The Heart has Its Reasons, but Those Shouldn't Become an Enterprise Risk

Sep 1, 2020 8:26:15 AM By Stu Sjouwerman

The FBI has warned that victims of romance scams lost $475 million in 2019, BleepingComputer reports. In Idaho alone, nearly one hundred of these victims lost more than $1 million each. ...

Phishing with Slack-Files.com: Bad Guys Find Yet Another Free Host for Malicious Files

Aug 31, 2020 9:44:00 AM By Eric Howes

Slack, the ubiquitous communication and collaboration platform, has been getting more and more attention over the past few months as a potential phishing platform and target for malicious ...

The U.K. is Under Massive Cyberattack and They Are Nowhere Near Prepared

Aug 28, 2020 4:26:35 PM By Stu Sjouwerman

New insights into the cybersecurity readiness of U.K. organizations shows cyberattacks are plentiful and costly, and there aren’t enough cybersecurity pros to help.

Funding for startup U.K. Cybersecurity Firms has Increased by 940% Since Lockdown

Aug 28, 2020 4:22:11 PM By Stu Sjouwerman

Yes, 940%. The demand for cybersecurity has risen so much since COVID, that the U.K. is seeing a new cybersecurity business registered every week and massive job vacancies.

One-Fifth of Organizations Have Experienced a Security Breach Due to Their Remote Workforce

Aug 27, 2020 2:07:40 PM By Stu Sjouwerman

Having a remote workforce has been keeping organizations running, but new data puts a spotlight on the realities of what preparations were taken and whether organizations are truly secure.

New Lazarus Spearphishing Attack on Crypto Organizations Uses a LinkedIn Job Posting as its Front

Aug 27, 2020 2:03:45 PM By Stu Sjouwerman

What better way to gain complete control over a crypto organization’s network that to target their sysadmin with a Job Posting and then spear phish them?

The Bureau Explains How Tech Support Scams Work

Aug 27, 2020 8:51:03 AM By Stu Sjouwerman

Tech support scams function like organized businesses and consist of various criminals fulfilling different roles, according to court documents obtained by ZDNet. The documents contain ...

Recent Phishing Scam Sends Uncertain Employment and Bogus Layoff Notices

Aug 26, 2020 8:29:00 AM By Stu Sjouwerman

Scammers have been exploiting people’s fears by posing as HR employees and sending emails informing recipients that they’ve been laid off, according to Kaspersky’s spam and phishing ...

What happens when you type in a URL in an address bar in a browser?

Aug 25, 2020 11:20:38 AM By Stu Sjouwerman

I saw this post on twitter with a fun and educational infographic that shows it's quite a complicated affair where lots of things can go wrong. Here is the infographic, and if you click ...

Watch Out! Cybersecurity and Infrastructure Security Agency Warn of New VBA Attack Designed to Deploy KONNI Remote Administration Tool

Aug 25, 2020 10:42:10 AM By Stu Sjouwerman

A new alert from CISA outlines just how dangerous and intrusive the KONNI malware is in organizations that fall for phishing attacks using Word attachments with malicious VBA code.

New Vishing Attacks Pretend to Be Internal IT to Scam Users from Financial Firms Out of Their Credentials

Aug 25, 2020 10:34:04 AM By Stu Sjouwerman

Dozens of banks, cryptocurrency exchanges, and web hosting firms have experienced vishing attacks aimed at eventually stealing cryptocurrency from high net-worth customers.

[HEADS UP] There's No Beta for Cyberpunk 2077

Aug 25, 2020 8:26:54 AM By Stu Sjouwerman

Scammers are sending phishing emails purporting to offer beta access to the highly anticipated video game Cyberpunk 2077, Eurogamer reports. These scams have been occurring for at least a ...

An Embarrassment of Riches: Malicious Actors Target AWS Accounts

Aug 24, 2020 8:26:26 AM By Eric Howes

Amazon is an obvious target for malicious actors looking to leverage the trust and authority enjoyed by a widely known online service or brand in malicious emails and social engineering ...

Conversations with a Phisher

Aug 24, 2020 8:20:51 AM By Stu Sjouwerman

Phishing campaigns display varying levels of sophistication depending on how much time and effort the attackers are willing to invest in a particular target, according to Steven Murdoch, ...

[Heads Up] DarkSide: Sophisticated New Customized Ransomware Strain Demands Millions Of Dollars

Aug 23, 2020 9:07:16 AM By Stu Sjouwerman

Breaking News: A new ransomware operation named DarkSide began attacking organizations earlier this month with customized attacks that have already earned them million-dollar payouts. But ...

New Vishing Scam Targets Diners at London’s Prestigious Ritz Hotel

Aug 20, 2020 5:23:47 PM By Stu Sjouwerman

Aimed at stealing credit card details from restaurant patrons, this new scam feels like it’s something we’re going to hear about a lot more.

The Most Effective Attacks Are Often the Simplest

Aug 20, 2020 8:26:53 AM By Stu Sjouwerman

The recent Twitter hack shows that devastating security breaches don’t always involve sophisticated actors or methods, according to Rachel Tobac, CEO of SocialProof Security. On the ...

Social Media Doppelgangers Strike Again

Aug 19, 2020 8:27:24 AM By Stu Sjouwerman

Most people would be surprised by how easy it is to scam people online using duplicate versions of public accounts, according to Jake Moore, a security specialist at ESET. Moore describes ...

Phishing Site Takes Brand Impersonation to a Whole New Level Pretending to be FINRA

Aug 18, 2020 4:47:31 PM By Stu Sjouwerman

Most scammers simply grab a company logo, or perhaps a logon page to make it appear like the website used as part of a scam is legitimate. But how about an entire website?

Credential Stuffing Attacks Shut Down Canada's Revenues Service

Aug 18, 2020 12:47:25 PM By Stu Sjouwerman

The Canada Revenue Agency is investigating two online hacking incidents affecting the personal information of thousands of Canadians, according to CBC News.

Security Awareness Training Blog