Tribune Publishing apologizes for fake bonus offer in phishing-simulation email

Sep 24, 2020 10:29:04 AM By Stu Sjouwerman

Yesterday at the end of the day, I was called by our PR team who got alerted by tech support about a Twitter post that was going viral. Turns out a custom phishing test created by one of ...

How to Become a Harder Target From Malicious Threat Actors

Sep 16, 2020 8:30:35 AM By Stu Sjouwerman

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding threat actors associated with China’s Ministry of State ...

High-Profile Caper Spawns Phishing Campaign

Sep 15, 2020 8:31:04 AM By Stu Sjouwerman

A phishing campaign is using the recent Twitter hack as phishbait, HackRead reports. In mid-July, hackers used social engineering against Twitter employees to gain access to more than a ...

Funds Transfer Fraud Has Increased 35% Since the Onset of COVID-19

Sep 14, 2020 10:49:30 AM By Stu Sjouwerman

With reported losses from thousands of dollars to well over $1 million, funds transfer fraud represents 27% of cyber insurance claims in 2020.

Extradited Member of a U.K. Scammer Highlights How His Gang Took Banks for $2 Million

Sep 8, 2020 1:45:28 PM By Stu Sjouwerman

Details on how this global gang of cybercriminals used spoofing and impersonation methods to social engineer banks time and time again shows how effective these tactics are.

The New Version of Qbot Trojan Steals Damn Near Everything, Hijacks Email Threads to Spread Infection

Sep 8, 2020 7:01:00 AM By Stu Sjouwerman

Originally seen all the way back in 2008, this banking trojan is continuously being developed. Its latest iteration is downright nasty and has already infected 5% of all organizations ...

[Heads Up] My Name Is Being Used In Criminal Identity Theft Attacks At The Moment

Sep 5, 2020 11:07:10 AM By Stu Sjouwerman

There is an old Dutch expression: "High trees catch a lot of wind". Well. once you get in the public eye there is definitely the effect you become a bigger target of identity theft. In ...

Threat Group DeathStalker Uses PowerShell-based Implant Powersing to Hack into Financial Services Firms

Sep 2, 2020 8:23:15 AM By Stu Sjouwerman

Apparently focused on more intelligence gathering than taking direct malicious action against the organizations they compromise, this attack is filled with ingenuity.

The Heart has Its Reasons, but Those Shouldn't Become an Enterprise Risk

Sep 1, 2020 8:26:15 AM By Stu Sjouwerman

The FBI has warned that victims of romance scams lost $475 million in 2019, BleepingComputer reports. In Idaho alone, nearly one hundred of these victims lost more than $1 million each. ...

The Bureau Explains How Tech Support Scams Work

Aug 27, 2020 8:51:03 AM By Stu Sjouwerman

Tech support scams function like organized businesses and consist of various criminals fulfilling different roles, according to court documents obtained by ZDNet. The documents contain ...

Watch Out! Cybersecurity and Infrastructure Security Agency Warn of New VBA Attack Designed to Deploy KONNI Remote Administration Tool

Aug 25, 2020 10:42:10 AM By Stu Sjouwerman

A new alert from CISA outlines just how dangerous and intrusive the KONNI malware is in organizations that fall for phishing attacks using Word attachments with malicious VBA code.

[Heads Up] Weaponized Disinformation Campaigns Skyrocket; KnowBe4 Releases New Spot & Stop DisInfo Training Module

Aug 25, 2020 10:40:29 AM By Stu Sjouwerman

Disinformation is a potent weapon in the current cold cyberwar arsenal. DisInfo attacks are skyrocketing and the number of countries using organized social media manipulation is going up ...

An Embarrassment of Riches: Malicious Actors Target AWS Accounts

Aug 24, 2020 8:26:26 AM By Eric Howes

Amazon is an obvious target for malicious actors looking to leverage the trust and authority enjoyed by a widely known online service or brand in malicious emails and social engineering ...

New Vishing Scam Targets Diners at London’s Prestigious Ritz Hotel

Aug 20, 2020 5:23:47 PM By Stu Sjouwerman

Aimed at stealing credit card details from restaurant patrons, this new scam feels like it’s something we’re going to hear about a lot more.

The Most Effective Attacks Are Often the Simplest

Aug 20, 2020 8:26:53 AM By Stu Sjouwerman

The recent Twitter hack shows that devastating security breaches don’t always involve sophisticated actors or methods, according to Rachel Tobac, CEO of SocialProof Security. On the ...

Having a Wonderful Time, Wish Your Data Were Here

Aug 13, 2020 11:30:11 AM By Stu Sjouwerman

The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued an alert warning that someone is impersonating the OCR and sending fraudulent postcards to ...

Phishing Golden Hour

Aug 12, 2020 6:08:44 PM By Roger Grimes

In emergency healthcare settings, the “golden hour” is the time between when a patient suffering a life threatening event (e.g., heart attack, stroke, aneurysm, etc.) is most likely to ...

My lazy Sunday afternoon was interrupted...

Aug 12, 2020 5:19:33 PM By Stu Sjouwerman

My lazy Sunday afternoon was interrupted with what appeared to be a prank, a social engineering attempt, or something else that remains to be identified.

Leaked U.S.-UK Trade Documents Show How Devastating Compromised Email Can Be

Aug 6, 2020 4:15:57 PM By Stu Sjouwerman

An ongoing criminal investigation highlights how classified documents stolen by Russian hackers from former U.K. trade minister Liam Fox may have been used to impact the British 2019 ...

The Importance of Identifying and Focusing on the Malicious Behavior

Aug 6, 2020 8:31:49 AM By Stu Sjouwerman

Identifying malicious behavior is a more effective long-term strategy than trying to block individual malicious actors, according to Johnathan Hunt, Vice President of Security at GitLab. ...

Security Awareness Training Blog

Social Engineering Blog

View Topics

Tribune Publishing apologizes for fake bonus offer in phishing-simulation email

How to Become a Harder Target From Malicious Threat Actors

High-Profile Caper Spawns Phishing Campaign

Funds Transfer Fraud Has Increased 35% Since the Onset of COVID-19

Extradited Member of a U.K. Scammer Highlights How His Gang Took Banks for $2 Million

The New Version of Qbot Trojan Steals Damn Near Everything, Hijacks Email Threads to Spread Infection

[Heads Up] My Name Is Being Used In Criminal Identity Theft Attacks At The Moment

Threat Group DeathStalker Uses PowerShell-based Implant Powersing to Hack into Financial Services Firms

The Heart has Its Reasons, but Those Shouldn't Become an Enterprise Risk

The Bureau Explains How Tech Support Scams Work

Watch Out! Cybersecurity and Infrastructure Security Agency Warn of New VBA Attack Designed to Deploy KONNI Remote Administration Tool

[Heads Up] Weaponized Disinformation Campaigns Skyrocket; KnowBe4 Releases New Spot & Stop DisInfo Training Module

An Embarrassment of Riches: Malicious Actors Target AWS Accounts

New Vishing Scam Targets Diners at London’s Prestigious Ritz Hotel

The Most Effective Attacks Are Often the Simplest

Having a Wonderful Time, Wish Your Data Were Here

Phishing Golden Hour

My lazy Sunday afternoon was interrupted...

Leaked U.S.-UK Trade Documents Show How Devastating Compromised Email Can Be

The Importance of Identifying and Focusing on the Malicious Behavior

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search