Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

More Companies Start Reporting Their Ransomware Infections As The Expensive Data Breaches They Are

Larry Abrams at Bleepingcomputer correctly observed: "Corporate victims are finally starting to realize that ransomware attacks are data breaches and have begun to notify employees and ...
Continue Reading

Microsoft 365 Phishing Attacks Masterfully Use Brand Name Sites to Establish Legitimacy

New voicemail phishing scam uses legitimate branded domains from companies like Samsung and Adobe to facilitate redirects to compromised websites intent on stealing credentials.
Continue Reading

June Content Update: Including New Roger Grimes Video Series on Data-Driven Defense

Here are a few important content updates to share with you for the month of June.
Continue Reading

Looking for Binge-Worthy Viewing Options This Summer?

Looking for some binge-worthy watching this summer? We've got just what you're looking for! Check out this innovative new security awareness video series called ‘The Inside Man’.
Continue Reading

Elections In Russia Mean 16 More Years Of Job Security For InfoSec Pros

Russian voters have overwhelmingly backed a ploy by President Vladimir Putin to rule until 2036 in a referendum. 
Continue Reading

See Ridiculously Easy Security Awareness Training and Phishing

Join us for a live demo on Security Awareness Training and phishing in action!
Continue Reading

A "Secure DNS" Scam: an Upgrade that's a Downgrade

A phishing campaign is targeting website owners with convincing, personalized emails that purport to come from WordPress, Naked Security reports. The emails claim that WordPress is ...
Continue Reading

COVID-19 Related Phishing Scams Target Passport Details

The Coronavirus phishing scams have only gotten more aggressive and targeted now than ever before, InfoSecurity Magazine reports. Now researchers at Griffin Law are tracking self-employed ...
Continue Reading

Australia Spending Nearly $1 Billion on Cyberdefense as China Tensions Rise

The NY Times reported some surprising numbers: "Officials promised to recruit at least 500 cyberspies and build on the country’s offensive capabilities to take the online battle overseas. ...
Continue Reading

Phishing in Irish Streams

Netflix is warning users in Ireland to be on the lookout for another phishing campaign that’s impersonating the streaming service, Extra.ie reports. The emails inform recipients that ...
Continue Reading

60% of Organizations are Hit by Cyberattacks Spread by Their Own Employees

The unwitting participant appears to be alive and well, based on new data from security vendor Mimecast. With employees being the source of attack surface expansion, what’s an org to do?
Continue Reading

New Sextortion Method Uses Social Engineering and Doxing To Identify and Target Victims

According to the SANS Internet Storm Center, cybercriminals are engaging their victims online, using social engineering tactics to collect needed details to extort money.
Continue Reading

New Dropbox-Based Pandemic Relief Payment Scam Targets U.K. Microsoft 365 Users, Bypassing Email Security

Using a Dropbox Transfer page, this new scam presses all the urgency buttons while eluding detection as being malicious in an effort to steal the victim’s online credentials.
Continue Reading

Hit Them When They're Down: Two Cyberattacks Leave Operations Halted with a Ransom to Pay

A recent cyberattack on Australian beverage manufacturer Lion demonstrates how even a modicum of precaution after an attack can spell doom for operations.
Continue Reading

One Letter Away: Impersonation, Bitcoin, and Phishing Expeditions

KrebsOnSecurity reports that a phishing website has been impersonating the private messaging service Privnote.com in order to steal Bitcoin. The real Privnote is a free site that allows ...
Continue Reading

Phishing Attacks Significantly Increase in Singapore During COVID-19 Pandemic

The number of phishing attacks in Singapore to give up personal information has almost tripled in the last year and doubled during the COVID-19 pandemic, according to the Cybersecurity ...
Continue Reading

Work From Home in America Sets Major Target for Russian Hackers

A Russian ransomware group named "Evil Corp" who was indicted by the Justice Department in December is now targeting employees working from home during the COVID-19 pandemic and ...
Continue Reading

New Training Modules Added on Data-Driven Defense

We have exciting news to share! Two new modules have been released about data-driven defense, both featuring Data-Driven Evangelist Roger Grimes.
Continue Reading

Survey Says...You've Been Pwned

Surveys are enticing, and so are survey scams. But they’re easy to recognize if you know what to look for, according to Paul Ducklin at Naked Security. Ducklin describes a typical survey ...
Continue Reading

‘New VPN Configuration’ Email Tricks Microsoft 365 Users Out of Credentials

Scammers are taking advantage of the prominent use of VPNs by remote workforces to send out this very topically relevant phishing email that just wants to steal your credentials.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews