Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

POTRAZ Warns of Phishing Scams

Mar 3, 2021 9:42:20 AM By Stu Sjouwerman
The Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) has issued a warning regarding an increase in email and SMS phishing attacks, the Chronicle reports. Dr. Gift ...
Continue Reading

[HEADS UP] New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

Mar 1, 2021 10:39:15 AM By Stu Sjouwerman
The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no ...
Continue Reading

New York State Education Department Warns of Phishing Campaign

Mar 1, 2021 9:55:30 AM By Stu Sjouwerman
The New York State Education Department (NYSED) released an advisory warning that scammers are impersonating its employees in an attempt to steal social security numbers and money. The ...
Continue Reading

Bogus FedEx and DHL Phishbait

Feb 24, 2021 8:29:14 AM By Stu Sjouwerman
Researchers at Armorblox describe an ongoing phishing campaign that’s using phony FedEx and DHL shipping notifications as phishing lures.
Continue Reading

Running Headfirst Into a Breach

Feb 23, 2021 2:00:35 PM By Javvad Malik
The pandemic changed the fortunes of many organisations. Perhaps none so much as Zoom, which has found itself becoming a noun synonymous with any form of video call.
Continue Reading

More NHS-Themed COVID-19 Vaccine Phishing

Feb 23, 2021 8:21:48 AM By Stu Sjouwerman
A phishing campaign spoofing the UK’s National Health Service has surged its output, Infosecurity Magazine reports. Researchers at Mimecast warn that the attackers behind the campaign are ...
Continue Reading

[HEADS UP] Texas Electric Company Warns of Scam Involving Losing Power

Feb 22, 2021 4:31:15 PM By Stu Sjouwerman
With the recent weather crisis in Texas, victims are afraid their power could be cut off. One electric utility company in Texas warns of scams that are threatening customers that their ...
Continue Reading

The First Documented Russian Hack in...1981?

Feb 22, 2021 3:45:54 PM By Stu Sjouwerman
I'm reading "Active Measures: The Secret History of Disinformation and Political Warfare" by Thomas Rid and wanted to share this story with you which was new to me! It's warmly ...
Continue Reading

Be on the Watch for W-2 Phishing Scams!

Feb 19, 2021 1:20:58 PM By Stu Sjouwerman
With tax season just around the corner, this simple, yet effective social engineering theme is perfect to get users to respond to phishing attacks exactly the way the bad guys want.
Continue Reading

The Cybersecurity Book You Should Read

Feb 18, 2021 2:00:57 PM By Stu Sjouwerman
Recently Cyber Defense Magazine released the top 100 cybersecurity books and the top recommended book is one of our Top Faves as well.
Continue Reading

KnowBe4 Adds New Language Localization Options to its Security Awareness Training and Simulated Phishing Platform

Feb 18, 2021 10:00:00 AM By Stu Sjouwerman
We are excited to announce the availability of KnowBe4’s new localization options for the Admin Console and Learner Experience. You can now set your default language for three ...
Continue Reading

Phishing and Impersonated Brands

Feb 16, 2021 8:24:13 AM By Stu Sjouwerman
Microsoft is still the most impersonated brand for phishing campaigns, according to researchers at Vade Secure. The security firm spotted 30,621 unique Microsoft-related phishing URLs in ...
Continue Reading

New Novel Campaign Targeting Security Researchers Uses Really Creative Social Engineering to Fool Victims

Feb 12, 2021 4:32:29 PM By Stu Sjouwerman
Pretending to be security researchers themselves, this group of cybercriminals went to great lengths to make sure legitimate security researchers would fall for the attack.
Continue Reading

[Scary?] AI Can Now Learn To Manipulate Human Behavior

Feb 12, 2021 10:28:21 AM By Stu Sjouwerman
The Conversation just published something I have been worried about for a while now. Scary? Could be getting that way sometime soon.  They said: "Artificial intelligence (AI) is learning ...
Continue Reading

[New E-Book] Comprehensive Anti-Phishing Guide

Feb 12, 2021 8:45:42 AM By Stu Sjouwerman
Spear phishing emails remain a top attack vector for the bad guys, yet most companies still don’t have an effective strategy to stop them.
Continue Reading

It’s Not Only About the URL

Feb 11, 2021 3:01:41 PM By Roger Grimes
You have to look at the totality of an email to determine whether it is a phishing attack or not.
Continue Reading

[HEADS UP] NHS Issues Warning as UK COVID-19 Vaccine Scams Are Still Running Rampant

Feb 11, 2021 11:08:05 AM By Stu Sjouwerman
The National Health Service (NHS) in the UK recently sent a warning that cybercriminals are using social engineering tactics to target people wanting a COVID-19 vaccine email that is ...
Continue Reading

US Gmail Users Are Preferred Phishing Targets

Feb 11, 2021 8:26:01 AM By Stu Sjouwerman
Google has found that most phishing attacks (42%) target Gmail users in the US. Users in the UK were the second most targeted, with 10% of attacks. Japan came in third with 5% of phishing ...
Continue Reading

New Phishing Attack Uses Google Firebase to Trick Microsoft and Achieve a Spam Confidence Level of Just 1

Feb 10, 2021 2:46:41 PM By Stu Sjouwerman
This new phishing scam takes advantage of inherent trust in credible domains to get past the scrutiny of even Microsoft to trick Office 365 users into giving up their online credentials.
Continue Reading

Cannabis Company Loses Millions in BEC Scam

Feb 10, 2021 8:32:27 AM By Stu Sjouwerman
Australian medicinal cannabis company Cann Group has lost $3.6 million in a business email compromise (BEC) attack, Stockhead reports. The company had thought it was paying an unnamed ...
Continue Reading
Subscribe

Search Our Blog


Ransomware Hostage Rescue Manual

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews