[Heads Up] The First-Ever Russian BEC Gang, Cosmic Lynx, Was Uncovered. They Spear Phish Multinational & Fortune 500 Senior Executives

Jul 7, 2020 10:13:48 AM By Stu Sjouwerman

“This is a historic shift to the global email threat landscape and portends new and sophisticated social engineering attacks that CISOs around the world must brace for now,” according to ...

Pyongyang's Phishing with Job Offers

Jun 22, 2020 8:27:28 AM By Stu Sjouwerman

An attack campaign with possible ties to North Korea’s Lazarus Group targeted aerospace and military companies in Europe and the Middle East with spear phishing attacks late last year, ...

[Heads Up] Ransomware Damage Skyrockets As Ransoms Grew 14 Times In Just 12 Months

May 27, 2020 11:25:48 AM By Stu Sjouwerman

Last year was highly profitable for ransomware actors but with the prices we've seen recently, 2020 is likely to surpass it as actors continue to target large companies in key industries. ...

Hacker Group Compromises the Email Accounts of More Than 150 Company’s High-Ranking Executives

May 12, 2020 10:03:18 AM By Stu Sjouwerman

The latest string of attacks leverage traditional spear-phishing techniques mixed with the use of Microsoft’s newsletter service, Sway, to trick executives into giving up their Office 365 ...

Medical Suppliers Targeted With Agent Tesla Infostealer

May 5, 2020 8:28:41 AM By Stu Sjouwerman

Researchers at Fortinet have identified a spear phishing campaign targeting medical suppliers with COVID-19-themed emails. The emails contain choppy grammar, but the message is clear ...

PerSwaysion: Convincing Executives to Act Against Their Own Interest

May 4, 2020 8:26:14 AM By Stu Sjouwerman

Researchers at Group-IB have discovered a sophisticated spear phishing campaign that’s targeted executives at more than 150 companies around the world since mid-2019. The researchers have ...

FBI Sends Private Industry Notification Warning of BEC Techniques

Mar 17, 2020 8:32:03 AM By Stu Sjouwerman

The FBI sent out a Private Industry Notification (PIN) warning companies that attackers are abusing Microsoft Office 365 and Google’s G Suite to launch business email compromise (BEC) ...

[Heads Up] Your Exfiltrated Ransomware Data Is Now Used To Spearphish Your Business Partners

Mar 12, 2020 1:26:41 PM By Stu Sjouwerman

Ransomware operators are continually improving their tactics to ensure more lucrative payouts, according to Information Security Media Group (ISMG). Over the past several years, attackers ...

New Sophisticated Credential-Stealing Malware, Forelord, Attacks the Middle East

Mar 4, 2020 5:15:52 PM By Stu Sjouwerman

This latest APT highlights the levels of sophistication attackers will go to just to establish persistence, infect the endpoint, and steal credentials from the victim organization.

Why Minimizing Human Error is the Only Viable Defense Against Spear Phishing

Feb 25, 2020 11:21:58 AM By Stu Sjouwerman

Phishing attacks have become one of the business world's top cybersecurity concerns. These social engineering attacks have been rising over the years, with the most recent report from the ...

Spamming Tools are a Commodity in the Criminal Underworld

Feb 25, 2020 8:21:25 AM By Stu Sjouwerman

Cheap and easy-to-use phishing kits and other social engineering tools are readily available for purchase on the black market, according to researchers at Digital Shadows. Criminals ...

Spear Phishing Tops the Canadian Anti-Fraud Center’s List of Attacks

Feb 24, 2020 5:13:16 PM By Stu Sjouwerman

The latest data out of the Canadian Government points out how targeted spear phishing fraud attacks via email are the most lucrative method of attack for cybercriminals in 2019.

New Convincing Verizon Smishing Scam Makes SIM Swaps A Breeze

Feb 18, 2020 1:42:27 PM By Stu Sjouwerman

Cybercriminals intent on using a mobile device as a second factor of authentication are now using texts and very realistic-looking mobile sites to steal details needed to perform SIM ...

Intelligence Services Get Phishing Licenses

Feb 3, 2020 8:23:46 AM By Stu Sjouwerman

New York Times journalist Ben Hubbard was targeted by a spear phishing attack designed to deliver NSO Group’s Pegasus spyware, researchers at the University of Toronto’s Citizen Lab have ...

Scam Of The Week: "Kobe Bryant Dead, Dies in Helicopter Crash"

Jan 26, 2020 4:29:02 PM By Stu Sjouwerman

Today, news broke that Kobe Bryant died in a helicopter crash. His daughter Gigi was also on board and died in the crash. This is a celebrity death that the bad guys are going to be ...

FDIC Warns U.S. Financial Institutions of Elevated Risk of Cyberattack

Jan 23, 2020 4:05:27 PM By Stu Sjouwerman

Citing “increased geopolitical tension”, banks are warned to immediately reevaluate to shore up cybersecurity controls and technology safeguards against ransomware and malware attacks.

Security-Related and Giveaway Phishing Email Subject Lines Get the Most Clicks

Jan 14, 2020 12:06:00 PM By Stu Sjouwerman

KnowBe4 revealed the results of its Q4 2019 top-clicked phishing report. The results found that simulated phishing tests with an urgent message to check a password immediately were most ...

Microsoft Sues Hacker Group for Data Theft of Highly Sensitive Information

Jan 13, 2020 9:48:18 AM By Stu Sjouwerman

A new recently unsealed lawsuit against a North Korean hacker group shows how even the largest companies can be successfully attacked by phishing.

Of Course, Scammers Exploit Fears of Iranian Hacking

Jan 9, 2020 8:23:29 AM By Stu Sjouwerman

A new phishing campaign is attempting to frighten people into handing over their credentials by claiming Microsoft was hacked by Iran, BleepingComputer reports. The campaign is ...

Phishing Emails on the Rise as Spear Phishing Continues to Return Bigger Payouts

Jan 7, 2020 8:59:42 AM By Stu Sjouwerman

New data from Microsoft Security Insights sheds some needed light on exactly what the bad guys are doing and how they’re shifting tactics. Sometimes it feels like the bad guys are ...

Security Awareness Training Blog

Spear Phishing Blog

View Topics