You're Fired (Not Really, Just Clicked on a Phishing Email)

Nov 23, 2020 8:33:59 AM By Stu Sjouwerman

The operators of the BazarLoader malware are using phishing emails that inform people they’ve been terminated from their jobs, according to Linn Freedman, a partner at Robinson & Cole ...

One-Third of Employees Say Their Company Has No Cybersecurity Measures in Place While Working from Home

Nov 20, 2020 11:15:49 AM By Stu Sjouwerman

At a time when organizations should be implementing additional security measure to ensure the logical perimeter of their network is protected, new research shows companies aren’t prepared.

Google's Free Services and Phishing Campaigns: A Likely Pair

Nov 19, 2020 11:32:17 AM By Stu Sjouwerman

Cybercriminals are now launching phishing campaigns that abuse Google's free productivity tools while also using social engineering to trick you into installing malware.

Spotting Retail Scams During the Holiday Season

Nov 19, 2020 8:22:08 AM By Stu Sjouwerman

People need to be particularly vigilant for scams as we approach the holiday shopping season, according to Laura Brooks at Tessian. Scammers always take advantage of seasonal trends, and ...

Nearly Half of Spear Phishing Emails Bypass Security Filters

Nov 18, 2020 8:29:30 AM By Stu Sjouwerman

47% of payloadless phishing emails are able to bypass the most popular secure email gateways (SEGs), according to researchers at IronScales. These are emails that don’t contain malicious ...

Why Use Malware When Cybercriminals Can Use Social Engineering?

Nov 17, 2020 8:23:55 AM By Stu Sjouwerman

Researchers at Malwarebytes warn that a malvertising campaign they call “malsmoke” has stopped deploying exploit kits and is now using social engineering attacks to trick users into ...

Scammers Target Singles Day Shoppers

Nov 12, 2020 8:16:14 AM By Stu Sjouwerman

Shoppers need to be on the lookout for scammers as Singles Day begins in China and other countries around the world, the BBC reports. Singles Day is the world’s largest online shopping ...

University Research Shows Security Awareness Training is a Necessary Layer of Defense

Nov 11, 2020 8:58:46 AM By Stu Sjouwerman

A research paper in the Journal of Computer Information Systems says that security awareness training is a necessary complement to technical defenses and security policies, SC Magazine ...

Twitter Hack Only Took 24 Hours from Start to Takeover

Nov 10, 2020 8:33:47 AM By Stu Sjouwerman

A report from the New York Department of Financial Services covering the high-profile Twitter account hack from earlier in the year reveals how little time an attack takes to be ...

BEC Incidents Intent on Invoice or Payment Fraud Increase 155% Across All Industries

Nov 10, 2020 8:29:59 AM By Stu Sjouwerman

Business Email Compromise appears to be back in the saddle again, as attackers use simple social engineering and domain impersonation to trick victims into paying up.

Malicious Macros Remain Highly Effective

Nov 9, 2020 8:25:12 AM By Stu Sjouwerman

Microsoft Office documents with malicious macros are still one of the top choices for attackers of all skill levels, according to Craig Williams from Cisco Talos. On the CyberWire’s ...

Cannabis Company GrowDiaries Suffers Data Breach of 3.4 Million Users

Nov 4, 2020 9:52:36 AM By Stu Sjouwerman

A recent report from SiliconANGLE released information that cannabis company GrowDiaries suffered a data breach with details of 3.4 million users being exposed online.

Famous VC Firm: "The New Attack Surface is Your Life"

Nov 2, 2020 8:00:00 AM By Stu Sjouwerman

As a CEO with VC investors, I follow what happens in the venture capital space and what things VCs are interested in regarding their investment strategies. I was happily surprised to see ...

Learn to Combat These Three Cybersecurity Monsters This Halloween and Beyond

Oct 30, 2020 9:45:00 AM By Perry Carpenter

It’s that time of year again. The air feels a bit crisper; the days are a bit shorter; and children around the world prepare to go trick or treating. Even as an adult, Halloween is ...

New Ransomware, OldGremlin, Coming Soon to an Organization Near You!

Oct 29, 2020 5:19:45 PM By Stu Sjouwerman

Pay attention to this one. Despite only targeting Russian companies, the use of custom self-made malware and decidedly creative phishing campaigns makes them a potential danger.

Here Are Some Truly Scary Social Media Stats!

Oct 28, 2020 8:39:34 AM By Stu Sjouwerman

Scamming incidents have increased by 519% in 2020 compared to last year, according to researchers at Baltimore-based ZeroFOX. The researchers compared their own data to a recent report ...

Fraud Attacks Targeting the Mid-Market Organization Increase 129%

Oct 28, 2020 8:29:07 AM By Stu Sjouwerman

New data from U.K. cyberinsurer Beazley highlights the growing trend of mid-market organizations being the target of social engineering attacks and fraud.

New Qbot Phishing Attack Pretends to be Windows Defender to Trick Its Victims

Oct 28, 2020 8:24:39 AM By Stu Sjouwerman

One of the most dangerous pieces of malware is back with a new campaign that takes advantage of social engineering techniques to look convincing enough to fool your users.

Researchers Discover Most Microsoft 365 Admins Don't Enable Multi-Factor Authentication

Oct 27, 2020 12:31:02 PM By Stu Sjouwerman

Researchers from CoreView recently discovered that 97% of all total Microsoft 365 users do not utilize multi-factor authentication (MFA). A staggering 78% of Microsoft 365 admins do not ...

Couple Avoids Becoming a Victim to Publishers Clearing House Scam

Oct 27, 2020 8:32:57 AM By Stu Sjouwerman

An elderly couple in Tennessee avoided falling victim to a scam by recognizing the signs of social engineering, WREG reports. Kay and Bill Pritchett received six different phone calls ...

Security Awareness Training Blog

Social Engineering Blog

View Topics