In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
Spotting Social Engineering Scams Before They Cost You
🚨 Stop Falling for Social Engineering Scams
⚠️ Attackers are exploiting human trust to bypass even the strongest security systems.
📧 Urgent messages, impersonated contacts, and unsolicited requests are their favorite tactics.
💡 Awareness alone isn’t enough – preparation and simulation are key to prevention.
🔑 AUMINT.io’s Trident platform trains employees with realistic attack scenarios, building a resilient human firewall.
⚡ Strengthen your workforce before attackers strike. Book your intro session here
to protect your organization now.
#CISO #CTO #CyberSecurity #SocialEngineering #FraudPrevention #EmployeeTraining
🎯 Free Phishing Domain Trackers Saving CISOs Daily Headaches 🎯
Phishing attacks remain one of the biggest threats to organizations, but staying ahead is possible with the right monitoring. These free phishing domain trackers help CISOs identify suspicious domains before they target employees.
Here are the top free phishing domain trackers:
1️⃣ PhishTank – Community-driven database of active phishing sites.
🔗 https://www.phishtank.com/
2️⃣ APWG eCrime Exchange (eCX) Free Feeds – Aggregates phishing domain data from global sources.
🔗 https://www.antiphishing.org/
3️⃣ OpenPhish Community Edition – Real-time feed of confirmed phishing URLs.
🔗 https://openphish.com/
4️⃣ FraudWatch International Free Tools – Alerts on phishing and domain impersonation.
🔗 https://fraudwatchinternational.com/
5️⃣ URLhaus – Tracks malware and phishing domains used in attacks.
🔗 https://urlhaus.abuse.ch/
6️⃣ Google Safe Browsing – Check URLs against Google’s database of unsafe sites.
🔗 https://safebrowsing.google.com/
7️⃣ AUMINT.io Threat Feed Samples – Curated phishing domain intelligence with human risk insights.
🔗 https://aumint.io/resources
⚡ Using these free trackers, CISOs can proactively block phishing campaigns, protect employees, and reduce incident response workload.
At AUMINT.io, we go further by simulating real-world phishing attacks to see which employees are likely to click and where controls need reinforcement.
🔗 Want to test your team’s resilience against phishing today? Book a free demo
#PhishingPrevention #CISO #CyberSecurity #ThreatIntelligence #AUMINT
Cybercriminals Are Recruiting Social Engineering Experts – Are You Ready?
🚨 Cybercriminals Are Hiring Social Engineering Experts
😱 Criminal networks are now recruiting professionals skilled in psychological manipulation to bypass security systems.
📧 These social engineers craft highly convincing phishing and pretexting campaigns, exploiting employee trust with precision.
⚡ Traditional cybersecurity defenses are insufficient – the human element is the most targeted vulnerability.
🔑 Realistic simulations, behavioral monitoring, and continuous training are essential to counter these threats.
💡 AUMINT.io’s Trident platform equips employees to detect subtle manipulations and respond effectively, building a resilient human firewall.
📅 Book your intro session here
to strengthen your human defenses now.
#CISO #CTO #CyberSecurity #SocialEngineering #FraudPrevention #EmployeeTraining