No One Knows How Online Pharmacy Company was Hit with a Data Breach Impacting 2.3 Million Customers

Nov 29, 2023 10:56:21 AM By Stu Sjouwerman

This is a cautionary tale of both how your data can legally end up in the hands of an organization you never intended and how victims can be largely left in the dark post-breach.

My Top 7 Cybersecurity Reflections for 2024

Nov 28, 2023 8:17:02 AM By Anna Collard

The digital landscape is evolving at an exponential rate, and with it, the cybersecurity challenges we face.

Initial Access Broker Activity Doubles in One Year’s Time

Nov 27, 2023 2:00:13 PM By Stu Sjouwerman

New data sheds light on just how active the Initial Access Broker (IAB) business is, and the growth uncovered doesn’t bode well for potential victim organizations.

Visa Warns of Increased Phishing Scams During Holiday Season

Nov 22, 2023 2:13:10 PM By Stu Sjouwerman

Visa Payment Fraud Disruption (PFD) expects phishing attacks to increase between November 2023 and January 2024. Findings in its Holiday Edition Threats Report outline the popular fraud ...

Cybercrime Group "Scattered Spider" is a Social Engineering Threat

Nov 20, 2023 3:08:35 PM By Stu Sjouwerman

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released a joint Cybersecurity Advisory describing the Scattered Spider cybercriminal gang’s activities.

Johnny Jet's $3,000 Podcast Scam Nightmare – Unveiling the Elaborate Con that Hijacked his Facebook Kingdom

Nov 17, 2023 10:14:29 AM By Stu Sjouwerman

Travel influencer Johnny Jet has disclosed that he fell victim to a scam that caused him to lose access to his Facebook account, which has tens of thousands of followers. The scammers ...

QR Code Phishing Attacks Surging

Nov 17, 2023 10:14:02 AM By Stu Sjouwerman

The massive uptick in QR Code phishing is an indicator that scammers are seeing success in taking victims from the initial attack medium to one under the attacker’s control.

How to Help "Frequent Clickers" Become More Mindful

Nov 16, 2023 1:58:59 PM By Stu Sjouwerman

Within our organizations, there are those employees who consistently exhibit mindfulness, avoiding every phishing attempt. Yet, there are also those users who, despite repeated education ...

“Skillful Social Engineering of the IT Support Desk” One of the Most Common Tactics in Ransomware Attacks

Nov 9, 2023 3:57:11 PM By Stu Sjouwerman

As ransom payments reach an all-time high, it’s time to look at attacks from a data perspective and find the greatest opportunities to stop these attacks.

New York Department of Financial Services Strengthens Cybersecurity Regulation

Nov 7, 2023 1:47:01 PM By Stu Sjouwerman

The NYDFS’ 23 NYCRR Part 500 has been updated to reflect the current preventative and responsive measures necessary for Financial Services org to be ready for cyber attacks.

Targeted Social Engineering on the Rise With Lowering Phishing-as-a-Service Costs

Nov 7, 2023 1:46:47 PM By Stu Sjouwerman

Targeted individuals were the most common victims of social engineering attacks in the second half of 2022 and the first half of 2023, according to researchers at AtlasVPN.

Healthcare Sector Experiencing Increases in Ransomware, Ransoms and Downtime

Nov 6, 2023 9:18:42 AM By Stu Sjouwerman

An analysis of ransomware attacks on healthcare organizations from 2016 through October of 2023 shows the healthcare sector is likely to continue to suffer as a viable ransomware target.

Spear Phishing Becomes Most Common Attack Technique in Q3 2023

Nov 6, 2023 9:18:13 AM By Stu Sjouwerman

Spear phishing was the most common attack technique in the third quarter of 2023, according to researchers at ReliaQuest.

Cybersecurity Expert: AI Lends Phishing Plausibility for Bad Actors

Nov 2, 2023 10:47:52 AM By Stu Sjouwerman

Cybersecurity experts expect to see threat actors increasingly make use of AI tools to craft convincing, highly targeted and sophisticated social engineering attacks, according to Eric ...

Small Businesses are Experiencing More Cyber Attacks

Nov 2, 2023 10:47:49 AM By Stu Sjouwerman

As large organizations realize the likelihood of cyber attacks and improve their cyber readiness, small businesses are seeing increases not experienced by their larger counterparts.

September Sees a 32% Increase in the Number of Ransomware Attacks in Just One Month

Oct 31, 2023 10:07:46 AM By Stu Sjouwerman

Continued analysis of ransomware attacks shows an upward trend in the number of attacks, with September resulting in the highest number of assaults so far this year.

Cybercriminal Group Octo Tempest and Its Menacing Phishbait

Oct 31, 2023 10:07:28 AM By Stu Sjouwerman

Microsoft is tracking a cybercriminal group called “Octo Tempest” that uses threats of violence as part of its social engineering and data theft extortion campaigns.

FBI Warns of North Korean Social Engineering Tactics and Recruitment/Hiring of IT Workers

Oct 25, 2023 2:29:42 PM By Stu Sjouwerman

The U.S. Federal Bureau of Investigation (FBI) and South Korea’s Ministry of Foreign Affairs have issued an advisory offering guidance to “the international community, the private sector, ...

Most Organizations Believe Malicious Use of AI is Close to Evading Detection

Oct 24, 2023 4:37:22 PM By Stu Sjouwerman

As organizations continue to believe the malicious use of artificial intelligence (AI) will outpace its defensive use, new data focused on the future of AI in cyber attacks and defenses ...

A Brief History of Phishing, and Other Forms of Social Engineering

Oct 23, 2023 10:23:52 AM By Stu Sjouwerman

Social engineering attacks have a very long history, though the Internet has made it easier to launch these attacks en masse, according to Sean McNee at DomainTools. McNee points to an ...

Security Awareness Training Blog

Social Engineering Blog

View Topics