Microsoft Takes the Lead in Q4 2023 for Alarming Phishing Attempts

Jan 11, 2024 1:46:12 PM By Stu Sjouwerman

Microsoft was the most impersonated brand last quarter, accounting for a third (33%) of all brand phishing attempts in October, November, and December 2023, according to Check Point’s ...

FTC Issues Warning About the Dangers of QR Code-Based Scams

Jan 11, 2024 1:45:50 PM By Stu Sjouwerman

The latest consumer alert posted by the federal trade commission (FTC) signals that the upticks in QR code-based scams are being seen by cybersecurity vendors are indeed a valid growing ...

Beyond the Scams: Unraveling the Dark Tactics of Real-World Kidnapping Scams and Virtual Extortion

Jan 10, 2024 2:53:03 PM By Roger Grimes

The world can be a scary and dangerous place. Its unethical scammers have no problem doing almost anything to make a buck, but sometimes, their plots seem to be extra messed up.

Pikabot Malware Spreading Through Phishing Campaigns

Jan 10, 2024 2:52:40 PM By Stu Sjouwerman

Researchers at Trend Micro warn that a threat actor known as “Water Curupira” is distributing the Pikabot malware loader via widespread phishing campaigns.

Cybercriminals Celebrate the Holidays with Dark Web Data Dumps, Dubbed “Leaksmas”

Jan 9, 2024 2:22:18 PM By Stu Sjouwerman

Millions of data records and GBs of data from organizations around the globe were made freely available to cybercriminals to coincide with dates around Christmas of 2023.

Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For

Jan 9, 2024 9:24:06 AM By Stu Sjouwerman

Verizon has published an article outlining various forms of social engineering attacks, including SMS/text messaging phishing (smishing), voice phishing (vishing), and spear phishing ...

FBI Releases Blackcat Ransomware Decryption Tool to Victims, Disrupting Attacks

Jan 8, 2024 12:45:41 PM By Stu Sjouwerman

For the first time ever, the U.S. Justice Department announced the existence of an FBI-developed decryption tool that has been used to save hundreds of victim organizations attacked by ...

Black Basta Ransomware Decryptor Released to Help Some Victims

Jan 5, 2024 1:19:14 PM By Stu Sjouwerman

A flaw found by security researchers in the encryption software allows victim organizations to use “Black Basta Buster” to recover some of their data – but there’s a catch.

Phishing Reigns as the Most Likely and Most Feared Cyber Attack

Jan 5, 2024 9:00:05 AM By Stu Sjouwerman

With over half of organizations being the victim of password-based attacks in the last year, new data sheds light on the risk of phishing attacks and the use of password-based credentials.

[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoach

Jan 5, 2024 8:00:00 AM By Stu Sjouwerman

Do you need an easy, automated way to provide real-time feedback the moment your users make risky mistakes to help reinforce the training campaigns you manage today?

AI-Powered Invoice Fraud: How This Latest Scam Hijacks Your Business Transactions

Jan 4, 2024 9:01:32 AM By Stu Sjouwerman

Resecurity is tracking a cybercriminal gang called “GXC Team” that develops and sells tools to facilitate online banking theft and social engineering attacks.

Lockbit 3.0 Ransomware Disrupts Emergency Care at Multiple German Hospitals

Jan 3, 2024 10:57:52 AM By Stu Sjouwerman

Hitting three hospitals within a Germany-based hospital network, the extent of the damage in this confirmed ransomware attack remains undetermined but has stopped parts of operations.

New Research: Phishing Attacks Stole $295 Million In Crypto In 2023

Jan 3, 2024 8:12:02 AM By Stu Sjouwerman

Researchers at Scam Sniffers have found that phishing attacks stole nearly $295 million worth of cryptocurrency from 324,000 victims in 2023, CryptoSlate reports. The cryptocurrency is ...

New Remote “Job” Scam Tells Victims They'll Get Paid For Liking YouTube Videos

Dec 19, 2023 11:23:07 AM By Stu Sjouwerman

Researchers at Bitdefender warn that scammers are tricking victims with fake remote job opportunities. In this case, the scammers tell victims that they’ll get paid for liking YouTube ...

Holiday Scams Include Thousands of Impersonation Phishing Domains per Brand

Dec 19, 2023 11:23:04 AM By Stu Sjouwerman

Midstride in this year’s holiday shopping, it’s important to realize just how many websites exist that impersonate legitimate online retailers. More importantly, your users need to know ...

Unique Malware Used in Cyber Attacks Increases by 70% in Just One Quarter

Dec 18, 2023 11:56:48 AM By Stu Sjouwerman

As more cybercriminal gangs continue to enter the game, the massive increase in unique types of malware means it will become increasingly difficult to identify and stop attacks.

[IRS Alert] Three Tips To Protect Against Tax Season Refund Scams

Dec 15, 2023 11:25:00 AM By Stu Sjouwerman

Urging taxpayers and tax professionals to be vigilant, the Internal Revenue Service (IRS) provides some simple guidance on how to spot new scams aimed at being able to file fake tax ...

Brand New BazarCall Phishing Campaign Abuses Google Forms

Dec 14, 2023 1:14:18 PM By Stu Sjouwerman

A new BazarCall phishing campaign is using Google Forms to send phony invoices, according to researchers at Abnormal Security.

As the Holiday Season Ramps Up, So Do Scams Impersonating the U.S. Postal Service

Dec 14, 2023 1:14:04 PM By Stu Sjouwerman

Taking traditional “delayed package” scams up a notch, new phishing and smishing attack campaigns are leveraging freemium DNS services to avoid detection by security solutions.

Phishing Is Still the No. 1 Attack Vector, With Huge 144% Malicious URL Spike

Dec 13, 2023 12:26:16 PM By Stu Sjouwerman

Analysis of nearly a year’s worth of emails brings insight into exactly what kinds of malicious content are being used, who’s being impersonated, and who’s being targeted.

Security Awareness Training Blog

View Topics