Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

View Topics

New Lazarus Spearphishing Attack on Crypto Organizations Uses a LinkedIn Job Posting as its Front

Aug 27, 2020 2:03:45 PM By Stu Sjouwerman
What better way to gain complete control over a crypto organization’s network that to target their sysadmin with a Job Posting and then spear phish them?
Continue Reading

RedCurl APT Uses Spear Phishing to Conduct Corporate Espionage

Aug 18, 2020 8:26:36 AM By Stu Sjouwerman
A previously unobserved APT group called “RedCurl” has been launching cyber espionage campaigns against organizations around the world since at least 2018, according to researchers at ...
Continue Reading

[HEADS UP] North Korean Cybercriminals Use Fake Recruitment Emails in Phishing Scam

Jul 31, 2020 7:00:00 AM By Stu Sjouwerman
North Korean hackers have been following that bit of social engineering wisdom to a T. According to researching from McAfee, a months long phishing campaign against aerospace and defense ...
Continue Reading

Sawfish Spearphishing Attacks Continue, Prompting Password Resets on GitHub and DeepSource

Jul 29, 2020 11:34:04 AM By Stu Sjouwerman
A new wave of attacks on GitHub users via app developer DeepSource has raised concerns over access to user credentials and development code.
Continue Reading

[Heads up]  CISA And NSA Urge “Immediate Action” To Secure National Critical Infrastructure

Jul 25, 2020 11:05:53 AM By Stu Sjouwerman
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have issued a joint advisory warning that foreign hackers are targeting systems that ...
Continue Reading

[Heads Up] Scam of The Week: Watch Out For This COVID Class Action Workplace Lawsuit

Jul 14, 2020 12:44:52 PM By Stu Sjouwerman
Major Law Firm Fisher Philips warned that COVID-19 workplace lawsuits are increasing exponentially. Of the 283 recent COVID-19 workplace lawsuits tracked, 122 of them, or 43%, were filed ...
Continue Reading

[Heads Up] The First-Ever Russian BEC Gang, Cosmic Lynx, Was Uncovered. They Spear Phish Multinational & Fortune 500 Senior Executives

Jul 7, 2020 10:13:48 AM By Stu Sjouwerman
“This is a historic shift to the global email threat landscape and portends new and sophisticated social engineering attacks that CISOs around the world must brace for now,” according to ...
Continue Reading

Pyongyang's Phishing with Job Offers

Jun 22, 2020 8:27:28 AM By Stu Sjouwerman
An attack campaign with possible ties to North Korea’s Lazarus Group targeted aerospace and military companies in Europe and the Middle East with spear phishing attacks late last year, ...
Continue Reading

[Heads Up] Ransomware Damage Skyrockets As Ransoms Grew 14 Times In Just 12 Months

May 27, 2020 11:25:48 AM By Stu Sjouwerman
Last year was highly profitable for ransomware actors but with the prices we've seen recently, 2020 is likely to surpass it as actors continue to target large companies in key industries. ...
Continue Reading

Hacker Group Compromises the Email Accounts of More Than 150 Company’s High-Ranking Executives

May 12, 2020 10:03:18 AM By Stu Sjouwerman
The latest string of attacks leverage traditional spear-phishing techniques mixed with the use of Microsoft’s newsletter service, Sway, to trick executives into giving up their Office 365 ...
Continue Reading

Medical Suppliers Targeted With Agent Tesla Infostealer

May 5, 2020 8:28:41 AM By Stu Sjouwerman
Researchers at Fortinet have identified a spear phishing campaign targeting medical suppliers with COVID-19-themed emails. The emails contain choppy grammar, but the message is clear ...
Continue Reading

PerSwaysion: Convincing Executives to Act Against Their Own Interest

May 4, 2020 8:26:14 AM By Stu Sjouwerman
Researchers at Group-IB have discovered a sophisticated spear phishing campaign that’s targeted executives at more than 150 companies around the world since mid-2019. The researchers have ...
Continue Reading

FBI Sends Private Industry Notification Warning of BEC Techniques

Mar 17, 2020 8:32:03 AM By Stu Sjouwerman
The FBI sent out a Private Industry Notification (PIN) warning companies that attackers are abusing Microsoft Office 365 and Google’s G Suite to launch business email compromise (BEC) ...
Continue Reading

[Heads Up] Your Exfiltrated Ransomware Data Is Now Used To Spearphish Your Business Partners

Mar 12, 2020 1:26:41 PM By Stu Sjouwerman
Ransomware operators are continually improving their tactics to ensure more lucrative payouts, according to Information Security Media Group (ISMG). Over the past several years, attackers ...
Continue Reading

New Sophisticated Credential-Stealing Malware, Forelord, Attacks the Middle East

Mar 4, 2020 5:15:52 PM By Stu Sjouwerman
This latest APT highlights the levels of sophistication attackers will go to just to establish persistence, infect the endpoint, and steal credentials from the victim organization.
Continue Reading

Why Minimizing Human Error is the Only Viable Defense Against Spear Phishing

Feb 25, 2020 11:21:58 AM By Stu Sjouwerman
Phishing attacks have become one of the business world's top cybersecurity concerns. These social engineering attacks have been rising over the years, with the most recent report from the ...
Continue Reading

Spamming Tools are a Commodity in the Criminal Underworld

Feb 25, 2020 8:21:25 AM By Stu Sjouwerman
Cheap and easy-to-use phishing kits and other social engineering tools are readily available for purchase on the black market, according to researchers at Digital Shadows. Criminals ...
Continue Reading

Spear Phishing Tops the Canadian Anti-Fraud Center’s List of Attacks

Feb 24, 2020 5:13:16 PM By Stu Sjouwerman
The latest data out of the Canadian Government points out how targeted spear phishing fraud attacks via email are the most lucrative method of attack for cybercriminals in 2019.
Continue Reading

New Convincing Verizon Smishing Scam Makes SIM Swaps A Breeze

Feb 18, 2020 1:42:27 PM By Stu Sjouwerman
Cybercriminals intent on using a mobile device as a second factor of authentication are now using texts and very realistic-looking mobile sites to steal details needed to perform SIM ...
Continue Reading

Intelligence Services Get Phishing Licenses

Feb 3, 2020 8:23:46 AM By Stu Sjouwerman
New York Times journalist Ben Hubbard was targeted by a spear phishing attack designed to deliver NSO Group’s Pegasus spyware, researchers at the University of Toronto’s Citizen Lab have ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews