Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Paying the Ransom Doubles the Cost of a Ransomware Attack

The total cost of the average ransomware attack more than doubles if the victim decides to pay the ransom, according to Sophos’s State of Ransomware 2020 report. The Sophos-commissioned ...
Continue Reading

Watch Out for the Coming Tsunami of Mortgage Rescue Phishing Scams

At this point in time, with 10 years of phishing attack analysis under our belt, we can predict with a high reliability level what will be showing up in the near future. We see two scams ...
Continue Reading

[HEADS UP] Coronavirus Phishing Attacks Skyrocket to 30% Increase

Scammers riding the COVID-19 wave are adapting to new scenarios as the pandemic evolves. Checkpoint recently discovered that over 192,000 coronavirus-related phishing attacks per week ...
Continue Reading

Why Does Someone Click and Become a Victim of a Scam?

One of the keys to thwarting social engineering attacks is knowing what makes us want to click on links or respond to emails, according to cybersecurity expert Raef Meeuwisse. In an ...
Continue Reading

Healthcare Providers Get Free Assistance with Remediating Ransomware Attacks

In the wake of ransomware attacks continuing on healthcare providers, despite the obvious need for hospitals and urgent care clinics to remain operational, one company is offering some ...
Continue Reading

Half of Employees Put the Organization at Risk by Watching Adult Content on Work Computers

New data from Kaspersky shows how the pandemic has changed the way people work… and how these new habits increase the organization’s risk of cyberthreat.
Continue Reading

[Scam of The Week] Unemployed Americans Are Now Deceived Into Grabbing ‘Remote Jobs’ As Money Mules

There are now tens of millions of people suddenly unemployed, looking for ways to make ends meet.
Continue Reading

It Starts with a Phish: Employee PII at Risk When Pipeline Development Outsourcer Falls Victim to Ransomware Attack

The latest example of a modern-day ransomware attack demonstrates how data encryption and ransom can no longer be the assumed extent of an attack.
Continue Reading

Fake Zoom Downloader is the Latest Method of Attack on Remote Workers

Riding on the coattails of the massive rise in popularity in the video conference solution, remote workers new to Zoom need to be wary of where they download the installer.
Continue Reading

Cybercriminals Lean Heavily on Social Engineering Tactics to Gain Access to Bank Accounts

A series of attack anecdotes shared by Brian Krebs shows how persistent and sophisticated scammers are in using social engineering tactics to gain access to their victim’s bank account ...
Continue Reading

COVID-19 Security Hints & Tips Email Templates In 10 Additional Languages

The Product Content team is happy to announce that our 9 COVID-19 Security Hints and Tips email templates are now available in 10 additional languages. The new emails are available in: ...
Continue Reading

It's World Password Day 2020 - Is Your Organization Safe?

Today is World Password Day, a holiday created by Intel on the first Thursday of May to ensure everyone knows password best practices. “P@ssW0rd” has never been a safe password to use to ...
Continue Reading

Some Phishers Who Know Their Trade

Researchers at Votiro have come across well-crafted phishing emails that purport to come from UPS, FedEx, and DHL. All of the emails contain malicious Excel attachments that will install ...
Continue Reading

What is the Right Password Policy?

What is the right password policy? Conventional password policies say you must have a password at least 8-12 characters long…16 characters or longer if it belongs to an elevated ...
Continue Reading

Implausible Phishbait, But Someone May Bite

Scammers are impersonating FINRA, the Financial Industry Regulatory Authority, in an attempt to deliver malware or steal SharePoint credentials, Help Net Security reports. FINRA issued an ...
Continue Reading

[HEADS UP] Coronavirus in Australia: Government Warns Phishing Email Target

A phishing email has been circulating during the pandemic in Australia. Australians are being warned to look out for phishing scams during the coronavirus pandemic, with a new dodgy email ...
Continue Reading

1,000+ SEC Filings Show Ransomware an On-Going Risk for Public Companies

As public companies seek to improve their cybersecurity posture, they also work to comply with SEC formal guidance to disclose cybersecurity risk, highlighting ransomware as a key factor.
Continue Reading

Medical Suppliers Targeted With Agent Tesla Infostealer

Researchers at Fortinet have identified a spear phishing campaign targeting medical suppliers with COVID-19-themed emails. The emails contain choppy grammar, but the message is clear ...
Continue Reading

PerSwaysion: Convincing Executives to Act Against Their Own Interest

Researchers at Group-IB have discovered a sophisticated spear phishing campaign that’s targeted executives at more than 150 companies around the world since mid-2019. The researchers have ...
Continue Reading

GitHub is the Latest Target of Social Engineering Phishing Attacks

Using simple alert-style email notices, scammers look to steal credentials to gain access to development code, intellectual property, and project details.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews