Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

View Topics

Identity Deception-Based Phishing Attacks Show an Increase in Impersonating Individuals

Dec 4, 2019 6:45:59 AM By Stu Sjouwerman
The use of impersonating a person or brand as part of an attack in on the rise, giving attackers the upper hand, establishing instant credibility and lowering the defenses of the ...
Continue Reading

Phishing for Gamers Uses A Fake Skin Giveaway

Dec 4, 2019 6:42:02 AM By Stu Sjouwerman
BleepingComputer warns that a fake Steam skin giveaway site is stealing users’ Steam credentials. The site appears to be running a 26-day promotion giving away free skins for ...
Continue Reading

Insecure Database Exposes Millions of Private SMS Messages

Dec 3, 2019 7:00:00 AM By Stu Sjouwerman
Researchers discovered an unprotected TrueDialog database hosted by Microsoft Azure with diverse and business-related data from tens of millions of users.
Continue Reading

Netflix "Account Freeze" Phishing Campaign In The Wild

Dec 3, 2019 6:26:54 AM By Stu Sjouwerman
A Netflix phishing scam is going after users’ payment information and Netflix credentials, according to Naked Security. The phishing emails inform recipients that they’ve missed a payment ...
Continue Reading

Pervasive Ransomware Infection Cost German Software Company Pilz Tens Of Millions Of Euros

Dec 2, 2019 2:43:30 PM By Stu Sjouwerman
A pervasive ransomware infection cost the German automation company Pilz an estimated tens of millions of euros, says Jan Tournois, director of the Dutch department of the multinational.
Continue Reading

You Can’t Always Trust a Dot-Gov Domain

Dec 2, 2019 7:12:15 AM By Stu Sjouwerman
It may be easier than one thinks to register a dot-gov domain, according to KrebsOnSecurity. People have tended to regard urls with the top-level domain dot gov as generally reliable, but ...
Continue Reading

Business Email Compromise Topples Over $26 Billion in Losses

Dec 2, 2019 7:00:00 AM By Stu Sjouwerman
This lucrative business of tricking companies into fraudulently transferring funds into cybercriminal-owned bank accounts is showing signs of growing. Scammers use many forms of attack to ...
Continue Reading

Global Utilities See Cyberattacks as Greater Threat to Operations than IT with Half Experiencing Outages

Dec 2, 2019 7:00:00 AM By Stu Sjouwerman
Global industrial organizations are seeing and feeling the effects of cyberattacks, recognizing the material impact potential upon operations.
Continue Reading

Over Half of SMBs Experience Phishing and Social Engineering Attacks

Dec 2, 2019 7:00:00 AM By Stu Sjouwerman
The assertion that SMBs aren’t a cyber-target is officially dead. SMBs are victims of the very same attacks as enterprises in growing numbers, according to new research.
Continue Reading

Insurers Get Serious About Social Engineering Attacks Citing a Lack of Awareness as the Problem

Dec 2, 2019 7:00:00 AM By Stu Sjouwerman
With specific endorsements to protect against social engineering scams, insurers are realizing where the true risk lies in cyberattacks and make recommendations of how to mitigate it.
Continue Reading

Merchant fined for failing to train employees — Former NYDFS Superintendent Vullo Talks About Cybersecurity Regs

Nov 30, 2019 1:09:56 PM By Stu Sjouwerman
Mark Harrop, Director of Communications, Corporates at Thomson Reuters made me aware of a very interesting interview with Maria Vullo, the former Superintendent of New York’s Department ...
Continue Reading

‘Professional’ ransomware gang targets 1,800 large organizations worldwide, Dutch investigators find

Nov 30, 2019 12:40:01 PM By Stu Sjouwerman
Filip Truta at Bitdefender blogged: "A confidential report from the Netherlands’ National Cyber Security Center warns that ransomware operators are targeting at least 1,800 large ...
Continue Reading

Phishing scams on the up in the Netherlands

Nov 30, 2019 12:30:08 PM By Stu Sjouwerman
Mina Solanki, an expat in Holland wrote: "After years of declining, phishing is on the up. In 2018, the (monetary) damage caused by it had almost quadrupled compared to previous years. ...
Continue Reading

Singapore government must realise human error also a security breach

Nov 30, 2019 12:24:04 PM By Stu Sjouwerman
Eileen Yu, for By The Way at ZDNet wrote: "A recent data breach has highlighted a need for the Singapore government to realise human errors are cybersecurity risks that need to be ...
Continue Reading

The Top Lesson From The Recent Louisiana 2,000-server Ransomware Infection: "User Education, User Education, User Education"

Nov 29, 2019 11:57:37 AM By Stu Sjouwerman
Louisiana suffered a ransomware attack last week that took down more than two thousand of the state’s computers and servers. The ransomware apparently entered the network after a user ...
Continue Reading

Google Sent 12K Nation-State Phishing Warnings In Three Months

Nov 27, 2019 6:54:24 AM By Stu Sjouwerman
Google's Threat Analysis Group (TAG) delivered thousands of alerts of government-backed attempts to spearphish gmail users over just a three-month period earlier this year, they reported.
Continue Reading

A Look at Cryptocoin Scams

Nov 27, 2019 6:28:07 AM By Stu Sjouwerman
Scammers are taking advantage of the allure of new cryptocurrencies to trick people who want to get in early on the next Bitcoin, according to Naked Security. Criminals set up Initial ...
Continue Reading

The Bank of Hawaii early alert of scam phone calls spoofing caller ID

Nov 26, 2019 5:52:14 AM By Stu Sjouwerman
In an early-alert sign, The Bank of Hawaii is warning of a spate of scam phone calls that are spoofing the caller ID of the bank’s real call center, the Honolulu Star-Advertiser reports. ...
Continue Reading

Phishing Simulations Should be Educational, not Punitive

Nov 25, 2019 10:46:55 AM By Stu Sjouwerman
Phishing training programs need to be focused on educating employees rather than on shaming them, according to David Spark and Allan Alford, co-hosts of the Defense in Depth podcast. On ...
Continue Reading

They Know If You've Been Bad or Good...

Nov 25, 2019 10:39:53 AM By Eric Howes
Like most of the rest of us, malicious actors the world over love the holidays. It's a prime season to run social engineering schemes on users who are already of a mind to open their ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews