FBI: Cyber Attacks Target Organizations Involved in Mergers and Acquisitions

Nov 25, 2021 8:55:55 AM By Stu Sjouwerman

A new notification from the FBI warns organizations of attacks at the perfect time when organizations are spending money, new people are being introduced, and operations are in flux.

Avoid Donating to Charity Scammers During Giving Tuesday 2021

Nov 23, 2021 5:07:27 PM By Stu Sjouwerman

Giving Tuesday is a great way for organizations and people to give back. However, this gives cybercriminals opportunities to take advantage of you with charity scams.

SEC Warns of Spoofed Emails Impersonating Their Employees

Nov 23, 2021 10:08:11 AM By Stu Sjouwerman

Scammers are impersonating the US Securities and Exchange Commission (SEC) with spoofed phone calls and other communications that attempt to steal money and personal information from ...

Phishing Campaign Targets TikTok Influencers

Nov 22, 2021 1:23:42 PM By Stu Sjouwerman

Phishing emails are targeting large TikTok accounts with phony copyright warnings or offers for account verification, according to researchers at Abnormal Security.

'Fake Ransomware' as a Form of Social Engineering

Nov 18, 2021 10:45:53 AM By Stu Sjouwerman

Attackers are exploiting a vulnerability in a WordPress plugin to deface several hundred websites with phony warnings of ransomware, the Record reports. Researchers at Sucuri found that ...

Social Engineering, Persistence, and a Few Phone Calls is All it Takes to Steal $1 Million

Nov 18, 2021 9:00:45 AM By Stu Sjouwerman

The story of a Swiss investor who was convinced they were purchasing pre-IPO shares of AirBnB is the cautionary tale of how little it really takes to turn someone into a victim.

Trends in Cybercrime Report Phishing, Non-Payment Scams, and Extortion

Nov 16, 2021 8:50:23 AM By Stu Sjouwerman

Social engineering attacks account for the vast majority of cybercrime in the US, according to researchers at SEON. The security firm found that phishing, non-payment or non-delivery ...

[HEADS UP] Popular Stock Trading Platform Becomes Next Victim of Data Breach

Nov 9, 2021 8:57:32 AM By Stu Sjouwerman

Bleeping Computer recently reported a data breach from popular stock trading platform Robinhood. This breach has impacted over 7 million of their customers.

New Browser Cookie “Smash and Grab” Attack Targets YouTube Creators

Nov 8, 2021 2:24:31 PM By Stu Sjouwerman

New attack details from Google’s Threat Analysis Group show how cybercriminals are innovating ways to use an initial attack to aid in additional crypto scams.

Enabling and Securing Remote Workers are Top Concerns as 80% of Organizations Experience Cyberattacks as Often as Once per Hour

Nov 8, 2021 2:24:27 PM By Stu Sjouwerman

Organizations appear to be overconfident in their ability to protect themselves, despite glaring gaps in security, according to new data from cyber protection vendor, Acronis.

Preparing for Black Friday Scams

Nov 8, 2021 8:56:54 AM By Stu Sjouwerman

Researchers at Tessian caution that people should be wary of scams as Black Friday approaches. The researchers found that thirty percent of people in the US reported receiving a phishing ...

How Not To Get Phished: It Is the Message Not the Medium

Nov 5, 2021 8:45:10 AM By Roger Grimes

Back in the early 1990s, when I was first getting into the IT field as a full-time network administrator, I was tasked with writing up our corporation’s new email policy. Email was just ...

FBI Warns that Financial Events are Occasions for Extortion

Nov 3, 2021 10:29:36 AM By Stu Sjouwerman

The US Federal Bureau of Investigation (FBI) has warned that ransomware operators are targeting companies that are going through financial events. The timing is designed to elicit and ...

Not that You Would, but Looking for a Sugar Daddy's a Bad Idea

Nov 2, 2021 8:56:59 AM By Stu Sjouwerman

Scammers are using social media to target young women with offers to be their “sugar daddy,” according to Laura Josepha Zimmermann at Avast. Zimmermann received a message on Instagram ...

Eight Romance Phishing Scammers with Ties to Nigerian Organized Crime Arrested After Stealing Nearly $7 Million

Oct 29, 2021 2:02:43 PM By Stu Sjouwerman

This latest arrest by the South African Police Service (SAPS) demonstrates how romance scams that have been around for decades remain alive and well… and profitable.

Over Half of all Impersonation Attacks Target Non-Executive Employees

Oct 29, 2021 2:02:26 PM By Stu Sjouwerman

A new report shows how cybercriminals focus on users that are less vigilant and more prone to falling for social engineering and impersonation tactics designed to gain access to finances.

Ransomware 3.0: It Is About To Get Much Worse

Oct 27, 2021 4:28:01 PM By Roger Grimes

If you think ransomware is bad, it is about to get much, much worse. What will ransomware gangs do? Just everything.

Cybercriminals are using Craigslist email notifications to send phishing links

Oct 27, 2021 9:16:47 AM By Stu Sjouwerman

Cybercriminals are using Craigslist email notifications to send phishing links, according to Roger Kay at INKY. The emails contain links to download a document with malicious macros.

Russian SolarWinds Hackers Newly Attack Supply Chain With Password-Spraying and Phishing

Oct 26, 2021 9:38:10 AM By Stu Sjouwerman

Researchers at Microsoft have observed an attack phishing campaign by Russia’s SVR that’s targeting resellers and managed service providers. Microsoft tracks this threat actor as ...

Celebrity Hacks and the Frenzy of Renown

Oct 25, 2021 10:50:10 AM By Stu Sjouwerman

Avast offers a look at incidents in which celebrities have been the victim of social engineering attacks. The firm notes that while celebrities are higher profile targets, attackers use ...

Security Awareness Training Blog

Social Engineering Blog

View Topics