North Korean Threat Actor Targeting Cybersecurity Researchers With Spear Phishing Attacks

Jan 24, 2024 8:20:21 AM By Stu Sjouwerman

A suspected North Korean state-sponsored threat actor called “ScarCruft” is launching spear phishing attacks against cybersecurity professionals, according to researchers at SentinelOne.

Facebook Phishing Scams Target Concerned Friends and Family

Jan 22, 2024 2:06:13 PM By Stu Sjouwerman

BleepingComputer describes a phishing scam that’s been running rampant on Facebook for the past several months, in which threat actors use hacked accounts to post links to phony articles ...

Russian State-Sponsored Threat Actor Targets High Profile Individuals in Phishing Campaign

Jan 22, 2024 2:00:15 PM By Stu Sjouwerman

The Russian state-sponsored threat actor “COLDRIVER” is launching phishing campaigns against “high profile individuals in NGOs, former intelligence and military officers, and NATO ...

Facebook Work-From-Home “Job” Posting Scam Goes the Extra Mile to Trick Victims

Jan 19, 2024 12:50:46 PM By Stu Sjouwerman

A new job posting scam found by IT security company Qualysys is focused on capturing victim’s identity details, accessing victim’s Facebook accounts, and committing fraud. In this new ...

More Than Half of Data Breaches in the U.K.’s Legal Sector are Due to Insider Error

Jan 18, 2024 2:32:22 PM By Stu Sjouwerman

A new analysis of data breaches in the United Kingdom's legal sector shows that organizations need to be looking inward more and look for ways to elevate the security awareness of ...

Scammers Target Owners of Missing Pets

Jan 18, 2024 9:33:32 AM By Stu Sjouwerman

Some particularly cold-hearted scammers are targeting users of lost pet forums with phony ransom demands, the BBC reports.

‘Swatting’ Becomes the Latest Extortion Tactic in Ransomware Attacks

Jan 18, 2024 8:38:31 AM By Stu Sjouwerman

Rather than stick to traditional ransomware extortion methods that revolve around the attack itself, a new form of extortion known as Swatting puts the focus on the victim organization’s ...

Ninety-Four Percent of Organizations Sustained Phishing Attacks Last Year

Jan 18, 2024 8:18:57 AM By Stu Sjouwerman

A survey by Egress has found that 94% of organizations were hit by phishing attacks in 2023, Infosecurity Magazine reports. Additionally, 91% of firms experienced data loss and ...

Malicious APKs Drain Bank Accounts

Jan 16, 2024 2:00:08 PM By Stu Sjouwerman

A phishing campaign is targeting Chinese users in an attempt to distribute malicious apps, according to researchers at Palo Alto Networks’s Unit 42.

Cryptocurrency Drainer Distributed Through Phishing

Jan 16, 2024 1:59:42 PM By Stu Sjouwerman

Mandiant has published a report on “CLINKSINK,” a cryptocurrency Drainer-as-a-Service (DaaS) that’s targeting users of the Solana currency.

LinkedIn is Being Used for Dating – It’s a Recipe for Disaster

Jan 16, 2024 10:20:50 AM By Stu Sjouwerman

A new article explains how business professionals are beginning to be not-so-professional and seeking to make personal connections. It’s only a matter of time before cybercriminals jump ...

Analysis of Phishing Emails Shows High Likelihood They Were Written By AI

Jan 15, 2024 10:28:06 AM By Stu Sjouwerman

It’s no longer theoretical; phishing attacks and email scams are leveraging AI-generated content based on testing with anti-AI content solutions.

Women CyberSecurity Society Targeted by Smishing Campaign

Jan 15, 2024 8:23:44 AM By Stu Sjouwerman

The Canada-based Women CyberSecurity Society (WCS2) has warned that its leadership, members, and volunteers are being targeted by an SMS phishing (smishing) campaign, IT World Canada ...

Three-Quarters of Organizations Have Experienced Phishing Attack in the Last 12 Months

Jan 15, 2024 8:23:41 AM By Stu Sjouwerman

Regardless of whether your environment remains on-premise, resides in the cloud, or is a hybrid configuration, new data makes it clear that your biggest risk is phishing attacks.

Microsoft Takes the Lead in Q4 2023 for Alarming Phishing Attempts

Jan 11, 2024 1:46:12 PM By Stu Sjouwerman

Microsoft was the most impersonated brand last quarter, accounting for a third (33%) of all brand phishing attempts in October, November, and December 2023, according to Check Point’s ...

FTC Issues Warning About the Dangers of QR Code-Based Scams

Jan 11, 2024 1:45:50 PM By Stu Sjouwerman

The latest consumer alert posted by the federal trade commission (FTC) signals that the upticks in QR code-based scams are being seen by cybersecurity vendors are indeed a valid growing ...

Beyond the Scams: Unraveling the Dark Tactics of Real-World Kidnapping Scams and Virtual Extortion

Jan 10, 2024 2:53:03 PM By Roger Grimes

The world can be a scary and dangerous place. Its unethical scammers have no problem doing almost anything to make a buck, but sometimes, their plots seem to be extra messed up.

Pikabot Malware Spreading Through Phishing Campaigns

Jan 10, 2024 2:52:40 PM By Stu Sjouwerman

Researchers at Trend Micro warn that a threat actor known as “Water Curupira” is distributing the Pikabot malware loader via widespread phishing campaigns.

Cybercriminals Celebrate the Holidays with Dark Web Data Dumps, Dubbed “Leaksmas”

Jan 9, 2024 2:22:18 PM By Stu Sjouwerman

Millions of data records and GBs of data from organizations around the globe were made freely available to cybercriminals to coincide with dates around Christmas of 2023.

Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For

Jan 9, 2024 9:24:06 AM By Stu Sjouwerman

Verizon has published an article outlining various forms of social engineering attacks, including SMS/text messaging phishing (smishing), voice phishing (vishing), and spear phishing ...

Security Awareness Training Blog

View Topics