Cozy Bear Goes Typosquatting

May 5, 2022 9:08:59 AM By Stu Sjouwerman

Researchers at Recorded Future’s Insikt Group warn that the Russian threat actor NOBELIUM (also known as APT29 or Cozy Bear) is using typosquatting domains to target the news and media ...

More_eggs Malware Distributed Via Spear Phishing

Apr 26, 2022 8:49:59 AM By Stu Sjouwerman

Threat actors are sending out the stealthy “more_eggs” malware in spear phishing emails that target hiring managers, according to researchers at eSentire’s Threat Response Unit (TRU).

TraderTraitor: When States do Social Engineering

Apr 20, 2022 8:49:57 AM By Stu Sjouwerman

North Korea’s Lazarus Group is using social engineering attacks to target users of cryptocurrency, according to a joint advisory from the US FBI, the Cybersecurity and Infrastructure ...

Q1 2022 Report: Holiday-Themed Phishing Emails Entice Employees to Click [INFOGRAPHIC]

Apr 15, 2022 10:49:24 AM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze the top categories, general subjects (in both the United States and globally), and 'in the ...

Social Engineering from Tehran

Apr 5, 2022 2:35:39 PM By Stu Sjouwerman

Social engineering continues to be a core component of the Iranian government’s hacking operations, according to researchers at Recorded Future.

The Evolution and Future of Ransomware

Feb 8, 2022 1:04:46 PM By Javvad Malik

The history of ransomware spans over 30 years. The first specimen, known as the AIDS Trojan, was delivered via physical media using the postal system, and, upon its discovery, was quickly ...

Scammers Now Exploit 'Slinks' in LinkedIn

Feb 8, 2022 9:53:21 AM By Stu Sjouwerman

Scammers are exploiting LinkedIn redirect links, or “Slinks,” to fool users and bypass email security filters, Brian Krebs reports. These links allow companies to track their marketing ...

KnowBe4's Top-Clicked Phishing Email Results for Q4 2021 Compare the U.S. and EMEA [INFOGRAPHIC]

Jan 19, 2022 3:33:56 PM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze the top categories, general subjects (in both the United States and Europe, Middle East and ...

A Cyberespionage Group Uses Social Engineering

Jan 19, 2022 8:33:29 AM By Stu Sjouwerman

A sophisticated China-aligned threat actor is using social engineering to carry out cyberespionage and financially motivated attacks, according to researchers at Trend Micro.

Obvious, but Probably Effective: Konni RAT Screensaver

Jan 6, 2022 1:20:04 PM By Stu Sjouwerman

A North Korean threat actor is targeting users in Russia with a New Year’s Eve-themed phony screensaver file, the Record reports. Researchers at Cluster25 spotted the activity, and say ...

Reducing Stress with CBD Is the Latest Theming for Phishing Attacks

Jan 4, 2022 10:03:58 AM By Stu Sjouwerman

Spanning three languages and at least 15,000 unique phishing emails, this latest phishing campaign targets stressed out workers in the U.S. and France, avoiding detection and promising to ...

SideCopy: How an Intelligence Service Uses Phishbait

Dec 7, 2021 10:15:15 AM By Stu Sjouwerman

Researchers at Malwarebytes offer more details on a spear phishing campaign run by a Pakistani threat actor that’s come to be known as “SideCopy.” The campaign was first reported by ...

New Phishing Campaign has Fake DHL Shipping

Dec 6, 2021 4:14:40 PM By Stu Sjouwerman

Researchers at Avanan have spotted a new phishing campaign that’s impersonating DHL with phony shipping notifications. The emails inform the recipients that they need to update their ...

Spear Phishing Campaign Targets North Korean Defectors

Nov 30, 2021 8:51:39 AM By Stu Sjouwerman

A state-sponsored threat actor is sending spear phishing emails to North Korean defectors and also to journalists who cover matters related to North Korea, according to researchers at ...

Malicious Retail Phishing Sites Spike Ahead of Shopping Holidays

Nov 17, 2021 8:52:55 AM By Stu Sjouwerman

Researchers at Check Point have observed a record number of malicious phishing shopping websites that have been set up over the past two months. The researchers assume these sites were ...

“Customer Complaint” May Get Your Attention

Nov 11, 2021 8:41:23 AM By Stu Sjouwerman

A spear phishing campaign is sending phony “customer complaints” that contain a link to a malicious website, according to Paul Ducklin at Naked Security. The phishing emails appear to ...

Bait Attacks as Reconnaissance

Nov 10, 2021 11:15:31 AM By Stu Sjouwerman

Researchers at Barracuda warn that attackers are sending non-malicious emails as a precursor to targeted phishing attacks.

New 'Frankenphishing' Tactic Combines Other Phishing Kits Into One

Nov 9, 2021 9:27:05 AM By Stu Sjouwerman

RiskIQ has observed another phishing kit that’s been pieced together from portions of other phishing kits.

Over Half of all Impersonation Attacks Target Non-Executive Employees

Oct 29, 2021 2:02:26 PM By Stu Sjouwerman

A new report shows how cybercriminals focus on users that are less vigilant and more prone to falling for social engineering and impersonation tactics designed to gain access to finances.

KnowBe4's Q3 2021 Top-Clicked Phishing Email Report Includes New Global Data [INFOGRAPHIC]

Oct 29, 2021 10:39:26 AM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We are now looking at the top categories globally, general subjects (in the United States and Europe, ...

Security Awareness Training Blog

Spear Phishing Blog

View Topics