CyberHoot Newsletter – January 2025

7th January 2025 | Blog, Newsletters

Welcome to CyberHoot’s January Newsletter!

Happy New Year!

Kick off the new year by staying ahead of the latest cybersecurity threats we face. This month we explore how traditional phishing tests can backfire and introduce HootPhish, a smarter phish testing solution that educates and rewards end users for completing assignments instead of punishing them. We dive into Microsoft’s Authquake MFA flaw and uncover hidden dangers from “brushing scams” that arrive in the form of unsolicited packages but seek to steal your personal information or infect your devices. Lastly, learn about rising cyber threat warnings from the FBI about our mobile phone carrier networks and simple tips like using encrypted messaging apps to protect yourself from foreign national adversaries.

Let’s make 2025 a year of stronger, smarter digital security and cyber literacy!

Craig Taylor, CEO | Co-Founder CyberHoot

How to Keep Your Text Messages Secure in an Era of Rising Cyber Threats

Protect your text messages from cyber threats with essential tips such as adopting secure messaging apps to encrypt your communications end-to-end. Read now!

Beware of Brushing Scams: A Hidden Threat to Shoppers

Learn how brushing scams try to exploit your devices or steal your personal data through unsolicited packages and QR codes leading to online forms. Read now!

Microsoft’s Authquake MFA Flaw

Learn about Microsoft’s Authquake MFA flaw, how hackers bypassed authentication, and key steps to protect your own accounts. Read now!

Fake Email Phishing: More Harmful than Helpful

Fake email phishing tests often backfire and lead to frustration and animosity with IT. HootPhish empowers users to identify and avoid phishing pitfalls and yields better metrics and positive outcomes. Read now!

Customer Spotlight

Liking CyberHoot? We need your help. Please leave us a review using the links below!

TrustPilot.com | G2.com | Capterra.com | Google.com | TrustRadius.com | Gartner.com

-Capterra

For more information on how to leave a CyberHoot review, please watch the brief video overviews below. Note: to avoid fraudulent reviews, each review website will require to you to create and validate your identity through an email account registration process.

CyberHoot Awarded Badges From G2

Cybrary Term of the Month

Brushing Scams

A brushing scam is a deceptive tactic where online sellers or scammers send unsolicited packages to individuals, often using their real names and addresses. At best, these “free gift” deliveries enable senders to create fake “verified purchase” reviews for their products on e-commerce platforms, boosting their rankings and credibility. At worst, they may contain a QR code that can harm the recipient in multiple ways when scanned. These scams exploit personal data, raise privacy concerns, and may indicate unauthorized access to personal information. Let’s look at the myriad of ways “Brushing” can harm us.

Click here to read more!

Explore CyberHoot’s Extensive 950+ Term Cybersecurity Library

Recently Added Features

General Release Notes

Made manager compliance summary report configurable in custom reporting.
Added a “generation date” to each report section header in Cybersecurity Summary Reports.
Added a Custom Messaging power-up to Autopilot for MSPs and resellers.
Updated Autopilot with side navigation instead of cards for power-ups.
Updated HootPhish Challenge to use a “help me card” always present on the right.
Added a clickable link under email logs landing page under the “Suppression Reason” column that takes you to the “Bounced” tab with specific bounce error messages.
Made all report recipient lists searchable.
Added “HootPhish Challenge” functionality to Power platform for Admin Access.
Added HootPhish Challenge Power-up to Autopilot Power-up for Admin Access.
Added HootPhish Challenge to reports.
Added customer sales report to Autopilot.
Gamification Scoring: updated user scoring to set number attempts = number of completed assignments if number attempts < number of completed assignments.
Removed last name requirements for users, HR contact and managers in all platforms. Update google and azure sync to allow for blank last names.
Added cloning of archived policies, videos and HootPhish assignments in the Power platform.
Power-up design and flow updates.
Updated difficult HootPhish to show identifier popovers.

Check out our CEO Craig Taylor in the Revelizations Podcast!

Enroll in CyberHoot’s Referral Program today and start earning a 20% share of all revenue generated for one year by those who register through your exclusive referral link. As a referral partner, not only will you receive financial rewards, but you’ll also experience the satisfaction of aiding others in becoming more security-conscious, safeguarding them against cyber threats. Don’t hesitate, sign up now at https://cyberhoot.com/referral-program/.

Referral through Autopilot’s Dashboard:

Join CyberHoot in our mission to create a more aware and better secured world! Recommend CyberHoot Autopilot to a friend, and they will enjoy a complimentary first month. For every new sign up who uses your referral link, you will receive a free month added to your account. This offer is exclusively for first-time CyberHoot registrants.

CyberHoot has Free Introductory Cyber Literacy Classes

Know someone who had a close call recently with a cyber attack, phishing email, or social engineering phone call? Recommend CyberHoot’s free Cyber Literacy 101 training. They’ll receive six (6) videos (each video is 3-4min.) and one of our positive reinforcement, hyper-realistic, phishing simulations. All for free.

Registration: https://cyberhoot.com/individuals