Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

[Heads Up] Five New Ways How Cyber Criminals Commit Insurance Fraud

TransUnion and Iovation predict that the increased use of online platforms to interact with insurance providers will result in new fraud challenges for insurance companies and their ...
Continue Reading

Scam Of The Week: Yahoo Massive Data Breach Settlement Phishing Attacks

Yahoo is close to reaching a $117.5 million settlement in a class-action lawsuit over a series of data breaches that affected users between 2012 and 2016 — and your employees are ...
Continue Reading

Chinese Hackers Target Airbus Suppliers in Quest for Commercial Secrets

European aerospace giant Airbus has been hit by a series of attacks by hackers targeting its suppliers in search of commercial secrets, sources told AFP, adding they suspected a Chinese ...
Continue Reading

Russian Secret Weapon Against U.S. 2020 Election Revealed In New Cyberwarfare Report

You may have sensed this, but you need to confront the fact the Planet Earth is an anarchy of nations. The UN is ineffective and thoroughly corrupt. A few good things have come out of it, ...
Continue Reading

Social Engineering via the US Mail

 
Continue Reading

[Heads Up] What If The World's Largest Cyber Insurers Recommended Just *One* Security Awareness Training Platform As The Most Effective In Reducing Cyber Risk?

Well, that just happened. Today, September 25th 2019, Marsh, the world’s leading insurance broker and risk adviser, announced the inaugural class of cybersecurity solutions receiving a ...
Continue Reading

KnowBe4 2019 Security Threats and Trends Report – October 2019

Executive Summary The yearly, independent, KnowBe4 2019 Security Threats and Trends Survey polled 600 organizations worldwide mid-2019 on the major security issues they will face in the ...
Continue Reading

Don't Let Your Users Download Malicious Chrome Extensions

Here's a relatively "innocent" example of this risk. The ‘AdBlock’ and ‘uBlock’ look just like legitimate Chrome extensions but instead engage in cookie stuffing to defraud affiliate ...
Continue Reading

Less Than a Third of Small Businesses Deliver Annual Cybersecurity Training

Only 31% of employees receive annual cybersecurity training, Chubb’s Third Annual Cyber Report has found. According to Small Business Trends, the report shows that employees’ perception ...
Continue Reading

Disgusting Fake Employment Site Targets Veterans And Installs Remote Access Trojan

Just when you think they could not sink any lower, you see something like this. A fake website pretending to be an organization that offers job opportunities for U.S. veterans is ...
Continue Reading

A Short, Very Useful Guide to Social Engineering

Knowing how to identify indicators of social engineering can alert you when someone tries to manipulate you, according to Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist. In an ...
Continue Reading

No, Really, They're Just Not That Into You

There are numerous ways to check the authenticity of someone on a dating site so you don’t fall for a romance scam, according to HackRead. You should always be cautious when interacting ...
Continue Reading

The Emotet Trojan Botnet is Back in Business

The Emotet botnet is up and running again after four months of inactivity, according to Ars Technica. Multiple security firms have reported seeing phishing emails delivering the malware ...
Continue Reading

Massive phishing wave of account hijacks hits YouTube creators

Over the past few days, a massive wave of account hijacks has hit YouTube users, and especially creators in the auto-tuning and car review community, a ZDNet investigation discovered ...
Continue Reading

PDF Phishing Attacks Using Microsoft OneDrive Surge Nearly 200%

Scammers use a mixture of familiar brand, unsuspecting users, legitimate document types and locations, and credential harvesting in this attack aimed at getting into your Office 365.
Continue Reading

Amazon Phishing Scam in Progress

HackRead has come across a phishing scam that’s trying to trick Amazon customers into handing over their account credentials, personal information, and financial details. The phishing ...
Continue Reading

The U.S. Cybersecurity and Infrastructure Security Agency Lays Out Strategic Vision and Priorities in the Wake of Texas Ransomware Attacks.

This new document, entitled Strategic Intent highlights ways to “defend today, secure tomorrow” and comes out as the CISA director admits that ransomware is “only getting worse.”
Continue Reading

Microsoft Remains the Most Impersonated Brand in Phishing Attacks, with Facebook Phishing Surging

For the fifth quarter in a row, Microsoft is the favorite domain of choice for scammers using phishing attacks to lure their victims into clicking on malicious content.
Continue Reading

18 Months, 61 Billion Credential-Stuffing Attacks

Akamai observed 61 billion credential stuffing attacks between January 2018 and June 2019, according to Computer Business Review. In a new report on Internet security, Akamai researchers ...
Continue Reading

Oklahoma Pension Fund Robbed of $4.2 million via Compromised Email

Attackers stole millions of dollars from Oklahoma’s pension fund for retired law enforcement officers, the Oklahoman reports. The Oklahoma Law Enforcement Retirement System (OLERS) said ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews