Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

View Topics

A New Attack Category is Born: You Now Need to Also Worry About Evasive Spear Phishing

Oct 16, 2019 6:43:17 AM By Stu Sjouwerman
Researchers have combed through 25 million emails and found a new method of attack that blends two previously seen attack types combined into a single attack.
Continue Reading

I Can Phish Anyone

Oct 15, 2019 7:30:00 AM By Roger Grimes
I’m a bit surprised by some aggressive corporate anti-phishing policies which say they will fire anyone for one accidental phishing offense. Send me the names and email addresses of the ...
Continue Reading

CRN: "Kevin Mandia -- Detect Spear Phishing, Lock Down CEO Email To Stay Safe"

Oct 15, 2019 7:10:57 AM By Stu Sjouwerman
Michael Novinson at CRN had a great article that really explains the issues we are dealing with. He started out with: "Spear phishing remains the most common way for adversaries to ...
Continue Reading

Extremely Embarrassing 250,000-record Data Breach At Hookers.nl

Oct 14, 2019 10:50:12 AM By Stu Sjouwerman
The data of 250,000 users of Hookers.nl, a forum where experiences with prostitutes and escorts are exchanged, have been stolen and offered for sale on the internet. It concerns e-mail ...
Continue Reading

U.S. Organizations Involved with Nuclear Deterrence are the Target of North Korean Phishing Attacks

Oct 14, 2019 7:00:00 AM By Stu Sjouwerman
Using some very sophisticated methods, the Kimsuky group is believed to be behind a spear phishing campaign aimed at stealing U.S. secrets.
Continue Reading

Chinese State-Sponsored Phishing

Oct 9, 2019 7:15:59 AM By Stu Sjouwerman
A sophisticated threat group is going after a variety of industries using spearphishing and an arsenal of malware, according to Nalani Fraser and Fred Plan from FireEye. Fraser and Plan ...
Continue Reading

The Massive Data Breach Of Australia's Largest University Began With A Spear Phishing Attack

Oct 9, 2019 7:00:00 AM By Stu Sjouwerman
 
Continue Reading

North Koreans Spear Phish U.S. Victims With Social Engineering Hidden In Obscure Kodak FlashPix Format

Oct 1, 2019 7:23:44 PM By Stu Sjouwerman
A suspected North Korean threat actor has been sending spear phishing emails targeting US organizations, according to Prevailion researchers Danny Adamitis and Elizabeth Wharton. Adamitis ...
Continue Reading

Massive phishing wave of account hijacks hits YouTube creators

Sep 23, 2019 7:47:49 AM By Stu Sjouwerman
Over the past few days, a massive wave of account hijacks has hit YouTube users, and especially creators in the auto-tuning and car review community, a ZDNet investigation discovered ...
Continue Reading

Scam Of The Week: See Jeffrey Epstein Last Words On Video

Aug 12, 2019 8:47:51 AM By Stu Sjouwerman
This weekend, news broke that Jeffrey Epstein was found dead in his cell, apparently a suicide. This is a celebrity death that the bad  guys are going to be exploiting in a variety of ...
Continue Reading

New UK Study: "3 out of 4 phishing scams get to your inbox untouched"

Aug 5, 2019 7:10:08 AM By Stu Sjouwerman
Chris Matyszczyk wrote: "Apple sends me so many invoices every week that I scarcely know what I've gone and bought. This appears to have also crossed the minds of researchers at the UK's ...
Continue Reading

Chinese Hackers Infiltrate Global Telecom Networks With Spear Phishing

Jun 25, 2019 6:59:27 AM By Stu Sjouwerman
The WSJ revealed a brazen hack by Chinese state-sponsored bad actors who totally owned more than 10 global telecom networks, and had full admin access to their networks. They were able to ...
Continue Reading

FBI Alert: Last Week Conflict With Iran Can Cause Spear Phishing Retaliation

Jun 22, 2019 10:34:21 AM By Stu Sjouwerman
This blog post has been superseded by a more recent one.  You can find this new post here.
Continue Reading

“Hack for Hire” Groups Offer Single Account Break-In Services For Just $750

May 20, 2019 9:32:47 AM By Stu Sjouwerman
  Along with everything else malicious that’s available “as-a-Service”, the latest addition takes the burden of trying to initially hack an organization off of the plate of would-be ...
Continue Reading

Account Takeover Attacks Increase as Cybercriminals Fine-Tune Their Brand Impersonation, Social Engineering, and Phishing Skills

May 17, 2019 6:35:31 AM By Stu Sjouwerman
The latest Spear Phishing Report from Barracuda highlights how cybercriminals are systematically improving their game… and are becoming more successful for it. The capturing of user ...
Continue Reading

Florida Spearphishing: Meddle Globally, Phish Locally

Apr 22, 2019 6:58:17 AM By Stu Sjouwerman
Russian intelligence services sent spearphishing emails to more than 120 email accounts used by Florida election officials in November 2016, according to Special Counsel Robert Mueller’s ...
Continue Reading

FINRA Warns of New Phishing Attack Targeting Brokerage Firms

Mar 4, 2019 3:56:55 PM By Stu Sjouwerman
The latest warning from Financial Industry Regulatory Authority (FINRA) puts firms on notice of yet another tailored attack seeking to gain access to firms networks.
Continue Reading

Various Types Of Phishing Attacks Defined

Feb 21, 2019 3:31:36 PM By Stu Sjouwerman
Phishing attacks are growing increasingly sophisticated as attackers put more effort into choosing their victims and launching targeted attacks, according to a recent Emsisoft blog post.
Continue Reading

Details of North Korea Attacks Highlight Email’s Role in Attacks

Sep 12, 2018 2:29:00 PM By Stu Sjouwerman
When you think of cyber-espionage, you might be surprised it’s far less “Mission: Impossible” and a lot more basic phishing tactics.
Continue Reading

Spike in Business Email Compromise

Aug 30, 2018 5:06:36 PM By Stu Sjouwerman
Business email compromise attacks (BEC) have spiked by 80% over the past quarter, according to a report by Mimecast. The security provider revealed that over the past three months it had ...
Continue Reading
Subscribe

Search Our Blog


2019 National Cybersecurity Awareness Month Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews