Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

SNAFU Some AV Tools Cause BSODs And Boot Failures After Meltdown Patches

Jan 10, 2018 7:19:52 AM By Stu Sjouwerman
Microsoft's patch to protect Windows computers from the Meltdown / Spectre "hardware bug" revealed the rootkit-like nature of many antivirus tools. Some AV products are incompatible with ...
Continue Reading

One surprising statistic explains why phishing will remain the most common cyberattack for the next few years

Jan 4, 2018 6:37:29 PM By Stu Sjouwerman
Phishing will remain the primary email attack vector through 2020. A new report from Comodo Security Threat Lab's VP, Fatih Orhan, brings up an interesting statistic from Friedrich ...
Continue Reading

Report: Most Government Agencies Vulnerable To Phishing

Jan 3, 2018 2:37:17 PM By Stu Sjouwerman
Nearly half of federal agency email domains have adopted policies to collect data on unauthorized emails, a move mandated by the Department of Homeland Security in October, according to a ...
Continue Reading

Nearly 250,000 user logins are being hacked every week and become phishing targets

Dec 25, 2017 8:43:26 AM By Stu Sjouwerman
A research team from Google collaborated with the cybersecurity experts from the University of California, Berkeley to scrutinize the activities of these online miscreants. After about 1 ...
Continue Reading

Roll back time when users click on a bad link with our new free tool, Second Chance!

Dec 18, 2017 11:52:31 AM By Stu Sjouwerman
Wouldn't it be great if your users had a way to "roll back time" when they forgot to think before they click on a bad link? Now they can! We are excited to announce Second Chance, a ...
Continue Reading

86% of security pros worry about a phishing future where criminals are using Artificial Intelligence

Dec 17, 2017 12:31:21 PM By Stu Sjouwerman
A new survey by Webroot shows that 86% of security professionals worry that AI and ML (machine learning) technology could be used against them. And they are right, because it will and ...
Continue Reading

W-2 Phishing Scams Likely to Resurface After the New Year

Dec 15, 2017 4:57:33 PM By Stu Sjouwerman
W-2 phishing season is just a few weeks away. For the past several tax seasons, cyber criminals have used sophisticated social engineering tactics to dupe hundreds of payroll and HR ...
Continue Reading

Trojan Phishing Attacks By North Korean Hackers Are Attempting To Steal Bitcoin

Dec 15, 2017 12:00:48 PM By Stu Sjouwerman
Researchers at Secureworks report Trojan malware is being distributed in phishing emails using the lure of a fake job ad. A prolific cyber criminal gang with links to North Korea is ...
Continue Reading

Basic training in avoiding phishing is no longer sufficient

Dec 8, 2017 9:53:34 AM By Stu Sjouwerman
Databreaches.net has forums and one of their posts really got our attention. It was an official notification from the legal department of Boise Cascade Company in Utah about a phishing ...
Continue Reading

Phishing Schemes Are Using Encrypted Sites To Seem Legit

Dec 6, 2017 6:39:41 AM By Stu Sjouwerman
WIRED wrote: "A MASSIVE EFFORT to encrypt web traffic over the last few years has made green padlocks and "https" addresses increasingly common; more than half the web now uses internet ...
Continue Reading

Mailsploit Bypasses DMARC And Lets Attackers Send Spoofed Phishing Emails on Over 33 Email Clients

Dec 5, 2017 10:56:55 AM By Stu Sjouwerman
Our friends at Bleepingcomputer reported on something that should cause anyone concern. German security researcher Sabri Haddouche has discovered a set of vulnerabilities that he ...
Continue Reading

Scam Of The Week: Phishers Target PayPal Users With Fake “Failed Transaction” Emails

Dec 4, 2017 2:59:18 PM By Stu Sjouwerman
Scammers are pushing out fake PayPal emails that use the premise of an unverified transaction to phish for customers’ personal and financial information. With the end-of-the-year holidays ...
Continue Reading

Phishing campaigns and malware infections are both up more than 40% since Q2 ‘17

Dec 3, 2017 7:28:13 AM By Stu Sjouwerman
The NTT Security Global Threat Intelligence Center (GTIC) 2017 Q3 Threat Intelligence Report provides a glimpse inside the research conducted by NTT Security researchers over the last ...
Continue Reading

Yahoo Hacker Arrested And Admits Working for The Russians

Nov 29, 2017 9:42:02 AM By Stu Sjouwerman
The Kazakhstan-born Canadian citizen Karim Baratov (22) has pleaded guilty to massive 2014 Yahoo hack that affected three billion accounts. He admitted that he generally spearphished his ...
Continue Reading

Baffling FBI silence about Russian phishing attacks on US officials

Nov 27, 2017 6:59:05 AM By Stu Sjouwerman
WASHINGTON – The Associated Press revealed a baffling FBI silence about spear phishing attacks by Russian hackers on US officials like the former head of cybersecurity for the U.S. Air ...
Continue Reading

Massive Phishing Attack On Businesses with Evil New Ransomware Strain

Nov 25, 2017 11:02:08 AM By Stu Sjouwerman
The Scarab ransomware strain is updated again and spreads via Necurs botnet in a massive 12.5 million campaign, mostly targeting .com domains. Scarab was spotted June 2017 for the first ...
Continue Reading

Uber Total Loss: 57 Million Records Stolen But Data Breach Was Hidden For A Year

Nov 22, 2017 7:37:46 AM By Stu Sjouwerman
Oh boy. Uber is known for pushing the limits of the law and has dozens of lawsuits pending against it, but this one went too far and now comes the reckoning. Bloomberg was first to report ...
Continue Reading

[ALERT] Zombie Remote Access Phishing Trojan Kills Antivirus

Nov 20, 2017 10:00:00 AM By Stu Sjouwerman
Almost two years ago we took note of two different write-ups on the Adwind (aka AlienSpy) remote access trojan (RAT), one by McAfee and the other by Fidelis Security. Those pieces caught ...
Continue Reading

[VIDEO] New Smart Groups Put Your Phishing, Training And Reporting On Autopilot.

Nov 11, 2017 9:29:21 AM By Stu Sjouwerman
Automate the path your employees take to smarter security decisions. With the powerful new Smart Groups feature, you can use each employees’ behavior and user attributes to tailor ...
Continue Reading

[ALERT] This Scary New Phishing Attack Is Very Hard To Detect

Nov 11, 2017 7:57:49 AM By Stu Sjouwerman
You need to know about a new phishing attack vector reported by our friends at Barkly. It utilizes a new technique that's just plain nasty. This week, users at one of their customers ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews