Social Media as Artillery Preparation for Spear Phishing

Sep 14, 2021 9:18:49 AM By Stu Sjouwerman

Researchers at ESTsecurity warn that a North Korean threat actor known as “Kumsong 121” is using compromised social media accounts to launch spear phishing attacks, the Daily NK reports. ...

Spear Phishing Becomes a Bigger Problem as the Average Organization is Targeted 700 Times a Year

Aug 11, 2021 8:21:16 AM By Stu Sjouwerman

With threat actors honing their trickery skills to craft the perfect email used to fool a would-be victim recipient, new data shows cybercriminals are stepping up their game on a number ...

[INFOGRAPHIC] New Report Shows Users Are Falling for Security and HR-Related Phishing Attacks

Jul 19, 2021 5:04:04 PM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...

New LuminousMoth APT Takes a Double-Infection Vector Approach to Attacks

Jul 19, 2021 1:45:55 PM By Stu Sjouwerman

Spotted by security researchers at Kaspersky Labs, this large-scale yet extremely targeted campaign of attacks focuses on government organizations within Southeast Asia.

Year-Long Phishing Campaign Targets Energy, Oil & Gas Companies Using Spoofed B2B Correspondence

Jul 14, 2021 9:23:26 AM By Stu Sjouwerman

Uncovered by the research team at cloud protection vendor Intezer, this new phishing campaign seeks to steal information and position each victim as the foothold to spear phish additional ...

Spear Phishing Campaign Targets Energy Companies

Jul 13, 2021 10:29:13 AM By Stu Sjouwerman

Researchers at Intezer have spotted a phishing campaign that’s targeting energy companies in South Korea, the United States, the United Arab Emirates, and Germany. Most of the targets are ...

Almost All LinkedIn User’s Data Has Been Scraped and is Up for Sale on the Dark Web

Jun 30, 2021 4:31:12 PM By Stu Sjouwerman

700 Million LinkedIn user’s personal details were posted for sale earlier this month, putting 92% of their userbase at risk of social engineering and spear phishing attacks.

Spear Phishing Impersonation Attacks Take on New Tactics to Become More Convincing and Effective

Jun 30, 2021 4:31:09 PM By Stu Sjouwerman

As part of Business Email Compromise attacks, spear phishing now plays a material role, with impersonation sitting firmly at the core of their social engineering tactics… in more ways ...

35% of Cybersecurity Incidents are Business Email Compromise (BEC) Phishing Attacks

Jun 29, 2021 2:00:38 PM By Stu Sjouwerman

With cybercriminals looking for the fastest means to get from attack to a big payout, BEC attacks are shifting tactics to adjust to organizations being better prepared.

[Heads Up] Microsoft: SolarWinds hackers spear phish govt agencies from 24 countries

May 28, 2021 10:07:38 AM By Stu Sjouwerman

The Microsoft Threat Intelligence Center (MSTIC) has discovered that the SolarWinds hackers are behind an ongoing spear-phishing campaign targeting government agencies worldwide.

A New Smishing Trojan is Out and About

May 12, 2021 9:49:21 AM By Stu Sjouwerman

Researchers at Pradeo have observed a new Android malware campaign that uses text messages asking victims to pay a small fee for a delivery. The messages contain a link that will install ...

Why Should We Care About Personal Smishing Attacks?

Apr 29, 2021 10:33:34 AM By Roger Grimes

I am not sure what is going on these days, but for several weeks, I have received far more SMS-based phishing (i.e., smishing) attacks than usual.

Scammers Target Rogers Customers With SMS Messages

Apr 29, 2021 10:33:17 AM By Stu Sjouwerman

Scammers are targeting Rogers customers with text messages offering $50 refunds, according to BleepingComputer. The Canadian telecommunications provider suffered a widespread outage last ...

Currently Popular Social Engineering Tactics

Apr 27, 2021 10:00:27 AM By Stu Sjouwerman

Criminals are exploiting new technology to launch updated versions of old attacks, according to Derek Slater at CSO. George Gerchow, CSO at Sumo Logic, told Slater that threat actors are ...

[INFOGRAPHIC] Q1 2021 Report Shows Users are More Savvy to COVID-19 Phishing Scams

Apr 13, 2021 9:30:36 AM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...

2021 Phishing Trends Face Alarming Predictions and Will Likely Include Automated Attacks

Apr 13, 2021 8:24:29 AM By Stu Sjouwerman

Researchers at INKY warn that targeted phishing attacks will continue throughout 2021, as some employees return to the office and others continue working from home. They predict that ...

APT Group Use Voice-Changing Software to Impersonate Women as Part of Espionage Attacks

Apr 9, 2021 8:34:02 AM By Stu Sjouwerman

The middle eastern threat group known as APT-C-23 are targeting male soldiers in the Israel Defense Forces in an attempt to get their victims to download and install malware.

LinkedIn Data of 500 Million Users Hacked, Up For Sale: Report

Apr 9, 2021 8:07:48 AM By Stu Sjouwerman

Microsoft-owned social network LinkedIn is reportedly the latest victim of a massive data breach where data of 500 million user profiles has been allegedly leaked by cybercriminals. The ...

Ubiquiti Cyber Attack Details Depict a Far More Disastrous Scenario Than Let On

Mar 30, 2021 3:49:36 PM By Stu Sjouwerman

New whistleblower details surrounding the December 2020 attack on the cloud-enabled IoT device manufacturer paints a far worse picture than what was disclosed.

Spoofing Tailored to Financial Departments

Mar 23, 2021 1:01:21 PM By Stu Sjouwerman

Researchers at Area 1 Security have warned of a large spear phishing campaign targeting financial departments and C-suite employees with spoofed Microsoft 365 login pages. The researchers ...

Security Awareness Training Blog

Spear Phishing Blog

View Topics