The Better the Phishing Protection Gets, the More Sophisticated Phishing Attacks Are Getting

Jan 9, 2020 8:34:29 AM By Stu Sjouwerman

Microsoft’s review of how phishing has evolved over the last year highlights some of the great lengths attackers will go to in order to avoid being detected as a phishing campaign.

Scammer Who Tricked Facebook and Google Out of $120 Million Gets 5 Years in Jail

Jan 9, 2020 8:29:01 AM By Stu Sjouwerman

The Lithuanian hacker who ran the most notorious, simplest, and most lucrative email-based social engineering fraud scam has been brought to justice and will be serving time and paying ...

Of Course, Scammers Exploit Fears of Iranian Hacking

Jan 9, 2020 8:23:29 AM By Stu Sjouwerman

A new phishing campaign is attempting to frighten people into handing over their credentials by claiming Microsoft was hacked by Iran, BleepingComputer reports. The campaign is ...

JudicialWatch: "Epidemic of Government Employees Watching Porn on Taxpayer Time"

Jan 9, 2020 7:55:43 AM By Stu Sjouwerman

I'd like to point at a type of security behavior that is enormously risky. Judicial Watch just released a post that's a major heads-up for anyone: "An epidemic of federal employees ...

December Content Update: Includes New Versions of Email Exposure Check Pro and Phishing Security Test Tools

Jan 8, 2020 5:36:43 PM By Stu Sjouwerman

Here are a few important updates to share with you from the month of December.

Smishing Examples & Defenses

Jan 8, 2020 10:04:15 AM By Roger Grimes

Smishing is phishing via Short Message Service (SMS) on a participating device, usually a cell phone. Long neglected by phishers and spammers, smishing has recently become a very common ...

Mobile Threats Shouldn't be Overlooked

Jan 8, 2020 8:31:11 AM By Stu Sjouwerman

Phishing attacks against mobile devices can be just as damaging to an organization as attacks targeting workstations and laptops, according to a market report by Cyber Security Hub. ...

Encryption Isn’t Your Only Ransomware Problem - There Are Some Other Nasty Issues

Jan 7, 2020 12:05:54 PM By Roger Grimes

Ransomware has become one of the most dreaded problems in the cyber world and it’s only getting worse. Much worse!

Phishing Emails on the Rise as Spear Phishing Continues to Return Bigger Payouts

Jan 7, 2020 8:59:42 AM By Stu Sjouwerman

New data from Microsoft Security Insights sheds some needed light on exactly what the bad guys are doing and how they’re shifting tactics. Sometimes it feels like the bad guys are ...

Smishing and Deepfakes Top the List of Cyber Attack Methods Expected in 2020

Jan 7, 2020 8:54:30 AM By Stu Sjouwerman

You want to know what to expect from data breaches, phishing attacks, and other calculated methods in 2020? There’s no better source than Experian’s seventh-annual Data Breach Industry ...

Business Email Compromise Attack Uses a “Man-in-the-Middle” Email Attack to Steal $1M

Jan 7, 2020 8:49:03 AM By Stu Sjouwerman

Dubbed the “ultimate” Man-in-the-Middle attack by security researchers at Checkpoint, this CEO fraud attack shows how brazen cybercriminals can be – and how organizations need to be ...

Ransomware Attacks Step Up their Game and Now Look for NAS Devices

Jan 7, 2020 8:42:09 AM By Stu Sjouwerman

It used to be that ransomware just looked for office files. Then backups became a secondary victim. New data from Kaspersky shows NAS devices are being added as targets.

New TrickBot Malware Attack Leverages Google Drive to Deliver Its Payload and Ensure Infection

Jan 7, 2020 8:37:59 AM By Stu Sjouwerman

New details from Palo Alto Network’s Unit 42 research team show TrickBot rearing its ugly head once again, using legitimate cloud services – and employee greed – as its path to success. ...

Penn State Warns of Spear Phishing Attacks

Jan 7, 2020 8:30:37 AM By Stu Sjouwerman

Penn State is warning its community about a recent spike in phishing attacks targeting the university’s employees. Attackers are sending emails posing as real Penn State employees and ...

Security Generation Gaps

Jan 6, 2020 8:48:51 AM By Stu Sjouwerman

People from different generations tend to approach cybersecurity differently. Organizations should tailor their security programs and phishing tests with this in mind. According to Azeem ...

Announcing A New 8-Minute Training Module - Social Media: Staying Secure in a Connected World

Jan 6, 2020 7:00:00 AM By Stu Sjouwerman

As you probably know, social media is the number one place that attackers can get intel about your organization to make their "hacking of your humans" more effective. We have been hearing ...

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Jan 3, 2020 2:27:46 PM By Stu Sjouwerman

Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. ...

Seven Kinds of Malware, and all Arrive by Social Engineering

Jan 3, 2020 9:25:59 AM By Stu Sjouwerman

Naked Security outlines seven different categories of malware and describes how each of them through social engineering techniques can affect your organization. Some or all of these ...

Global Climate Change Phishbait

Jan 3, 2020 8:54:43 AM By Stu Sjouwerman

A number of phishing campaigns have been using Christmas-themed emails encouraging recipients to support climate activist Greta Thunberg, according to Paul Ducklin at Naked Security. ...

Wawa Data Breach Class Action Filed

Jan 3, 2020 8:48:38 AM By Stu Sjouwerman

There was a massive data breach suffered by Wawa, a convenience store chain of more than 850 stores around the country. Wawa had recently disclosed that it had suffered a data breach that ...

Security Awareness Training Blog