Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

View Topics

2021 Phishing Trends Face Alarming Predictions and Will Likely Include Automated Attacks

Apr 13, 2021 8:24:29 AM By Stu Sjouwerman
Researchers at INKY warn that targeted phishing attacks will continue throughout 2021, as some employees return to the office and others continue working from home. They predict that ...
Continue Reading

APT Group Use Voice-Changing Software to Impersonate Women as Part of Espionage Attacks

Apr 9, 2021 8:34:02 AM By Stu Sjouwerman
The middle eastern threat group known as APT-C-23 are targeting male soldiers in the Israel Defense Forces in an attempt to get their victims to download and install malware.
Continue Reading

LinkedIn Data of 500 Million Users Hacked, Up For Sale: Report

Apr 9, 2021 8:07:48 AM By Stu Sjouwerman
Microsoft-owned social network LinkedIn is reportedly the latest victim of a massive data breach where data of 500 million user profiles has been allegedly leaked by cybercriminals. The ...
Continue Reading

Ubiquiti Cyber Attack Details Depict a Far More Disastrous Scenario Than Let On

Mar 30, 2021 3:49:36 PM By Stu Sjouwerman
New whistleblower details surrounding the December 2020 attack on the cloud-enabled IoT device manufacturer paints a far worse picture than what was disclosed.
Continue Reading

Spoofing Tailored to Financial Departments

Mar 23, 2021 1:01:21 PM By Stu Sjouwerman
Researchers at Area 1 Security have warned of a large spear phishing campaign targeting financial departments and C-suite employees with spoofed Microsoft 365 login pages. The researchers ...
Continue Reading

[EYE-OPENER] USA CISA Advisory on Trickbot Campaigns: Phishing Training For Employees

Mar 17, 2021 4:04:08 PM By Stu Sjouwerman
March 17, 2021 — The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have observed continued targeting through spear phishing campaigns ...
Continue Reading

Make No Mistake, This Changes Everything: Nation-State 2.0

Mar 17, 2021 8:00:00 AM By Roger Grimes
Every organization needs to figure out their increased cyber risk from nation-state warfare attacks and deploy mitigations.
Continue Reading

FBI Warns Against Deepfakes' Potential for Social Engineering

Mar 16, 2021 8:22:52 AM By Stu Sjouwerman
The FBI has issued an advisory warning of an expected increase in the use of deepfakes for social engineering attacks. Deepfakes are images, videos, audio, or text created via AI to ...
Continue Reading

Beware: Lots of COVID-19 Vaccine-Related Attacks Are Active and Looking for Their Next Victim

Mar 16, 2021 8:01:00 AM By Stu Sjouwerman
From spear phishing attacks, to malicious domains, to credential-hunting – as I predicted, COVID vaccines are the hot attack theme right now from just about every angle.
Continue Reading

By Their Poor Idiomatic Control Shall Ye Know Them

Mar 2, 2021 8:24:52 AM By Stu Sjouwerman
A new phishing campaign is impersonating Zoom in order to steal users’ Outlook credentials, according to researchers at GreatHorn. The attackers are using phishing URLs that spoof Zoom’s ...
Continue Reading

Phishing Targets Industrial Control Systems

Feb 25, 2021 8:31:12 AM By Stu Sjouwerman
Phishing continues to be a primary initial access vector in cyberattacks against industrial control systems, according to researchers at Dragos. Out of the fifteen threat groups tracked ...
Continue Reading

The DOJ Charged Two Alleged Members of North Korea’s Military Intelligence Services With a Scheme That Included Attempts to Steal $1.3 Billion Over the Past Half-Decade for Pyongyang

Feb 18, 2021 8:52:09 AM By Stu Sjouwerman
Two alleged members of North Korea's military intelligence services were accused of hacking banks and companies in the U.S. and several other countries. The grand total for this scheme is ...
Continue Reading

[New E-Book] Comprehensive Anti-Phishing Guide

Feb 12, 2021 8:45:42 AM By Stu Sjouwerman
Spear phishing emails remain a top attack vector for the bad guys, yet most companies still don’t have an effective strategy to stop them.
Continue Reading

It’s Not Only About the URL

Feb 11, 2021 3:01:41 PM By Roger Grimes
You have to look at the totality of an email to determine whether it is a phishing attack or not.
Continue Reading

[INFOGRAPHIC] Q4 2020 Work From Home Phishing Emails on the Rise

Jan 21, 2021 8:00:00 AM By Stu Sjouwerman
KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...
Continue Reading

Social Engineering is a Core Element of Nearly Every Cyber Attack

Jan 18, 2021 8:25:46 AM By Stu Sjouwerman
As organizations look to figure out where to strengthen their cybersecurity strategy, industry data provides guidance by pointing at one of the most common aspects of cyberattacks for ...
Continue Reading

BEC Attacks Nearly Doubled in 2020

Dec 29, 2020 8:25:24 AM By Stu Sjouwerman
A new report from Barracuda Networks found that business email compromise (BEC) attacks have nearly doubled over the past year. These attacks made up 12% of all spear phishing attacks in ...
Continue Reading

All 200 Million Office 365 Users at Risk by a New Global Spear Phishing Attack Spoofing Microsoft.com

Dec 14, 2020 8:20:30 AM By Stu Sjouwerman
A new spear phishing campaign appearing to come from a microsoft.com email address is targeting organizations in critical industries that use Office 365 for email to steal credentials.
Continue Reading

Why Are You Being Phished?

Dec 8, 2020 4:05:42 PM By Roger Grimes
People often wonder, why are they being phished? Why are they being phished by a hacker in the first place? What does their organization have that some hacker decided they were noteworthy ...
Continue Reading

Think Tanks Targeted by APT Actors

Dec 3, 2020 8:28:48 AM By Stu Sjouwerman
The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory warning that nation-state advanced persistent threat (APT) actors are targeting US ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews