Document, Phishing and Security Awareness

Synthetic Sabotage: How AI Tools Are Fueling Tailored Phishing Campaigns at Scale

SecureWorld News

APRIL 28, 2025

The phishing game has evolved into synthetic sabotage a hybrid form of social engineering powered by AI that can personalize, localize, and scale attacks with unnerving precision. The quiet revolution of phishing-as-a-service (PhaaS) If you haven't noticed by now, phishing has gone SaaS. For phishing, this is a gold mine.

Phishing

Phishing Social Engineering Engineering Data breaches

Phishing attack targets DocuSign and SharePoint users

SC Magazine

JULY 2, 2021

Researchers reported on Friday that cybercriminals are mimicking legitimate correspondence to actively target popular cloud applications DocuSign and SharePoint in phishing attacks designed to steal user log-in credentials. The post Phishing attack targets DocuSign and SharePoint users appeared first on SC Media.

Phishing

Phishing Authentication Security Awareness Media

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. Subject lines included “your document” and “photo of you???”. Phishing Reporting : Report phishing emails and other malicious cyber activities to relevant authorities like the FBI’s IC3 and the NJCCIC.

Phishing

Phishing Ransomware Security Awareness Authentication

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Protect your business with security awareness training

SiteLock

AUGUST 27, 2021

In fact, 97% of us can’t tell a phishing email from a legitimate one. Cybercriminals know this, which is why phishing attacks account for more than 80% of reported security incidents and why 54% of companies say their data breaches were caused by “negligent employees. ”. Business Email Compromise (BEC) is similar to phishing.

Security Awareness

Security Awareness Passwords Phishing Scams

Receive a Locked PDF? It May Be Phishing for Your Personal Info

SecureWorld News

FEBRUARY 16, 2024

Tripwire explains: Attackers are using fake encrypted PDF documents to try to phish for unsuspecting users’ login credentials. John Bambenek, a handler at SANS Internet Storm Center, disclosed the phishing campaign on 4 January. As he told Threatpost : “This is an untargeted phishing campaign.

Phishing

Phishing Scams Security Awareness Encryption

Hackers hit 10,000 mailboxes in phishing attacks on FedEx and DHL Express

SC Magazine

FEBRUARY 23, 2021

Researchers reported Tuesday that they found two email phishing attacks targeting at least 10,000 mailboxes at FedEx and DHL Express that look to extract a user’s work email account. In the FedEx attack, the final phishing page spoofs an Office 365 portal packed with Microsoft branding. Brand impersonation.

Phishing

Phishing Social Engineering Accountability Technology

Combatting Phishing with Enhanced Cybersecurity Awareness Programs

SecureWorld News

OCTOBER 24, 2023

Phishing is all around us. They send super-lucrative offers by email, create fake websites and payment pages, and distribute malicious scripts under the guise of useful documents. Assess employee awareness of prevailing cyber threats: Understanding their vulnerability level is key to implementing prompt protective measures.

Phishing

Phishing Cybersecurity Security Awareness Computers and Electronics

Google Firebase hosts Microsoft Office phishing attack

SC Magazine

FEBRUARY 5, 2021

A phishing attack recently uncovered by researchers pretends to share information about an electronic funds transfer (EFT) by offering up a link to download an HTML invoice that then loads to a page with Microsoft Office branding that’s hosted on Google Firebase. The email attack bypassed native Microsoft email security controls.

Phishing

Phishing Media Engineering Accountability

Modern Strategies to Address Phishing Risks with Advanced Technology

SecureWorld News

AUGUST 9, 2024

In today's digital age, phishing has evolved into a sophisticated threat capable of deceiving even the most technically savvy individuals. No longer confined to suspicious emails, phishing now encompasses voice-based attacks (vishing), text-based scams (smishing) automated with phishing kits, and deepfake technologies.

Technology

Technology Phishing Risk Scams

Ingenious Phishing Tactics in the Modern Scammer's Toolbox

SecureWorld News

OCTOBER 30, 2023

When it comes to impactful types of internet-borne crime, phishing is the name of the game. According to Verizon's 2023 Data Breach Investigations Report (DBIR), a whopping 74% of breaches involve a human element, which is exactly what phishing aims to exploit. And for good reason. Tactics matter a lot, too.

Phishing

Phishing Scams Passwords Wireless

Financial cyberthreats in 2024

SecureList

MARCH 25, 2025

Key findings Phishing Banks were the most popular lure in 2024, accounting for 42.58% of financial phishing attempts. Amazon Online Shopping was mimicked by 33.19% of all phishing and scam pages targeting online store users in 2024. Cryptocurrency phishing saw an 83.37% year-over-year increase in 2024, with 10.7

Phishing

Phishing Banking Scams Mobile

Intro to phishing: simulating attacks to build resiliency

Security Affairs

APRIL 21, 2023

Phishing attacks are a major threat to organizations, they remain a perennial choice of cybercriminals when it comes to hacking their victims. The infographic below outlines the most common types of phishing attacks used against individuals or businesses.

Phishing

Phishing Social Engineering Security Awareness Passwords

What Your CISO Can Learn From Logan Paul vs Floyd Mayweather

Javvad Malik

JULY 7, 2021

Security teams need to understand that empathy is critical to building relationships. So, content, not just security awareness related, but also policies, and other documentation needs to resonate with people. In the past year or so, we’ve seen many examples of simulated phishing attacks go wrong and anger employees.

CISO

CISO Phishing Media Security Awareness

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

The campaigns were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. Phishing and Malware Q2 2020.

Threat Reports

Threat Reports Phishing Banking Malware

Threat Report Portugal Q1 2020

Security Affairs

APRIL 20, 2020

Threat Report Portugal Q1 2020: Phishing and malware by numbers. The campaigns were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way.

Threat Reports

Threat Reports Phishing Malware Banking

Threat Report Portugal: Q4 2020

Security Affairs

JANUARY 26, 2021

Threat Report Portugal Q4 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The submissions were classified as either phishing or malware. Phishing and Malware Q4 2020. These kinds of malware come from Brazil and the attacks are disseminated via phishing campaigns.

Threat Reports

Threat Reports Phishing Malware Banking

Threat Report Portugal: Q2 2021

Security Affairs

JULY 22, 2021

The submissions were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. Phishing and Malware Q2 2021.

Threat Reports

Threat Reports Phishing Malware Banking

Threat Report Portugal: Q1 2021

Security Affairs

MAY 2, 2021

Threat Report Portugal Q1 2021: Phishing and malware by numbers. The submissions were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way.

Threat Reports

Threat Reports Phishing Malware Data collection

Threat Report Portugal: Q3 2021

Security Affairs

NOVEMBER 14, 2021

The submissions were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipating emerging threats, and manage security awareness in a better way. Phishing and Malware Q3 2021. Malware by Numbers.

Threat Reports

Threat Reports Phishing Malware Banking

8 security tips for small businesses

Malwarebytes

NOVEMBER 6, 2024

Train your employees in security awareness, so they can recognize phishing attempts and know what they can and can’t do on company-issued hardware. Very important files and documents can be encrypted or stored in password protected folders to keep them safe from prying eyes.

Small Business

Small Business Backups Firewall VPN

RevengeRAT and AysncRAT target aerospace and travel sectors

SC Magazine

MAY 14, 2021

Microsoft Security Intelligence earlier this week tweeted out that it has been tracking a campaign of remote access trojans (RATs) targeting the aerospace and travel industries with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AysncRAT.

Phishing

Phishing Scams Security Awareness Security Intelligence

Cybersecurity in the SMB space — a growing threat

SecureList

JUNE 25, 2024

For example, the UK’s National Cyber Security Centre reports that around 50% of SMBs in the UK are likely to experience a cybersecurity breach annually. Addressing cybersecurity requires a multifaceted approach, combining technological solutions with fostering a security-aware culture within the organization.

Cybersecurity

Cybersecurity Phishing Media Software

Email Security Recommendations You Should Consider from 2021

Cisco Security

AUGUST 17, 2021

Now mix in architectural changes that support cloud productivity suites like Microsoft 365 and Google’s G-Suite to accelerate your business to cloud-based email security services. When it comes to safeguarding email against today’s advanced threats like phishing and malware information is power. User Awareness Training: Training.

Phishing

Phishing Technology Malware Authentication

10 Top Open Source Penetration Testing Tools

eSecurity Planet

FEBRUARY 24, 2022

Such security audits require various techniques and tools to simulate classic steps of an attack, such as information gathering (reconnaissance), phishing, or privilege escalation. The Open Web Application Security Project (OWASP) is a nonprofit foundation and an open community dedicated to security awareness.

Penetration Testing

Penetration Testing Social Engineering Passwords Phishing

Know Your Enemy: Following a Seasoned Phisher's Train of Thought

SecureWorld News

MARCH 1, 2023

Any organization with a well-guarded security perimeter is low-hanging fruit as long as its employees fall for phishing hoaxes. Let's try to break bad and gain insights into the things that set the most successful phishing attacks apart from mediocre ones. Urgency is a scammer's best ally, too.

Phishing

Phishing Social Engineering Scams Security Awareness

Threat Report Portugal: Q4 2021

Security Affairs

FEBRUARY 20, 2022

The submissions were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipate emerging threats, and manage security awareness in a better way. Phishing and Malware Q4 2021. in Q3 2021.

Threat Reports

Threat Reports Phishing Malware Banking

Threat Group Continuously Updates Malware to Evade Antivirus Software

eSecurity Planet

NOVEMBER 7, 2022

LODEINFO has been observed engaged in a spear- phishing campaign since December 2019 by JPCERT/CC. They observed another spear-phishing campaign in March 2022. The malicious Word documents contained fake security notices that invited the victims to “Enable Editing” and “Enable Content,” which executes malicious VBA code.

Antivirus

Antivirus Software Malware Security Awareness

Strong medical device security awareness stifled by inventory, knowledge gaps

SC Magazine

JULY 1, 2021

This creates a major gap in security awareness, considering the 65,000 ransomware attacks deployed in the U.S. However, those are symptoms of health care’s security posture, not the cause. It allows you to understand the purpose of building a security architecture and the tasks become more manageable.”.

Security Awareness

Security Awareness IoT Risk Healthcare

How to Stop Phishing Attacks with Protective DNS

Security Boulevard

OCTOBER 2, 2023

Phishing Threats Are Increasing in Scale and Sophistication Phishing remains one of the most dangerous and widespread cybersecurity threats. Phishing is now the most common initial attack vector, overtaking stolen or compromised credentials. Phishing attacks are becoming more difficult to detect. billion USD globally.

DNS

DNS Phishing Social Engineering Engineering

Threat Report Portugal: Q2 2022

Security Affairs

JULY 4, 2022

The submissions were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipate emerging threats, and manage security awareness in a better way. Phishing and Malware Q2 2022. in Q1 2022. Malware by Numbers.

Threat Reports

Threat Reports Phishing Malware Banking

12 Critical SOC 2 Controls to Support Compliance

Centraleyes

MARCH 10, 2025

Change Management: Ensures that changes to systems or processes are authorized, tested, and documented to prevent errors. If you choose additional Trust Service Categories beyond Security, the Common Criteria serve as a baseline, with category-specific requirements layered on top. If its not documented, it doesnt exist.

Encryption

Encryption Backups Risk Authentication

Hacker Personas Explained: Know Your Enemy and Protect Your Business

Webroot

FEBRUARY 11, 2021

Impersonators are known to use phishing , Business Email Compromise (BEC) and domain spoofing to lure victims, and they’re always looking for new ways to innovate. This is why a multi-layered approach that can block phishing sites (including HTTPS) in real time, is key for staying safe.

Scams

Scams Phishing Firewall Social Engineering

News Alert: CybeReady issues a summer saeson guide outlining 5 workforce security strategies

The Last Watchdog

JUNE 20, 2023

— CybeReady, a global leader in security awareness training, today announced the release of its informative guide, “Five Workforce Security Strategies to Consider During Summer Holidays.” Also recommended is to carry a secure hard copy of essential travel documents. Santa Clara, Calif.

Security Awareness

Security Awareness Media Risk CISO

Nine Top of Mind Issues for CISOs Going Into 2023

Cisco Security

JANUARY 10, 2023

From Security Awareness to Culture Change. Traditionally CISOs have talked about the importance of improving security awareness which has resulted in the growth of those test phishing emails we all know and love so much. For the most effective security awareness, culture is key.

CISO

CISO Insurance Cyber Insurance Phishing

The Key to Cybersecurity is an Educated Workforce

Security Boulevard

MAY 4, 2021

However, the fundamental starting point of any organisation’s security infrastructure must be a trained and aware workforce, who understand their responsibility in keeping business data safe. Oliver Paterson, Product Expert, VIPRE Security Awareness Training and Safesend , explains.

Education

Education Cybersecurity Cyber Attacks Data breaches

Threat Report Portugal: Q3 & Q4 2022

Security Affairs

APRIL 6, 2023

The submissions were classified as either phishing or malware. This report provides intelligence and indicators of compromise (IOCs) that organizations can use to fight current attacks, anticipate emerging threats, and manage security awareness in a better way. of the total, in comparison with 31.1% in Q2 2022.

Threat Reports

Threat Reports Phishing Malware Banking

Threat Report Portugal: Q3 2020

Security Affairs

NOVEMBER 6, 2020

Threat Report Portugal Q3 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The campaigns were classified as either phishing or malware. Phishing and Malware Q3 2020. From Figure 2, January presented a total of 15 phishing campaigns, 29 in February and 46 during March.

Threat Reports

Threat Reports Phishing Malware Banking

Top 9 Cybersecurity Challenges SMEs Currently Face

Responsible Cyber

APRIL 8, 2020

To mitigate this security challenge, businesses must educate their employees on the basics of cybersecurity and include cybersecurity policies in the onboarding process of every new employee. Security awareness should be ongoing and evolving. The Cloud Is not a Safe Haven from Security Flaws. Phishing and Spear Phishing.

Cybersecurity

Cybersecurity DDOS Small Business Phishing

Our Top 3 Tips for Preventing Ransomware Attacks

SiteLock

AUGUST 27, 2021

It’s often spread through phishing emails or malicious websites, exploiting vulnerabilities and security flaws in outdated operating systems. Implement regular security awareness training to keep your workforce knowledgeable about how to spot phishing emails and other potential threats. The malware does the rest.

Ransomware

Ransomware Small Business Backups Encryption

Cybersecurity Awareness Month 2024: The Top Four Ways to Secure Our World

Security Boulevard

SEPTEMBER 30, 2024

However, even strong and unique passwords have well-documented limitations and risks. Recognize and Report Phishing According to the Thales 2024 Data Threat Report , phishing is the second fastest-growing attack. Randomization, with a mix of letters, symbols, and numbers.

Cybersecurity

Cybersecurity Passwords Password Management Phishing

8 Cyber Predictions for 2025: A CSO’s Perspective

Security Boulevard

JANUARY 9, 2025

An evolution in MiTM, adversary-in-the-middle (AiTM) attacks, was also observed by ThreatLabz, as detailed in the ThreatLabz 2024 Phishing Report. 2025 predictions: AI (again), insider threats, and moreHere are eight cybersecurity trends and predictions I expect will shape the landscapeand security prioritiesin the year ahead.

Social Engineering

Social Engineering Architecture Phishing Risk

Report Reveals Top Cyber Threats, Trends of 2023 First Half

SecureWorld News

JUNE 13, 2023

Key findings in the report include: The Critical Start Security Operations Center (SOC), which monitors millions of endpoints with more than 80,000 investigations a week, saw increases overall in the number of investigated alerts, alerts escalated to customers, and alerts that were of high or critical priority.

Cyber threats

Cyber threats Malware Phishing Ransomware

5 of the Most Commonly Overlooked Security Measures

CyberSecurity Insiders

JULY 14, 2022

Conduction of such evaluations periodically gives a clear picture of where the program stands in terms of security. All results need to be evaluated against the Certification and Accreditation document requirements. Phishing, Still at Large. Data security teams can’t presume everybody can recognize a phishing attempt.

IoT

IoT Encryption Phishing Risk

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes

MAY 28, 2021

As with other “big game” ransomware, the delivery method changes according to the preferences of the group operating it, but among the most common attack vectors are remote desktop protocol (RDP) , phishing , and weaknesses in either software or hardware. Focus on cyber security awareness and training.

Healthcare

Healthcare Ransomware Encryption Passwords

Synthetic Sabotage: How AI Tools Are Fueling Tailored Phishing Campaigns at Scale

Phishing attack targets DocuSign and SharePoint users

Webinars

Trending Sources

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Webinars

Protect your business with security awareness training

Receive a Locked PDF? It May Be Phishing for Your Personal Info

Hackers hit 10,000 mailboxes in phishing attacks on FedEx and DHL Express

Combatting Phishing with Enhanced Cybersecurity Awareness Programs

Google Firebase hosts Microsoft Office phishing attack

Modern Strategies to Address Phishing Risks with Advanced Technology

Ingenious Phishing Tactics in the Modern Scammer's Toolbox

Financial cyberthreats in 2024

Intro to phishing: simulating attacks to build resiliency

What Your CISO Can Learn From Logan Paul vs Floyd Mayweather

Threat Report Portugal: Q2 2020

Threat Report Portugal Q1 2020

Threat Report Portugal: Q4 2020

Threat Report Portugal: Q2 2021

Threat Report Portugal: Q1 2021

Threat Report Portugal: Q3 2021

8 security tips for small businesses

RevengeRAT and AysncRAT target aerospace and travel sectors

Cybersecurity in the SMB space — a growing threat

Email Security Recommendations You Should Consider from 2021

10 Top Open Source Penetration Testing Tools

Know Your Enemy: Following a Seasoned Phisher's Train of Thought

Threat Report Portugal: Q4 2021

Threat Group Continuously Updates Malware to Evade Antivirus Software

Strong medical device security awareness stifled by inventory, knowledge gaps

How to Stop Phishing Attacks with Protective DNS

Threat Report Portugal: Q2 2022

12 Critical SOC 2 Controls to Support Compliance

Hacker Personas Explained: Know Your Enemy and Protect Your Business

News Alert: CybeReady issues a summer saeson guide outlining 5 workforce security strategies

Nine Top of Mind Issues for CISOs Going Into 2023

The Key to Cybersecurity is an Educated Workforce

Threat Report Portugal: Q3 & Q4 2022

Threat Report Portugal: Q3 2020

Top 9 Cybersecurity Challenges SMEs Currently Face

Our Top 3 Tips for Preventing Ransomware Attacks

Cybersecurity Awareness Month 2024: The Top Four Ways to Secure Our World

8 Cyber Predictions for 2025: A CSO’s Perspective

Report Reveals Top Cyber Threats, Trends of 2023 First Half

5 of the Most Commonly Overlooked Security Measures

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Stay Connected