APWG: Phishing Remains a Constant and Effective Means of Attack

Dec 20, 2018 11:45:13 AM By Stu Sjouwerman

The latest report from the Anti-Phishing Working Group (APWG) highlights the prevalence of phishing and how it’s changing to remain an effective attack method.

How Wellcome Trust Executives Got Whaled By Oldest Trick In The Phishing Playbook

Dec 19, 2018 5:07:47 PM By Stu Sjouwerman

Forbes contributor Davey Winder wrote an excellent comment: "It hasn't been the greatest week for the non-profit sector with the revelation that two well-known charities have fallen ...

Organizations Managing Critical Infrastructure Face a New Global Phishing Attack

Dec 18, 2018 6:54:22 AM By Stu Sjouwerman

According to McAfee’s Advanced Threat Research team and McAfee Labs Malware Operations Group, a new global campaign is underway, targeting key industries, potentially for espionage ...

Mimecast: "Your Filters Are Missing 12 Percent Of The Unwanted Emails"

Dec 15, 2018 4:07:47 PM By Stu Sjouwerman

Mimecast said: "Is a false negative rate of 12% a large number or a small one? I suppose it depends on your perspective. If your email security system lets in 12 unwanted emails—whether ...

CrowdStrike: Compelling Stories From The Cyber Intrusion Casebook 2018

Dec 15, 2018 2:51:34 PM By Stu Sjouwerman

From the Front Lines of Incident Response, the CrowdStrike Services Cyber Intrusion Casebook 2018 offers some compelling stories how threat actors are continuously adopting new means to ...

New "Secured" Phishing Site Goes Up Every Two Minutes

Dec 14, 2018 1:42:01 PM By Stu Sjouwerman

SC Mag had an exclusive: Threat actors are "playing by the rules", or at least tricking your browser into thinking they are, in order to deliver more effective attacks.

Cybercriminals Use 1.7 Million Compromised PCs in Botnet Advertising Fraud Scam

Dec 10, 2018 2:09:32 PM By Stu Sjouwerman

The Russian-born, botnet-driven advertising fraud scam, 3ve, generated over $29 million in revenue using fileless malware variant Kovter, botnets, and unsuspecting users.

[ALERT] Now The Bad Guys Are Phishing For Your Retirement Money

Dec 9, 2018 12:06:58 PM By Stu Sjouwerman

Eric Howes, KnowBe4 Principal Lab Researcher observed: "Here is a screenshot of a phishing email that came in Friday. In it the bad guys attempt to apply the same modus operandi currently ...

True Phishing Confessions From A Compromised Company. This One Has A Twist At The End

Dec 7, 2018 10:55:58 AM By Stu Sjouwerman

"The email you hope you never have to send to clients/customers" OK, so here is another horror story that you hope you can prevent from happening to your own organization. This is an ...

When Does a Legitimate Password Reset Email Feel Like a Phishing Attack? Just Ask Citrix Users

Dec 5, 2018 9:30:44 AM By Stu Sjouwerman

A recent password reset email from ShareFile (a Citrix company) put some users on edge, questioning both the emails legitimacy and why the reset.

GreyEnergy Malware Spreads Through Phishing Emails

Dec 5, 2018 6:32:48 AM By Stu Sjouwerman

The GreyEnergy APT primarily uses phishing emails as its initial infection method, according to analysis by Nozomi Networks. The malware has been targeting industrial control systems in ...

Phishing Emails are Targeting Spotify Users

Dec 5, 2018 6:25:14 AM By Stu Sjouwerman

A phishing campaign is attempting to steal login credentials from Spotify users, according to researchers at AppRiver. The emails ask users to click a hyperlink to confirm their accounts, ...

Hackers reportedly breached Republican campaign committee emails during 2018 elections

Dec 4, 2018 1:50:43 PM By Stu Sjouwerman

The National Republican Congressional Committee (NRCC) was hacked during the 2018 midterm elections, according to a report from Politico. Republican officials said that hackers had access ...

That was fast! Bad Guys Are Using The Marriott Breach For Phishing Attacks

Dec 4, 2018 6:48:36 AM By Stu Sjouwerman

As predicted, the Marriott breach is heaven for bad guys. KnowBe4 customers are using the (free) Phish Alert Button to report in the wild phishing attacks using the recent news.

[Heads-up] Bad Guys Love Marriott: 500 Million Data Breach Is Phishing Heaven

Nov 30, 2018 10:18:39 AM By Stu Sjouwerman

So I guess we have just reached the tipping point, it's "privacy game over" for business travelers.

Reminder: That Padlock Doesn’t Mean It’s Secure

Nov 27, 2018 8:05:51 AM By Stu Sjouwerman

We’ve mentioned this before, but the misconception has surfaced again, and it’s worth mentioning again. Looking for the padlock as a sign of a secure legitimate website isn’t an accurate ...

As You Read This, It's Cyber Monday. How To Avoid The Top 10 Security Threats

Nov 24, 2018 11:15:47 AM By Stu Sjouwerman

InfoSecBuzz asked a number of security experts for their advice on the top security threats and how to avoid them. These are specialists from Alienvault, Cylance, Cybereason, F5 Networks, ...

[Heads-up] Bad Guys Are Now Taking Over Email Inboxes Without Phishing Attacks

Nov 24, 2018 8:43:21 AM By Stu Sjouwerman

I found a great article in SecurityWeek by Alastair Paterson, the CEO of Digital Shadows. Could not have said it better myself, and he alerted everyone about an attack vector that was ...

Phishing Accounts for 50% of All Fraud Attacks [InfoGraphic]

Nov 19, 2018 10:39:08 AM By Stu Sjouwerman

According to the latest research from RSA, attacks intent on committing financial fraud most frequently begin with tried and true phishing.

Now here is something new: Russian Banks Targeted by Sophisticated Phishing Emails

Nov 19, 2018 9:45:51 AM By Stu Sjouwerman

This does not happen too often, and these attackers must be outside of Russia. If hackers inside Russia attack their own country, the FSB is on their doorstep with a SWAT team in no time.

Security Awareness Training Blog

Phishing Blog

View Topics