New Office 365 Credential Scam Uses a Received Fax to Trick Victims

Dec 18, 2020 8:22:43 AM By Stu Sjouwerman

A clever mix of brand impersonation, a supposedly received message, a thumbnail preview, and new spoofed Office 365 logon pages are all that’s needed to trick victims into giving up ...

The Cost of Ransoms Demanded and Paid Double in 2020!

Dec 18, 2020 8:19:18 AM By Stu Sjouwerman

According to new data from UK cyber insurer Beazley shows ransomware claims have increased materially and calls for organizations to employ a layered cyber defense.

Learning More on Social Engineering Tactics are the Key to Preventing Phishing Expeditions

Dec 17, 2020 8:24:48 AM By Stu Sjouwerman

Understanding social engineering attacks is the key to thwarting them, according to Juan Badell and Russell Petrich, content designers for Sophos’s phishing simulation service. Badell and ...

Facebook Describes APT32 Social Engineering Campaign

Dec 15, 2020 8:31:31 AM By Stu Sjouwerman

Facebook’s security team has taken action against a phishing operation run by APT32 (also known as OceanLotus), a threat actor associated with the Vietnamese government. Facebook says the ...

Shame! Shame! I Got Phished

Dec 14, 2020 8:00:00 AM By Roger Grimes

I can’t be phished. At least that’s what I used to believe.

GDPR Compliance Scams Rising

Dec 9, 2020 9:41:45 AM By Stu Sjouwerman

Organizations need to be on the lookout for GDPR-themed phishing lures, according to Mike Puglia, Chief Product Officer at Kaseya. In an article for ITProPortal, Puglia explains that GDPR ...

Why Are You Being Phished?

Dec 8, 2020 4:05:42 PM By Roger Grimes

People often wonder, why are they being phished? Why are they being phished by a hacker in the first place? What does their organization have that some hacker decided they were noteworthy ...

Election-themed Phishing is Likely to Persist

Dec 8, 2020 8:47:24 AM By Stu Sjouwerman

The US elections have come and gone, but people should still be on the lookout for election-themed phishbait, according to Roger Kay at Inky. Emotions are still running high in the US, ...

Think Tanks Targeted by APT Actors

Dec 3, 2020 8:28:48 AM By Stu Sjouwerman

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory warning that nation-state advanced persistent threat (APT) actors are targeting US ...

Number of Phishing Websites Double and Unique Phishing Campaigns Triple in Q3

Dec 3, 2020 8:19:09 AM By Stu Sjouwerman

New data shows the bad guys have been working diligently to step up their game on both the front and back end of phishing attacks, despite still being mid-pandemic.

Dutch Government Sees Phishing More Than Double in 2020

Dec 1, 2020 1:48:47 PM By Jelle Wieringa

In an exclusive article, the Dutch IRS gave its perspective on the cyber threat landscape in the Netherlands. December is typically one of the busiest months of the year for cybercrime ...

Giving Tuesday Means an Influx of Charity Scams

Dec 1, 2020 8:00:00 AM By Stu Sjouwerman

Giving Tuesday is a great idea for organizations and people to give back to people in need, especially during the COVID-19 pandemic. However, this causes concern for an increase in ...

Fake Zoom Invite Leads to one Australian Company's Downfall

Nov 30, 2020 1:19:51 PM By Stu Sjouwerman

We've previously written blog posts to be cautious of suspicious Zoom meeting links, and we even reported a huge increase in phishing attacks using Zoom of August this year. The heads-up ...

Journalists Need Phishing Awareness, Too

Nov 30, 2020 8:25:33 AM By Stu Sjouwerman

All types of journalists need to be wary of phishing and other social engineering attacks, according to Jacob Granger, writing at Journalism.co.uk. Granger quotes digital security expert ...

You're Fired (Not Really, Just Clicked on a Phishing Email)

Nov 23, 2020 8:33:59 AM By Stu Sjouwerman

The operators of the BazarLoader malware are using phishing emails that inform people they’ve been terminated from their jobs, according to Linn Freedman, a partner at Robinson & Cole ...

One-Third of Employees Say Their Company Has No Cybersecurity Measures in Place While Working from Home

Nov 20, 2020 11:15:49 AM By Stu Sjouwerman

At a time when organizations should be implementing additional security measure to ensure the logical perimeter of their network is protected, new research shows companies aren’t prepared.

Google's Free Services and Phishing Campaigns: A Likely Pair

Nov 19, 2020 11:32:17 AM By Stu Sjouwerman

Cybercriminals are now launching phishing campaigns that abuse Google's free productivity tools while also using social engineering to trick you into installing malware.

Spotting Retail Scams During the Holiday Season

Nov 19, 2020 8:22:08 AM By Stu Sjouwerman

People need to be particularly vigilant for scams as we approach the holiday shopping season, according to Laura Brooks at Tessian. Scammers always take advantage of seasonal trends, and ...

Nearly Half of Spear Phishing Emails Bypass Security Filters

Nov 18, 2020 8:29:30 AM By Stu Sjouwerman

47% of payloadless phishing emails are able to bypass the most popular secure email gateways (SEGs), according to researchers at IronScales. These are emails that don’t contain malicious ...

Why Use Malware When Cybercriminals Can Use Social Engineering?

Nov 17, 2020 8:23:55 AM By Stu Sjouwerman

Researchers at Malwarebytes warn that a malvertising campaign they call “malsmoke” has stopped deploying exploit kits and is now using social engineering attacks to trick users into ...

Security Awareness Training Blog

Social Engineering Blog

View Topics