Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

FBI Alert: Last Week Conflict With Iran Can Cause Spear Phishing Retaliation

This blog post has been superseded by a more recent one.  You can find this new post here.
Continue Reading

“Hack for Hire” Groups Offer Single Account Break-In Services For Just $750

  Along with everything else malicious that’s available “as-a-Service”, the latest addition takes the burden of trying to initially hack an organization off of the plate of would-be ...
Continue Reading

Account Takeover Attacks Increase as Cybercriminals Fine-Tune Their Brand Impersonation, Social Engineering, and Phishing Skills

The latest Spear Phishing Report from Barracuda highlights how cybercriminals are systematically improving their game… and are becoming more successful for it. The capturing of user ...
Continue Reading

Florida Spearphishing: Meddle Globally, Phish Locally

Russian intelligence services sent spearphishing emails to more than 120 email accounts used by Florida election officials in November 2016, according to Special Counsel Robert Mueller’s ...
Continue Reading

FINRA Warns of New Phishing Attack Targeting Brokerage Firms

The latest warning from Financial Industry Regulatory Authority (FINRA) puts firms on notice of yet another tailored attack seeking to gain access to firms networks.
Continue Reading

Various Types Of Phishing Attacks Defined

Phishing attacks are growing increasingly sophisticated as attackers put more effort into choosing their victims and launching targeted attacks, according to a recent Emsisoft blog post.
Continue Reading

Details of North Korea Attacks Highlight Email’s Role in Attacks

When you think of cyber-espionage, you might be surprised it’s far less “Mission: Impossible” and a lot more basic phishing tactics.
Continue Reading

Spike in Business Email Compromise

Business email compromise attacks (BEC) have spiked by 80% over the past quarter, according to a report by Mimecast. The security provider revealed that over the past three months it had ...
Continue Reading

Russian Indictment: They Used Criminal Tradecraft like Spearphishing To Hack The Democratic Party

The email arrived in Hillary Clinton’s campaign chairman John Podesta’s inbox around March 19, 2016, during the height of the presidential primaries, spoofed to look like a standard ...
Continue Reading

State Department warns staff of surge in spear phishing attempts

Eric Geller at Politico reported: "The State Department on Thursday warned employees about a tidal wave of malicious messages attempting to trick staffers into opening a door for hackers. ...
Continue Reading

SAM.Gov Hackers Were Handed Spear Phishing, Spoofing & Credential Theft On A Gold Platter

Cybercrooks who stole federal payments by hacking contractor accounts on a GSA website used sophisticated spear phishing techniques to steal login credentials and then diverted payments ...
Continue Reading

An inventive YouTube moderator phishing scam

Full marks for inventiveness If you have a YouTube channel, and have had your fill of sifting through the vile torrent of abusive comments left on your video masterpieces, you can invite ...
Continue Reading

If Willie Sutton were working today, he'd be stealing cryptocurrency, not wasting time on banks

Because that's where the money is. Criminals have been installing cryptocurrency miners on victim machines that turn them into sources of money. These operate without the users' ...
Continue Reading

What is the difference between the Surface Web, The Deep Web and the Dark Web?

These three terms are often a source of confusion, especially in connection with cybercrime and where that comes from. If you think that search engines like Google (there are more!) know ...
Continue Reading

Bad Rabbit Ransomware Attack Was Hiding A Spear Phishing Campaign

During the attacks in eastern Europe with the Bad Rabbit ransomware, a more insidious attack was taking place in Ukraine under its cover, Reuters reported. Serhiy Demedyuk, head of the ...
Continue Reading

U.S. warns about phishing attacks on nuclear, energy, aviation, water, and manufacturing industries

(Reuters) — The U.S government issued a rare public warning that sophisticated hackers are targeting energy and industrial firms, the latest sign that cyber attacks present an increasing ...
Continue Reading

Ransomware Spear Phishing Attack Used To Hide 60M Cyberheist

In a classic "divert their attention", the Taiwan Far East Bank was first attacked with spear phishing emails that pointed to malicious executables, which were clicked on by employees. ...
Continue Reading

A New Spear Phishing Attack Uses Compromised Government Servers And DNS

Cisco's Talos malware researchers posted about a highly sophisticated, targeted spear phishing attack using malicious Word attachments, spoofed to look like it was from the U.S. ...
Continue Reading

Third Quarter 2017 Top-Clicked Phishing Email Subjects [INFOGRAPHIC]

KnowBe4 customers run millions of phishing tests per year, and we report quarterly on the latest top-clicked phishing email subjects in 3 separate categories: subjects related to social ...
Continue Reading

A Phishing Attack in the Clouds May Rain On Your Parade

According to MeriTalk, an editorial and events organization that focuses on Federal IT and government computing technologies, governments are moving some, or all of their IT to the Cloud, ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews