Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

SEA used spear-phishing in attack on NY Times

A spear-phishing attack, one of the most common and oldest cyber tricks in the book, enabled hackers to hijack and modify the DNS records for several domains on Tuesday, including The New ...
Continue Reading

Cybercrime Automates Fake ID's For Spear-phishing

Today it was reported through several sources that a new Cybercrime-as-a-Service option is available: creation of fake scanned passports, ID cards, driver's licenses and fake scanned ...
Continue Reading

IT Security Is Broken Bad

With the TV show Breaking Bad in its last season, this seems to be a fun title. However, the topic is not all that much fun. You should realize it's not a question of when you will be ...
Continue Reading

Spear-phishing attackers vandalize CNN, TIME and Wash Post

You would think that by now journalists and people in media and advertising would be on the alert for social engineering red flags. But no. Syrian hacktivists sent a spear-phishing attack ...
Continue Reading

Employees the Weakest Link of Cyber Security, Report Finds

Antivirus company Bitdefender reported something important. Here is their blog post of July 17, 2003.
Continue Reading

Congressional Aides Targeted By Spear-phishing Attacks

Reuters just reported that Congressional aides in the Senate and House of Representatives said on Thursday that they were notified of a potential security risk involving email and other ...
Continue Reading

7 reasons for security awareness failure

Ira Winkler and Samantha Manke just wrote a great article at the CSO site about why security awareness programs fail. They started out with: "There is a great dichotomy in Security ...
Continue Reading

CTO of media company faked-out employees with "phishing" emails

There is a fascinating article in SC Magazine dated July 3, 2013 which tells the story of Atlantic Media Chief Technology Officer Tom Cochran, who blasted out a simulated phishing email ...
Continue Reading

Five Ways Your Employees Can Kill Your Company

One - Insider Threat: Stealing valuable information for either profit or idealistic motives. Examples: Software developers taking home code for their next job, sales people downloading ...
Continue Reading

The Inevitability Of "The Click"

From the 2013 Verizon Data Breach Investigations Report. Note that i t only takes 20 emails to get one successful click on a phishing attack. Read the story above!
Continue Reading

FBI Warns of Spear-Phishing Attacks

Spear-phishing attacks are up, and they are targeting individuals across all industries, according to a new warning issued by the U.S. Federal Bureau of Investigation .
Continue Reading

How Zombie Phones Could Create a Gigantic, Mobile Botnet

Seen "World War Z" recently? Your mobile phone might soon be infected and become a zombie.
Continue Reading

Why Business Is Losing The War Against Cybercrime

Price Waterhouse (PwC) and CSO Magazine just released their 2013 State of Cybercrime Survey. It shows that lack of risk awareness means companies are poorly defended. This is their 11th ...
Continue Reading

Scam Of The Week: CIA Prism Watchlist

Scam Of The Week: CIA Prism Watchlist Just this morning, a researcher discovered an email uploaded to Virustotal called CIA's_prism_Watchlist_.eml. The content refers to Snowden, and the ...
Continue Reading

The Three Types Of Cyberattacks

Eugene Kaspersky recently gave one of his very rare interviews. He was in Israel for a staff recruitment tour, and was quoted saying:"
Continue Reading

Data Breach Costs: 10 Ways You're Making It Worse

Inadequate response plans and poorly executed procedures caused data breach costs to rise significantly at some businesses, according to the Ponemon Institute. Mistakes, negligence and ...
Continue Reading

Citadel 'Shutdown' Just A Microsoft PR Move

It was all over the news. The Citadel botnet responsible for stealing more than 500 million dollars out of bank accounts from both individuals and organizations worldwide has been largely ...
Continue Reading

Did China Leak Prism Deliberately?

UPDATED June 9: 16:51p - In an interview with TechCrunch, Eugene H. Spafford, a computer science professor at Purdue and a noted expert in computer security observed something ...
Continue Reading

46 Percent Of Hospital’S Hacked Money Gone For Good

Chelan County Treasurer David Griffiths says Leavenworth's hospital district stands to recover less than half the $1 million stolen in an online banking theft. About $415,000 has been ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews