Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

SANS Releases Guide to Address Rise in Attacks on Manufacturing and Industrial Control Systems

Sep 18, 2024 7:59:23 AM By Stu Sjouwerman
Increased ransomware attacks on industrial control systems (ICS), mixed with general ICS insecurity found across the manufacturing sector, has given rise to a guide specifically ...
Continue Reading

New Ransomware Threat Group, RansomHub, is so Effective, the NSA is Already Warning You About Them

Sep 16, 2024 3:43:10 PM By Stu Sjouwerman
The latest evolution of the ransomware service model, RansomHub, has only been around since February of this year, but its affiliates are already successfully exfiltrating data.
Continue Reading

Attackers Using HTTP Response Headers to Redirect Victims to Phishing Pages

Sep 13, 2024 9:16:55 AM By Stu Sjouwerman
Researchers at Palo Alto Networks’ Unit 42 warn that attackers are using refresh entries in HTTP response headers to automatically redirect users to phishing pages without user ...
Continue Reading

Your Lawyers Are Increasingly Targeted by Phishing Attacks, Ransomware

Sep 11, 2024 3:02:21 PM By Stu Sjouwerman
Researchers at Bitdefender warn that law firms are high-value targets for ransomware gangs and other criminal threat actors. Attackers frequently use phishing to gain initial access to an ...
Continue Reading

Election-Themed Scams Are on the Rise

Sep 9, 2024 4:45:49 PM By Stu Sjouwerman
Researchers at Malwarebytes warn of a surge in election-themed scams ahead of November’s presidential election in the US. These attacks can be expected to increase as the election grows ...
Continue Reading

Use of Malicious Links Surges by 133% in Q1, Setting the Tone for the First Half of 2024

Sep 9, 2024 4:45:46 PM By Stu Sjouwerman
Threat actors are opting for malicious links over attachments in email-based attacks because it gives them a critical advantage that many solutions can’t address.
Continue Reading

Phishing is Still the Top Initial Access Vector

Sep 5, 2024 11:21:58 AM By Stu Sjouwerman
Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by ...
Continue Reading

Scammers Use Fake Funeral LiveStream Social Media Posts to Extort Victims

Aug 30, 2024 12:03:13 PM By Stu Sjouwerman
In a troubling new low, cybercriminals are targeting individuals grieving the loss of a loved one by charging their credit cards with excessive fees through a heartless scam. According to ...
Continue Reading

Nearly Half of Mid-Market and Enterprise Organizations Have Experienced Four or More Ransomware Attacks in the Last Year

Aug 30, 2024 12:03:10 PM By Stu Sjouwerman
New data exposes the reality of ransomware attacks today, including their frequency, impact, ransom payment – and the involvement of human error.
Continue Reading

Threat Actors Abuse Microsoft Sway to Launch QR Code Phishing Attacks

Aug 30, 2024 8:23:54 AM By Stu Sjouwerman
Researchers at Netskope last month observed a 2000-fold increase in traffic to phishing pages delivered through Microsoft Sway.
Continue Reading

Fewer, High-Profile Ransomware Attacks Are Yielding Higher Ransoms

Aug 29, 2024 8:52:20 AM By Stu Sjouwerman
Analysis of cryptocurrency payments made on the blockchain highlights shifts in the size and frequency of ransomware attacks and may paint a bleak picture for the remainder of the year.
Continue Reading

Email Compromise Remains Top Threat Incident Type for the Third Quarter in a Row

Aug 28, 2024 8:26:11 AM By Stu Sjouwerman
New analysis of Q2 threats shows a consistent pattern of behavior on the part of threat actors and threat groups, providing organizations with a clear path to protect themselves.
Continue Reading

Phishing Attacks Are Increasingly Targeting Social Media and Smartphone Users

Aug 28, 2024 8:26:08 AM By Stu Sjouwerman
Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG).
Continue Reading

Ransomware Recovery Costs Have Doubled for State and Local Governments

Aug 27, 2024 7:30:00 AM By Stu Sjouwerman
Thirty-four percent of state and local government entities were hit by ransomware in 2024, a new report from Sophos has found. While this is a decrease compared to the attack rate in ...
Continue Reading

Business Email Compromise Scams Rise 20%, Making up Nearly Half of all Spam Emails

Aug 23, 2024 3:07:33 PM By Stu Sjouwerman
New research on email threats points to AI-based tools to assist in generating BEC content. And the overwhelming targeted role may or may not surprise you.
Continue Reading

The Number of Email-Based Cyber Attacks Detected Surge 239% in 1H 2024

Aug 23, 2024 3:07:30 PM By Stu Sjouwerman
New data shows the most prevalent and obvious path into an organization – email – continues to be exploited by a growing number of cybercriminals.
Continue Reading

Deceptive AI: A New Wave of Cyber Threats

Aug 23, 2024 8:48:22 AM By Javvad Malik
As artificial intelligence (AI) technology advances, its influence on social media has become more and more pervasive and riddled with challenges. In particular, the ability for humans to ...
Continue Reading

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

Aug 21, 2024 4:02:10 PM By Stu Sjouwerman
Researchers at Recorded Future’s Insikt Group warn that the Iranian state-sponsored threat actor “GreenCharlie” is launching spear phishing attacks against US political campaigns.
Continue Reading

Phishing Scammers Leverage Microsoft Dynamics 365 to Target US Government Contractors

Aug 21, 2024 4:02:07 PM By Stu Sjouwerman
Analysis of a phishing campaign targeting thousands of government contractors, dubbed “Operation Uncle Sam,” takes advantage of some sophisticated steps to avoid detection.
Continue Reading

Threat Actors Abuse URL Rewriting to Mask Phishing Links

Aug 21, 2024 2:33:55 PM By Stu Sjouwerman
Threat actors are abusing a technique called “URL rewriting” to hide their phishing links from security filters, according to researchers at Perception Point.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews