Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Discovered: A Whole New Strain Of Voice Phishing Attacks

Feb 28, 2019 11:07:32 AM By Stu Sjouwerman
What if social engineers, instead of calling victims with voice phishing attacks, intercepted phone calls their victims make to legitimate phone numbers? Malicious apps let cybercriminals ...
Continue Reading

reCAPTCHA Phishbait Targets Google Users

Feb 28, 2019 6:18:46 AM By Stu Sjouwerman
A phishing campaign is using a phony Google reCAPTCHA system to deliver banking malware, according to researchers at Sucuri. The attackers are sending emails, supposedly from a Polish ...
Continue Reading

It's The Season for Tax Scams... Again

Feb 26, 2019 7:19:23 AM By Stu Sjouwerman
America's Internal Revenue Service is warning taxpayers about a surge in phishing emails, links, and phone calls during tax season, according to Toni Birdsong at McAfee. The scammers pose ...
Continue Reading

Bogus Job Offers as Phishbait

Feb 25, 2019 5:29:34 PM By Stu Sjouwerman
A series of phishing campaigns are targeting companies in various industries with phony job offers using direct messages on LinkedIn, according to researchers at Proofpoint. The attacker ...
Continue Reading

The NoRelationship Attack Bypasses Office 365 Email Attachment Security

Feb 24, 2019 10:28:34 AM By Stu Sjouwerman
Attackers are bypassing Office 365 email attachment security by editing the relationship files that are included with Office documents, according to Yoav Nathaniel at Avanan. A ...
Continue Reading

Phishing campaign attempts to spread a new brand of snooping malware

Feb 22, 2019 1:03:53 PM By Stu Sjouwerman
Danny Palmer at ZDNet had the scoop: "A cyber espionage campaign is targeting national security think tanks and academic institutions in the US in what's believed to be an intelligence ...
Continue Reading

Various Types Of Phishing Attacks Defined

Feb 21, 2019 3:31:36 PM By Stu Sjouwerman
The definition of phishing is a cybercrime in which potential victims are contacted via email, telephone or text message by someone posing as a legitimate institution to lure individuals ...
Continue Reading

Iran indictments show even U.S. intelligence officials are vulnerable to basic phishing schemes

Feb 15, 2019 1:31:01 PM By Stu Sjouwerman
As the story broke about the charges against former U.S. Air Force intelligence specialist who defected to Iran and support targeted hacking against some of her former colleagues, one ...
Continue Reading

Cyberheist On Bank Causes Shutdown Of All Operations

Feb 14, 2019 8:51:11 AM By Stu Sjouwerman
Reuters reported that the Bank of Valetta, which accounts for almost half of Malta’s banking transactions, had to shut down all of its operations on Wednesday after hackers broke into its ...
Continue Reading

You Have A Special Valentine's Day Message!

Feb 11, 2019 5:11:01 PM By Stu Sjouwerman
Continue Reading

New Phishing Attack Uses Google Translate to Spoof Login Page and Fool Victims

Feb 11, 2019 2:18:25 PM By Stu Sjouwerman
A clever use of Google Translate fools victims into believing spoofed authentication requests are being handled by Google itself.
Continue Reading

Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions

Feb 8, 2019 9:58:24 AM By Stu Sjouwerman
Continue Reading

Scammers Still Exploit Hijacked GoDaddy Domains

Feb 7, 2019 7:18:05 AM By Stu Sjouwerman
Criminals are still using hijacked GoDaddy domains to launch large-scale spam campaigns, despite GoDaddy taking steps last month to address the authentication flaw exploited by the ...
Continue Reading

Social Engineering Comes to Wikipedia

Feb 6, 2019 6:55:23 AM By Stu Sjouwerman
Attackers are selectively editing Wikipedia articles to lend credibility to tech support scams, according to Rob VandenBrink at the SANS Internet Storm Center. The Wikipedia page for the ...
Continue Reading

Organizations Routinely Phish Their Own Employees to Test Their Systems for Human Vulnerability

Feb 6, 2019 6:38:19 AM By Stu Sjouwerman
As compliance mandates and consumer privacy laws get tougher, businesses are taking matters into their own hands, launching internal phishing attacks to identify at-risk users.
Continue Reading

Here is the Phish-prone percentage that a customer sent us today

Feb 5, 2019 1:54:08 PM By Stu Sjouwerman
"We’ve had great success with the KnowBe4 solution. I think the key differentiator for KnowBe4 is the integration of the simulated phishing and analytics in conjunction with the ...
Continue Reading

Today I was attacked through an existing vendor using a real email thread

Feb 5, 2019 10:39:55 AM By Stu Sjouwerman
We have been dealing with a vendor of ours for on-hold messages for many years. I send them a Word file with the hold messages, their studio records them, and they send us a wave file ...
Continue Reading

Sextortion Phishing Scam Exploits Recent Breach Fears

Feb 5, 2019 7:23:09 AM By Stu Sjouwerman
Sextortion scam emails are circulating which claim that a popular adult site has been hacked, allowing an attacker to record videos of users through their webcams, according to Lawrence ...
Continue Reading

Voicemail Phishing Email Scams are Targeting User Passwords

Feb 5, 2019 7:15:09 AM By Stu Sjouwerman
A devilishly ingenious scam plays on your user’s familiarity with business voicemail, seeking to compromise online credentials without raising concerns.
Continue Reading

This password-stealing phishing attack comes disguised as a fake meeting request from the boss

Feb 4, 2019 5:00:06 PM By Stu Sjouwerman
Danny Palmer at ZDNet reported: "A widespread phishing campaign is targeting executives across a number of industries with messages asking to reschedule a board meeting in an effort to ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews