Visa Scam in the UK Targets Chinese Students

Sep 10, 2019 6:39:56 AM By Stu Sjouwerman

Scammers are using bogus threats of deportation to coerce Chinese students studying in the UK into handing over tens of thousands of dollars, the Guardian reports. The scammers are posing ...

Cybercriminals Unleash Ransomware Attack Designed to Compromise the Security of 120 French Hospitals

Sep 10, 2019 6:31:49 AM By Stu Sjouwerman

A ransomware infection has left one hospital in a group of 120 resorting to pen and paper as they work to remediate an attack custom-designed to attempt to take down all 120.

Targeted Business Email Compromise Now Includes Validating Your Email

Sep 10, 2019 6:25:56 AM By Stu Sjouwerman

A new scammer group out of Nigeria is taking additional steps to verify email addresses are valid before launching BEC campaigns designed to commit fraud.

Social Media and Their Exploitation in Social Engineering

Sep 9, 2019 7:04:30 AM By Stu Sjouwerman

Phishing is most commonly associated with email, but social media are quickly becoming a major hunting grounds for scammers, according to Elliot Volkman from PhishLabs. Social media ...

U.K. Charity Workers Most At Risk From Phishing

Sep 7, 2019 8:35:41 AM By Stu Sjouwerman

Tessian report finds a large amount of U.K. charity workers aren't getting proper security awareness training. Michael Moore at ITProPortal wrote: "UK charities are leaving themselves ...

Advanced Android SMS Phishing

Sep 6, 2019 8:25:05 AM By Stu Sjouwerman

Attackers can launch SMS phishing attacks to remotely change settings on a victim’s Android device, researchers at Check Point have found. These attacks take advantage of weak ...

Why Do People Keep Falling For Facebook Hoaxes?

Sep 6, 2019 8:21:43 AM By Stu Sjouwerman

Falling for social media hoaxes indicates a deeper underlying need for online awareness, according to Ben Yelin from the University of Maryland Center for Health and Homeland Security.

Email Account Takeover and Lateral Phishing Attacks Increase Risk to Enterprises

Sep 5, 2019 11:53:21 AM By Stu Sjouwerman

The latest method of attack uses sender familiarity to lower victim defenses and increase the potential for scams, attacks, or fraud to succeed.

New Ursnif Malware Attacks Use Phishing, Social Engineering and Microsoft Word

Sep 5, 2019 11:49:28 AM By Stu Sjouwerman

The decade-old malware traditionally used to capture banking details has been given new life and spotted in the wild, being distributed via malicious Word documents.

Phishing for Cloud Providers A New Supply Chain Threat

Sep 5, 2019 7:29:23 AM By Stu Sjouwerman

Attackers are going after cloud-based customer relationship management (CRM) providers in order to launch unusually convincing phishing campaigns, KrebsOnSecurity reports.

Watch Out For Hurricane Dorian Phishing Scams. We have Templates Ready For You.

Sep 4, 2019 11:53:31 AM By Stu Sjouwerman

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain vigilant for malicious cyber activity targeting Hurricane Dorian disaster victims and potential ...

Multistage Phishing Attacks Target Financial Information

Sep 4, 2019 7:12:21 AM By Stu Sjouwerman

Trend Micro researchers have published details about a sophisticated phishing campaign they’ve named “Heatstroke.” The attackers behind Heatstroke go after victims’ private email ...

CEO Fraud Overtakes Ransomware And Data Breaches In EMEA Cyber-insurance Claims

Sep 3, 2019 7:13:29 AM By Stu Sjouwerman

CEO Fraud—also known as Business Email Compromise—related cyber-insurance claims accounted for nearly a quarter of all claims in the EMEA region, AIG said.

Phishing Scheme Gains Entry To Oregon Judicial Department Emails

Aug 30, 2019 2:55:14 PM By Stu Sjouwerman

Aubrey Wieber at the DemocratHerald reported: "A phishing scheme succeeded in breaking into the email accounts of five Oregon Judicial Department employees, exposing personal information ...

AI Used For Social Engineering. Fraudsters Mimic CEO’s Voice in Unusual Cybercrime Case | WSJ

Aug 30, 2019 2:46:17 PM By Stu Sjouwerman

Catherine Stupp at the Wall Street Journal reported on something we have predicted would happen in this blog. The article started out with:

Why Are Insurance Companies Insisting To Pay Ransom For Ransomware Attacks?

Aug 29, 2019 2:12:15 PM By Stu Sjouwerman

This week, ProPublica published a report describing how insurance companies now prefer to fork over hundreds of thousands of dollars / pounds / Euros in ransom to minimize the detriment ...

Financial Phishing Campaigns on the Rise

Aug 29, 2019 7:01:35 AM By Stu Sjouwerman

More than 1900 new potential bank phishing sites were registered in the first half of 2019, according to researchers at NormShield. Based on the increase in new suspicious domains ...

Business Detections of Ransomware Attacks Have Grown by 365%

Aug 28, 2019 3:51:48 PM By Stu Sjouwerman

The latest data from Malwarebyte’s report Cybercrime Tactics and Techniques: Ransomware Retrospective shows businesses are at risk of ransomware attack now more than ever.

Microsoft, PayPal, and Facebook are the Top Three Impersonated Brands

Aug 28, 2019 6:50:57 AM By Stu Sjouwerman

Back in June, we discussed Vade Secure’s “Phisher’s Favorite” report for Q1 2019, which found that Microsoft had been the most impersonated brand used in phishing attacks for four ...

Bogus Suicide Prevention as a Scam

Aug 28, 2019 6:34:50 AM By Stu Sjouwerman

A lowlife Colorado bail bondsman named Matthew Marre repeatedly posed as a law enforcement officer to trick T-Mobile, Sprint, and Verizon into giving him GPS data for his targets’ phones, ...

Security Awareness Training Blog

Social Engineering Blog

View Topics