Discover the latest phishing tactics targeting unsuspecting victims, including Cloudflare Workers, HTML smuggling, and AI-generated emails. Learn how cybercriminals bypass security measures and how you can protect yourself from these sophisticated attacks. Stay informed and stay safe in the ever-evolving world of cybersecurity.
This video provides MSPs with instructions on how to add a new “Automatic” client to CyberHoot. Automatic Clients automate the delivery a single monthly security awareness training video and a quarterly phishing test by assignment with no intervention by the MSP at all. The only requirement for the MSP is that they manage user adds and deletes.
This video provides end users with an overview of the Phish Testing by assignment service in CyberHoot. It should be shared with anyone who is struggling to complete their phishing test by assignment.
Phish testing has been punitive to employees and difficult for SMBs and MSPs to set up. It requires you to configure allow-lists, X-Headers, and PowerShell scripts. This video and how explains how to avoid all that hassle with automated assignment-based phish testing that is a positive learning experience for employees with zero administration and setup for SMBs or MSPs.
Secure your business with CyberHoot Today!!! Sign Up Now We’re constantly receiving emails, text messages, and phone calls from scammers claiming to be reputable brands we use. What you may …
Secure your business with CyberHoot Today!!! Sign Up Now Anyone who owns a cellphone has likely received an unexpected text message from a number they don’t recognize containing a link …
Click the image below to view a larger version Overview of the New Assignment-Based Phishing Module HowTo: Set Up Assignment-Based Phishing Module https://youtu.be/fsCntDKJgVshttps://youtu.be/3qaNDq274nY To go to the HowTo page for …
A wave of phishing attacks has been generated within Google’s cloud-based word processing solution (Google Docs) and its “Comments” feature. Attackers use the commenting feature to send malicious links to …
Today is Day Nine of Cybersecurity Awareness Month, each day, we will be publishing a video outlining necessary topics to help improve people’s cybersecurity hygiene. Keep checking CyberHoot’s VLOG and …
BazarCaller is a new cybercrime gang that uses Vishing to trick its victims into handing over information or access to a device. Vishing is the malicious practice of making phone …
Stalkerware refers to tools, apps, software programs, and devices that let another person (a stalker) secretly watch and record information on another person’s device. Parents use this type of tool …
In May of 2021, the United States’ largest pipeline, Colonial Pipeline, halted operations due to a ransomware attack. At the time, Colonial Pipeline carried 45% of the fuel used on the …
A Quick Response (QR) Code is a type of barcode that contains a pattern of dots and lines. It can be scanned using a QR scanner or on a smartphone camera. …
Clickjacking, also known as a “UI Redress Attack”, is when an attacker uses multiple transparent or vague layers to trick a user into clicking on a button or link on …
Since Instagram’s official launch in 2010, it’s seen more than 1 billion accounts opened with users sharing close to 100 million photos every day. Instagram’s popularity skyrocketed since its launch …
A Domain Name System (DNS) is essentially the ‘phonebook’ of the Internet. DNS is an elaborate, fault-tolerant way of connecting people to resources online. While it is quite complex, this …
A PayPal text message phishing campaign was discovered that attempts to steal your account credentials and other sensitive information. This form of phishing attack, through text messages, is called Smishing. Hackers …
Sender Policy Framework (SPF) is an anti-spam tool where email domains of the senders can be authenticated. SPF works hand-in-hand with DKIM and DMARC to help authenticate email messages to …
DKIM (DomainKeys Identified Mail) is an email authentication tool that verifies messages are sent from a legitimate user’s email address. It’s designed to prevent email forgery and spoofing; essentially phishing. …
DMARC which stands for Domain-based Message Authentication, Reporting, and Conformance is an email security protocol. When enabled, your email domain is protected from spoofing by hackers. DMARC sets up an …
Barbara Corcoran, a world famous Shark Tank host, was scammed out of nearly $400,000 in late February. Barbara Corcoran, a renowned real-estate broker and business expert, admitted last month that …
The Melissa Virus is malware that was was deployed in late March of 1999. A programmer by the name of David Lee Smith took over an America Online (AOL) account …
Vishing is the fraudulent practice of making phone calls or leaving voice messages pretending to be from reputable companies in order to have individuals give out personal information, up to …
Smishing is another form of phishing, where a hacker sends a malicious text or SMS message trying to trick someone into giving them sensitive information. Smishing can be more dangerous …
Spear-Phishing is a form of phishing attack that targets a specific person or organization, seeking access to sensitive information. Similar to phishing, this is done through spoofing emails that appear …
Whaling refers to malicious hacking that targets high-ranking executives. Similar to phishing, whaling is where the hacker hunts for data that they can use, but they focus on high-ranking bankers, …
Social Engineering in the context of cyber security, is when one uses psychological manipulation to have people perform specific actions or to give out confidential information. This differs from the …
Related Terms: Social Engineering, Phishing Source: CNSSI 4009 If you would like more information on spoofing, watch this short video: Watch this video on YouTube
Spotting and Avoiding Phishing Attacks This CyberHoot core curriculum and BootCamp video outlines the common attack patterns found in phishing attacks and provides the viewer with a clear set of …
Overview of Phish testing.
This 3 minute video by the Government of Canada outlines how phishing occurs online. Problems online occur when you are phished and turn over account numbers, passwords, or other critical …
It was only about a week ago that the government facility in Pensacola, Florida was shut down due to a cyber attack. Now the city of New Orleans is shut …
Ransomware is a type of malicious software designed to block access to a computer system, and more importantly the critical data it contains, until a sum of money or ransom …
Phishing is a digital form of social engineering to deceive individuals into providing sensitive information. This is typically done via email, having people click on links that allow hackers to …
This past Thanksgiving weekend, 110 healthcare facilities were infected by a ransomware attack on their IT provider. Virtual Care Provider Inc. (VCPI), provides security, data hosting and access management services …
Who is most likely to fall victim to Cyber Monday phishing scams? People who don’t know about phishing scams, typosquatting, and fake look-alike websites. Did you know there are 4 …
Good backups will let you go back in time to recover compromised systems. Don’t let this happen by not patching for BlueKeep now.
