A New Smishing Trojan is Out and About

May 12, 2021 9:49:21 AM By Stu Sjouwerman

Researchers at Pradeo have observed a new Android malware campaign that uses text messages asking victims to pay a small fee for a delivery. The messages contain a link that will install ...

Why Should We Care About Personal Smishing Attacks?

Apr 29, 2021 10:33:34 AM By Roger Grimes

I am not sure what is going on these days, but for several weeks, I have received far more SMS-based phishing (i.e., smishing) attacks than usual.

Scammers Target Rogers Customers With SMS Messages

Apr 29, 2021 10:33:17 AM By Stu Sjouwerman

Scammers are targeting Rogers customers with text messages offering $50 refunds, according to BleepingComputer. The Canadian telecommunications provider suffered a widespread outage last ...

Currently Popular Social Engineering Tactics

Apr 27, 2021 10:00:27 AM By Stu Sjouwerman

Criminals are exploiting new technology to launch updated versions of old attacks, according to Derek Slater at CSO. George Gerchow, CSO at Sumo Logic, told Slater that threat actors are ...

[INFOGRAPHIC] Q1 2021 Report Shows Users are More Savvy to COVID-19 Phishing Scams

Apr 13, 2021 9:30:36 AM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...

2021 Phishing Trends Face Alarming Predictions and Will Likely Include Automated Attacks

Apr 13, 2021 8:24:29 AM By Stu Sjouwerman

Researchers at INKY warn that targeted phishing attacks will continue throughout 2021, as some employees return to the office and others continue working from home. They predict that ...

APT Group Use Voice-Changing Software to Impersonate Women as Part of Espionage Attacks

Apr 9, 2021 8:34:02 AM By Stu Sjouwerman

The middle eastern threat group known as APT-C-23 are targeting male soldiers in the Israel Defense Forces in an attempt to get their victims to download and install malware.

LinkedIn Data of 500 Million Users Hacked, Up For Sale: Report

Apr 9, 2021 8:07:48 AM By Stu Sjouwerman

Microsoft-owned social network LinkedIn is reportedly the latest victim of a massive data breach where data of 500 million user profiles has been allegedly leaked by cybercriminals. The ...

Ubiquiti Cyber Attack Details Depict a Far More Disastrous Scenario Than Let On

Mar 30, 2021 3:49:36 PM By Stu Sjouwerman

New whistleblower details surrounding the December 2020 attack on the cloud-enabled IoT device manufacturer paints a far worse picture than what was disclosed.

Spoofing Tailored to Financial Departments

Mar 23, 2021 1:01:21 PM By Stu Sjouwerman

Researchers at Area 1 Security have warned of a large spear phishing campaign targeting financial departments and C-suite employees with spoofed Microsoft 365 login pages. The researchers ...

[EYE-OPENER] USA CISA Advisory on Trickbot Campaigns: Phishing Training For Employees

Mar 17, 2021 4:04:08 PM By Stu Sjouwerman

March 17, 2021 — The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have observed continued targeting through spear phishing campaigns ...

Make No Mistake, This Changes Everything: Nation-State 2.0

Mar 17, 2021 8:00:00 AM By Roger Grimes

Every organization needs to figure out their increased cyber risk from nation-state warfare attacks and deploy mitigations.

FBI Warns Against Deepfakes' Potential for Social Engineering

Mar 16, 2021 8:22:52 AM By Stu Sjouwerman

The FBI has issued an advisory warning of an expected increase in the use of deepfakes for social engineering attacks. Deepfakes are images, videos, audio, or text created via AI to ...

Beware: Lots of COVID-19 Vaccine-Related Attacks Are Active and Looking for Their Next Victim

Mar 16, 2021 8:01:00 AM By Stu Sjouwerman

From spear phishing attacks, to malicious domains, to credential-hunting – as I predicted, COVID vaccines are the hot attack theme right now from just about every angle.

By Their Poor Idiomatic Control Shall Ye Know Them

Mar 2, 2021 8:24:52 AM By Stu Sjouwerman

A new phishing campaign is impersonating Zoom in order to steal users’ Outlook credentials, according to researchers at GreatHorn. The attackers are using phishing URLs that spoof Zoom’s ...

Phishing Targets Industrial Control Systems

Feb 25, 2021 8:31:12 AM By Stu Sjouwerman

Phishing continues to be a primary initial access vector in cyberattacks against industrial control systems, according to researchers at Dragos. Out of the fifteen threat groups tracked ...

The DOJ Charged Two Alleged Members of North Korea’s Military Intelligence Services With a Scheme That Included Attempts to Steal $1.3 Billion Over the Past Half-Decade for Pyongyang

Feb 18, 2021 8:52:09 AM By Stu Sjouwerman

Two alleged members of North Korea's military intelligence services were accused of hacking banks and companies in the U.S. and several other countries. The grand total for this scheme is ...

Security Awareness Training Blog

Spear Phishing Blog

View Topics