Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Think Size Matters to Hackers? It Doesn’t

The largest of organizations aren’t the only ones being hit with cyberattacks. Everyone from the SMB on up is at risk and is actively a target.
Continue Reading

Google Warns of Govt-Backed Phishing

This latest heads-up around phishing-based warfare from a source as reputable as Google show the need to both be watchful for and responsive to phishing attacks.
Continue Reading

New Malicious PDFs Carry Stealthy Backdoor And Exfiltrate Data Via Email

The Turla threat group, certainly Russian-speaking and widely attributed to Russian intelligence services, is back with a new phishing technique. The threat actor is distributing emails ...
Continue Reading

Suspicious Emails Are a Problem…to the Tune of 6.4 Billion a Day!

Even with authentication, identification, and validation frameworks and solutions in place, the number of potentially malicious emails remains staggering.
Continue Reading

Universities Are Still Targeted With Phishing Attacks By Iranian Hackers

Secureworks® Counter Threat Unit™ (CTU) researchers reported that despite indictments in March 2018, the Iranian threat group is likely responsible for a large-scale campaign that ...
Continue Reading

Democratic National Committee Thought it was Under Attack (It Was A Red Team Phishing Test...)

The FBI received a report from the US Democratic National Committee (DNC) that unknown actors sought access to a voter database through a phishing campaign.
Continue Reading

[Heads-up] Russian Hackers Widen Their Cyber Attacks Again With Spear Phishing Political Targets

The GRU, the Russian military intelligence spy agency which was responsible for the 2016 election cyber attacks, is at it again and are now targeting the U.S. Senate and conservative ...
Continue Reading

Phishing is Still the #1 Cyber-Fraud Tactic

Online, e-commerce and mobile fraud are on the rise, according to RSA, with 41% of successful attacks enabled by phishing scams.
Continue Reading

Scam Of The Week: SharePoint Phishing Attack On Office 365 Users

The attack dubbed “PhishPoint” by Cloud Security vendor Avanan demonstrates the craftiness and extent cybercriminals will go to in order to harvest Office 365 credentials.
Continue Reading

Is IT Even Trying to Thwart Social Engineering Attacks?

With so much else on their plate, are today’s IT organizations doing enough to protect the organization against social engineering and phishing attacks?
Continue Reading

Social Media Facial Recognition Could Make the Bad Guys Worse

Trustwave shows how the latest advancements in technology could be used to aid cybercriminal activity.
Continue Reading

Why Doesn’t Cyber Insurance Have Phishing Prevention Discounts?

Whether online-related or not, insurance is insurance. So, shouldn’t there be discounts for organizations who demonstrate cyber-responsibility?
Continue Reading

OK, Guys, this one is for you. Yes, you. The guy who keeps friending strange women on Facebook

This was sent to me by a friend that I know is legit. It's a fun read and has some good tips on how to stay safe using social media.
Continue Reading

Phishing Continues to be on the Rise in 2018!

It should come as no surprise that the most successful attack tactic is being used more in 2018. APWG’s latest report shows us the trends and what to expect for the remainder of 2018.
Continue Reading

New UK Phishing Campaigns Lure Industry Targets With Compromised Email Contacts

A new batch of U.K. phishing campaigns is using compromised email contacts to lure targets from the engineering, transport and defense sectors.
Continue Reading

Spam Remains the Criminals' Favorite Online Tool

Spam is forty years old, and it's still the enduring favorite of cyber criminals. What's reckoned to have been the first spam was distributed in 1978 over ARPANET. ARPANET would evolve ...
Continue Reading

UK Insurer Beazley: "Phishing attacks up in second quarter."

Attacks that target business email accounts continued to increase in the second quarter of 2018, accounting for 23% of incidents reported to Beazley P.L.C. clients, the insurer said ...
Continue Reading

Snail-Mail Phishing with a CD as Bait

Several state government offices in the US have received CDs by mail, infected with malware. It's a clumsy attempt, according to an alert the Multi-State Information Sharing and Analysis ...
Continue Reading

Why Using Brands Is An Essential Element Of Phishing Simulations

It's clear to everyone that company's brand is a valuable property. Often hundreds of millions of dollars were used to create the brand over decades. It creates instant recognition and ...
Continue Reading

Emotet Phishing Epidemic: Infections Costing Orgs Up to $1 Million Per Incident

US-CERT alert sounds the alarm on Emotet, one of the most costly and destructive malware strains currently active.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews