoid falling for scams and other social engineering attacks is to have an understanding of the tactics employed by attackers, according to Roger A. Grimes, writing in ...

Phishing Canadian Targets

May 28, 2019 2:34:49 PM By Stu Sjouwerman

We have recently blogged about KrebsOnSecurity's story on compromised Canadian business email addresses. Here is some updated background on threats to Canadian organizations.

A Single Tweet Saw One Woman's Bank Account Entirely Wiped Out

May 28, 2019 9:36:02 AM By Stu Sjouwerman

Dean Dunham at The Mirror in the UK reported: "Social media is often disgruntled customers first port of call when they want to make a complaint about goods or services these days, but ...

Phishing Sites Increase by 30% in the First Quarter of 2019 Putting SaaS and Webmail at Risk

May 28, 2019 8:00:00 AM By Stu Sjouwerman

Cybercriminals seem to be increasing their efforts in quantity, frequency, and obfuscation, according to the latest data from the international cybercrime coalition, the Anti-Phishing ...

[Heads-up] Scary Phishing Attack Uses Legal Threats From Law Firm

May 25, 2019 10:38:15 AM By Stu Sjouwerman

Brian Krebs just posted the following alert: "Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the ...

U.S. Department of Homeland Security Issues List of Office 365 Security Vulnerabilities and Best Practices

May 23, 2019 2:26:17 PM By Stu Sjouwerman

The latest Analysis Report covers both areas of concern around Office 365 configurations that impact security, and offers up some simple recommendations to shore up vulnerabilities.

Q1 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]

May 21, 2019 12:30:00 PM By Stu Sjouwerman

Every quarter, KnowBe4 reports on the top-clicked phishing emails by subject lines in three categories: Social, General, and 'In the Wild'. The latter category results come from the ...

“Hack for Hire” Groups Offer Single Account Break-In Services For Just $750

May 20, 2019 9:32:47 AM By Stu Sjouwerman

Along with everything else malicious that’s available “as-a-Service”, the latest addition takes the burden of trying to initially hack an organization off of the plate of would-be ...

Global GozNym Takedown Shows The Anatomy Of A Modern Cybercrime Supply Chain

May 17, 2019 7:12:21 AM By Stu Sjouwerman

By Javvad Malik, our new Security Awareness Advocate for EMEA. A multi-national collaborative law enforcement effort has arrested individuals allegedly behind Nymaim and Gozi, also known ...

Account Takeover Attacks Increase as Cybercriminals Fine-Tune Their Brand Impersonation, Social Engineering, and Phishing Skills

May 17, 2019 6:35:31 AM By Stu Sjouwerman

The latest Spear Phishing Report from Barracuda highlights how cybercriminals are systematically improving their game… and are becoming more successful for it. The capturing of user ...

Security Awareness Training Blog

Phishing Blog

View Topics