Russian Threat Actor FIN7 Targeting the Automotive Industry with Spear Phishing Attacks

Apr 19, 2024 9:03:32 AM By Stu Sjouwerman

The cybercriminal threat actor FIN7 is launching spear phishing attacks against the automotive industry in the United States, according to researchers at BlackBerry.

Critical Improvements To The Seven Most Common Pieces of Cybersecurity Advice

Apr 9, 2024 2:05:26 PM By Roger Grimes

I have been in the cybersecurity industry for over 35 years and I am the author of 14 books and over 1,400 articles on cybersecurity.

Catfishing Campaign Targets Members of the UK Government

Apr 4, 2024 1:28:49 PM By Stu Sjouwerman

At least twelve men working in the UK parliament have recently been targeted by WhatsApp spear phishing messages, POLITICO reports. The targeted individuals include “a senior Labour MP, ...

New Report Shows Phishing Links and Malicious Attachments Are The Top Entry Points of Cyber Attacks

Apr 3, 2024 12:36:17 PM By Stu Sjouwerman

New TTP attack data covering 2023 sheds much needed light on the threat actor and user actions that are putting organizations at the most risk.

Narwhal Spider Threat Group Behind New Phishing Campaign Impersonating Reputable Law Firms

Mar 29, 2024 12:07:32 PM By Stu Sjouwerman

Using little more than a well-known business name and a invoice-related PDF, the “NaurLegal” phishing campaign aims at installing malware trojans.

If Social Engineering Accounts for up to 90% of Attacks, Why Is It Ignored?

Mar 15, 2024 10:32:57 AM By Roger Grimes

Social engineering and phishing are involved in 70% to 90% of all successful cybersecurity attacks. No other initial root hacking cause comes close.

Microsoft and OpenAI Team Up to Block Threat Actor Access to AI

Mar 5, 2024 9:46:52 AM By Stu Sjouwerman

Analysis of emerging threats in the age of AI provides insight into exactly how cybercriminals are leveraging AI to advance their efforts.

Credential Theft Is Mostly Due To Phishing

Feb 28, 2024 12:21:10 PM By Roger Grimes

According to IBM X-Force’s latest Threat Intelligence Index, 30% of all cyber incidents in 2023 involved abuse of valid credentials. X-Force’s report stated that abuse of valid ...

State-Sponsored Threat Actors Targeting European Union Entities With Spear Phishing Campaigns

Feb 19, 2024 4:01:06 PM By Stu Sjouwerman

Numerous state-sponsored threat actors frequently launched spear phishing attacks against European Union entities last year, according to a new report from the EU’s Emergency Response ...

Iran-Aligned Threat Actor "CharmingCypress" Launches Spear Phishing Attacks

Feb 15, 2024 3:13:42 PM By Stu Sjouwerman

Researchers at Volexity warn that the suspected Iranian threat actor CharmingCypress (also known as “Charming Kitten” or “APT42”) has been launching spear phishing attacks against Middle ...

North Korean Threat Actor Targeting Cybersecurity Researchers With Spear Phishing Attacks

Jan 24, 2024 8:20:21 AM By Stu Sjouwerman

A suspected North Korean state-sponsored threat actor called “ScarCruft” is launching spear phishing attacks against cybersecurity professionals, according to researchers at SentinelOne.

Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For

Jan 9, 2024 9:24:06 AM By Stu Sjouwerman

Verizon has published an article outlining various forms of social engineering attacks, including SMS/text messaging phishing (smishing), voice phishing (vishing), and spear phishing ...

Why Security Awareness Training Is Effective in Reducing Cybersecurity Risk

Dec 14, 2023 1:14:38 PM By Roger Grimes

Security awareness training (SAT) works! A well-designed security awareness training campaign will significantly reduce cybersecurity risk.

Russian Hackers Indicted for Phishing Attacks Against U.S. and Allies

Dec 11, 2023 10:34:40 AM By Stu Sjouwerman

The US Justice Department has indicted two individuals for launching spear phishing attacks against the US, the UK, Ukraine and various NATO member countries on behalf of the Russian ...

Guarding Against the Rise of QR Code Phishing Attacks: How to Protect Yourself and Your Organization

Dec 4, 2023 10:33:41 AM By Stu Sjouwerman

In the ever-evolving landscape of cyber threats, scammers and hackers are relentless in exploiting every avenue of communication. From emails to texts, calls to QR codes, malicious actors ...

[On-Demand Webinar] Combatting Rogue URL Tricks: Quickly Identify and Investigate the Latest Phishing Attacks

Dec 4, 2023 8:00:00 AM By Stu Sjouwerman

Everyone knows you shouldn’t click phishy links. But are your end users prepared to quickly identify the trickiest tactics bad actors use before it’s too late? Probably not.

Johnny Jet's $3,000 Podcast Scam Nightmare – Unveiling the Elaborate Con that Hijacked his Facebook Kingdom

Nov 17, 2023 10:14:29 AM By Stu Sjouwerman

Travel influencer Johnny Jet has disclosed that he fell victim to a scam that caused him to lose access to his Facebook account, which has tens of thousands of followers. The scammers ...

Spear Phishing Becomes Most Common Attack Technique in Q3 2023

Nov 6, 2023 9:18:13 AM By Stu Sjouwerman

Spear phishing was the most common attack technique in the third quarter of 2023, according to researchers at ReliaQuest.

[Cybersecurity Awareness Month] Mindful Defense: Enchantments Against Spear Phishing By Breachatrix le Phish

Oct 25, 2023 9:13:39 AM By Anna Collard

In the mystical realm of cyberspace, where digital forests hold secrets and virtual owls deliver messages, we find ourselves in a constant dance between magic and deception. Today, join ...

QR Code Phishing on the Rise: The Alarming Findings From the Hoxhunt Challenge

Oct 20, 2023 1:46:05 PM By Stu Sjouwerman

As the digital landscape continues to evolve, so do the tactics of cybercriminals. The Hoxhunt Challenge, a comprehensive study conducted across 38 organizations spanning nine industries ...

Security Awareness Training Blog

Spear Phishing Blog

View Topics