Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Are You Being Targeted By Hot Foreign Spies?

May 12, 2014 1:43:00 PM By Stu Sjouwerman
Ready to be hit upon by the likes of Anna Chapman? MI5 in the UK warned that foreign spy agencies are targeting IT workers within big organizations as a means of gaining privileged access ...
Continue Reading

Phishing campaign uses VoIP to steal card data

Apr 30, 2014 1:39:00 PM By Stu Sjouwerman
An Eastern European Cyber Mafia has been found to run a multi-year campaign that targets small U.S. banks and credit unions with a sophisticated VoIP phishing scheme (aka vishing) to ...
Continue Reading

Scam Of The Week: Blended XP Phishing Security Threat

Apr 20, 2014 11:22:00 AM By Stu Sjouwerman
During the first quarter, I have been warning about the coming wave of Windows XP-related scams having to do with the April 8 End Of Life of XP. Here is what you can expect, and many ...
Continue Reading

Scam Of The Week: Starbucks Gift From a Friend Phishing Emails

Apr 17, 2014 12:03:00 PM By Stu Sjouwerman
Love your tall latte? Better watch it, as a "friend" might send you an email with a fake Starbucks Coffee Gift offer. These emails read something like this in broken english. "Your friend ...
Continue Reading

Wall Street Journal Quoted Me Regarding Ransomware Phishing Attacks

Apr 10, 2014 10:21:00 AM By Stu Sjouwerman
This week, Wall Street Journal MarketWatch reporter Priya Anand quoted me in an article she wrote about the new wave of ransomware phishing attacks.
Continue Reading

More Than Half Of End Users Did Not Get Security Awareness Training

Apr 10, 2014 9:23:00 AM By Stu Sjouwerman
This week I attended a webinar about Security Awareness Training hosted by David Monahan, Research Director Security and Risk Management of Enterprise Management Associates.
Continue Reading

CyberheistNews Vol 4, # 13 It's The XPOCALYPSE!... But Is It?

Apr 1, 2014 8:50:00 AM By Stu Sjouwerman
CyberheistNews Vol 4, # 13
Continue Reading

Attacks Give Lift to Cyber Insurance

Mar 27, 2014 2:34:00 PM By Stu Sjouwerman
Today in the Wall Street Journal, reporter Leslie Scism quoted Bloomberg News that "Target's data breach 'was the equivalent of 10 free Super Bowl ads."
Continue Reading

Hackers hit Monster Jobs users with Gameover Zeus malware

Mar 27, 2014 7:38:00 AM By Stu Sjouwerman
Companies that are recruiting new employees are being targeted through Monster Jobs. The bad guys are using malware called Gameover Zeus, security firm F-secure reported in a blog post ...
Continue Reading

Scam Of The Week: You Owe Taxes, Pay Now Or Else

Mar 21, 2014 5:00:00 PM By Stu Sjouwerman
This scam uses a combination of phishing emails and spoofed Caller ID scam calls. The scammers intimidate the victim, threaten with arrest, deportation or loss of a business or driver’s ...
Continue Reading

Target Breach: Where The Weak Points Were

Mar 18, 2014 4:47:00 PM By Stu Sjouwerman
Dave Kearns posted March 18 that he's been fascinated by the information that keeps coming out of the Taget Stores data breach. He's got a great analysis, and he ends off with words that ...
Continue Reading

No Antivirus Detects Russian Malware For 8 Years!

Mar 15, 2014 1:53:00 PM By Stu Sjouwerman
It was all over the news the last few days. Researchers with BAE Systems determined that Russian malware known as Snake dates back as far as 2006, instead of 2011 as initially presented ...
Continue Reading

Phishing FaceBook: Malaysia Plane MH370 Has Been Spotted

Mar 15, 2014 11:04:00 AM By Stu Sjouwerman
Hackers jump on every opportunity they can to trick people. This time they hijacked to story about the missing Malaysian Airlines plane.
Continue Reading

New Phishing Scam Promises Bitcoins

Mar 15, 2014 8:34:00 AM By Stu Sjouwerman
Lily Newman at the Future Tense blog wrote this post for the slate site, after Slate's news editor Chad Lorenz received a new phishing email purportedly from coinbase, who happily ...
Continue Reading

Sophisticated Scam Of The Week: Cell Phone Voucher

Mar 9, 2014 8:37:00 AM By Stu Sjouwerman
There's a fresh, well thought-out social engineering scam sticking up its ugly head right now. The bad guys are promising cell phone users amounts of up to $100 in vouchers using a ...
Continue Reading

Inevitable: Phishing That Pretends To Be Salesforce.com

Mar 6, 2014 8:38:00 AM By Stu Sjouwerman
Just a heads-up, screen shot above. The lifehacker site in Australia warned about a phishing scam using a "salesforce" email as bait. The bad guys will use anything to get you to click, ...
Continue Reading

How to Test the Phishing Savvy of Your Staff

Mar 5, 2014 1:28:00 PM By Stu Sjouwerman
Continue Reading

41 Percent Of Infected Pay The Cryptolocker Ransom

Mar 1, 2014 9:10:00 AM By Stu Sjouwerman
I have warned about the Cryptolocker ransomware before, but now we have some hard numbers about the percentage of people that are forced to pay up when a workstation or server has been ...
Continue Reading

Hackers Used Spear Phishing Attack To Hack CNN Blogs

Feb 21, 2014 2:56:00 PM By Stu Sjouwerman
Security analysts at Intelligence firm InterCrawler published the details of the investigation on recent attack against CNN Blogs and social media accounts. Recently a few social media ...
Continue Reading

Kiss Your Old Security Awareness Training Program Goodbye!

Feb 18, 2014 11:03:00 AM By Stu Sjouwerman
Is Your Security Awareness Training Program Not Working? Are Users Still Clicking Phishing Links And Opening Infected Attachments?
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews