Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

View Topics

Scam Of The Week: "Kobe Bryant Dead, Dies in Helicopter Crash"

Jan 26, 2020 4:29:02 PM By Stu Sjouwerman
Today, news broke that Kobe Bryant died in a helicopter crash. His daughter Gigi was also on board and died in the crash. This is a celebrity death that the bad  guys are going to be ...
Continue Reading

FDIC Warns U.S. Financial Institutions of Elevated Risk of Cyberattack

Jan 23, 2020 4:05:27 PM By Stu Sjouwerman
Citing “increased geopolitical tension”, banks are warned to immediately reevaluate to shore up cybersecurity controls and technology safeguards against ransomware and malware attacks.
Continue Reading

Microsoft Sues Hacker Group for Data Theft of Highly Sensitive Information

Jan 13, 2020 9:48:18 AM By Stu Sjouwerman
A new recently unsealed lawsuit against a North Korean hacker group shows how even the largest companies can be successfully attacked by phishing.
Continue Reading

Of Course, Scammers Exploit Fears of Iranian Hacking

Jan 9, 2020 8:23:29 AM By Stu Sjouwerman
A new phishing campaign is attempting to frighten people into handing over their credentials by claiming Microsoft was hacked by Iran, BleepingComputer reports. The campaign is ...
Continue Reading

Phishing Emails on the Rise as Spear Phishing Continues to Return Bigger Payouts

Jan 7, 2020 8:59:42 AM By Stu Sjouwerman
New data from Microsoft Security Insights sheds some needed light on exactly what the bad guys are doing and how they’re shifting tactics. Sometimes it feels like the bad guys are ...
Continue Reading

Penn State Warns of Spear Phishing Attacks

Jan 7, 2020 8:30:37 AM By Stu Sjouwerman
Penn State is warning its community about a recent spike in phishing attacks targeting the university’s employees. Attackers are sending emails posing as real Penn State employees and ...
Continue Reading

Business Email Compromise During Tax Season: Spotting and Defending Against Common BEC Tax Scams

Jan 6, 2020 9:44:01 AM By Stu Sjouwerman
Tax season is upon us, which makes this prime time for hackers to target your unsuspecting users with the latest Business Email Compromise (BEC) scams. From evolved W2 fraud to ...
Continue Reading

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Jan 3, 2020 2:27:46 PM By Stu Sjouwerman
Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. ...
Continue Reading

WIRED: "The Decade Big-Money Email Scams Took Over"

Dec 26, 2019 2:46:27 PM By Stu Sjouwerman
Excellent article in WIRED, where they observed that In the last few years, the "Nigerian prince" scams have gotten a major upgrade. Here is an extract and a link to the full article:
Continue Reading

Whaling: Like Phishing, but After Bigger Game

Dec 23, 2019 9:55:53 AM By Stu Sjouwerman
Organizations have to acknowledge their responsibility for ensuring their employees are able to recognize targeted phishing attacks, according to James McGachie, Legal Director of DLA ...
Continue Reading

Top 9 IT Security Trends You Need to Watch Out For in 2020

Dec 20, 2019 10:12:12 AM By Stu Sjouwerman
Cyber security and security awareness training landscapes are constantly changing.  IT Professionals, like you, always need to know what is coming next in order to build (and maintain) ...
Continue Reading

Spear Phishing in the Royal Canadian Mint

Dec 16, 2019 9:22:18 AM By Stu Sjouwerman
The Royal Canadian Mint, which produces Canada’s coins, nearly sent an employee’s paycheck to an attacker following a spear phishing attack, CBC News reports. The attacker sent an email ...
Continue Reading

Microsoft Sees Phishing on the Rise

Dec 11, 2019 7:00:00 AM By Javvad Malik
According to Microsoft security research, the percentage of inbound emails associated with phishing on average increased in the past year. For some, this may feel like obvious news, but ...
Continue Reading

Europol Finds Majority of Attack Groups Rely on Spear Phishing as Primary Infection Vector

Dec 4, 2019 6:52:41 AM By Stu Sjouwerman
A new report from Europol’s European Cybercrime Center (EC3) breaks down how targeted phishing attacks are being done, and how to avoid becoming a victim.
Continue Reading

Google Sent 12K Nation-State Phishing Warnings In Three Months

Nov 27, 2019 6:54:24 AM By Stu Sjouwerman
Google's Threat Analysis Group (TAG) delivered thousands of alerts of government-backed attempts to spearphish gmail users over just a three-month period earlier this year, they reported.
Continue Reading

Click Confessions of a Security Expert

Nov 26, 2019 7:00:00 AM By Perry Carpenter
As a “human security” expert, I used to take a lot of pride in my well-honed security hygiene. Yeah… that all ended back in early 2017 when I joined KnowBe4. You see, up until that time, ...
Continue Reading

Instagram Copyright Infringement is the Latest Phishing Scam Targeting Social Media

Nov 14, 2019 7:00:00 AM By Stu Sjouwerman
Focused on compromising social media credentials, scammers trick Instagram users into giving up credentials and other personally identifiable information with convincing phishing emails.
Continue Reading

Third Party Phishing: The New Spear-Phishing Attacks That Traditional Defenses Just Don't Stop

Nov 12, 2019 8:00:00 AM By Stu Sjouwerman
Joe in accounting is pretty cyber-savvy. He doesn’t fall for basic phishing emails with masked URLs or phony password reset requests. But what happens when Joe gets an email from a ...
Continue Reading

A New Attack Category is Born: You Now Need to Also Worry About Evasive Spear Phishing

Oct 16, 2019 6:43:17 AM By Stu Sjouwerman
Researchers have combed through 25 million emails and found a new method of attack that blends two previously seen attack types combined into a single attack.
Continue Reading

I Can Phish Anyone

Oct 15, 2019 7:30:00 AM By Roger Grimes
I’m a bit surprised by some aggressive corporate anti-phishing policies which say they will fire anyone for one accidental phishing offense. Send me the names and email addresses of the ...
Continue Reading
Subscribe

Search Our Blog


Weak Password Test Contest

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews