Subscribe to our Newsletter!

Subscribe to Blog

Follow Me

KnowBe4 Security Awareness Training Blog

Current Articles | RSS Feed RSS Feed

DELL Warns Against Social Engineering

 

dell tech page one logoDell has its own news site called Tech Page One. A few days ago they had a new article that started with: "Human errors that aid social engineers. The weakest links in computer networks targeted by hackers aren’t operating systems or software programs — they’re humans who can be duped by deceptive techniques."

Lance Spitzner from SANS and I are quoted several times and it's a great article to send to managers and C-level people because it makes the topic real to them and illustrates the cyber risks of untrained employees. Read it here and forward to all relevant people:
http://techpageone.dell.com/technology/human-errors-that-aid-social-engineers/

CyberheistNews Vol 4, # 29 Scam Of The Week: MH17 Airplane Crash

 
CyberheistNews Vol 4, # 29
KnowBe4
Stu Sjouwerman's New Security Newsletter Don't miss the Fave Links! Case Studies Resources About Us Contact Us
Facebook LinkedIn Blog Twitter YouTube YouTube
 

CyberheistNews Vol 4, 29

Editor's Corner

KnowBe4

Scam Of The Week: MH17 Airplane Crash

Almost 300 people get shot out of the air and the only thing cyber-criminals can think of is how to exploit the disaster. What else is new. Disgusting.

Scammers are now using the MH17 disaster in the Ukraine to trick people in clicking on links, both on Facebook, Twitter and phishing emails.

Here are some examples, a link that supposedly was a video of the Malaysia Airlines crash went to a pornographic website. Facebook pages dedicated to victims contain links to scam websites. For instance, a Facebook page apparently dedicated to Liam Sweeney was set up hosting spam, and uses his name and picture. The page was deleted but others will spring up.

Hundreds of tweets were posted that seemingly were about the MH17 disaster, but in reality included spam links or links that lead to a malware infection. When you see some title that claims a video camera catching the MH17 Crash over Ukraine, delete it, ignore it and do not forward, or worse, retweet it.

Previous disasters have been exploited like this, but the bad guys have pulled out all the stops and go for Social Media in a big way these days. Be wary of anything that is about flight MH17 the coming months. THINK BEFORE YOU CLICK !

(For KnowBe4 customers, we will have a template with flight MH17 ready for you later today.)

GameOver ZeuS Is Making a Comeback

Despite the efforts of different law enforcement agencies and several private security companies to disrupt a massive GameOver ZeuS botnet in early June, a new variant of the malware has been uncovered.

Security researchers from Malcovery say that the mutation they found is fresh, as they found that one of the domains used for command and control activity had been registered on Thursday, July 10, in China, and it was active.

The operators of the new GameOver ZeuS strain delivers the malware through spam purporting to be notifications from financial institutions. Fake messages from banks such as M&T and NatWest are among the samples caught by the security researchers.

The emails come with an attachment, which, once opened, executes the malware payload and communication with command and control servers is initiated in order to receive instructions. More: http://news.softpedia.com/news/GameOver-ZeuS-Is-Making-a-Comeback-450523.shtml

Friday 25th Is System Admin Day!

July 25, 2014 is the 15th Annual System Administrator Appreciation Day.

Your network is secure, your computer is up and running, and your printer is jam-free. Why? Because you've got an awesome sysadmin (or maybe a whole IT department) keeping your business up and running. So say IT loud; say IT proud … Happy SysAdmin Day!

Wait… what exactly is SysAdmin Day? Oh, it’s only the single greatest 24 hours on the planet… and pretty much the most important holiday of the year. It’s also the perfect opportunity to pay tribute to the heroic men and women who, come rain or shine, prevent disasters, keep IT secure and put out tech fires left and right.

At this point, you may be thinking, "Great. I get it. My sysadmin is a rock star. But now what?" Glad you asked! Proper observation of SysAdmin Day includes (but is not limited to):    - Cake & Ice cream
   - Pizza
   - Cards
   - Gifts
   - Words of gratitude
   - Custom t-shirts celebrating the epic greatness of your SysAdmin(s)
   - Balloons
   - Streamers
   - Confetti

Show Your Appreciation! More: http://sysadminday.com/

Quotes of the Week

"Those who have no interest in politics will be forever ruled by those who do." - G.Edward Griffin

"An eye for an eye only ends up making the whole world blind." - Mahatma Gandhi

Thanks for reading CyberheistNews! Please forward to your friends. But if you want to unsubscribe,
you can do that right here

Thanks for reading CyberheistNews! Warm Regards, Stu Sjouwerman | Email me: feedback@knowbe4.com
Facebook LinkedIn Blog Twitter YouTube YouTube
KnowBe4

Take One Minute And Watch This New Video

KnowBe4

Horrifying Confessions Of A Security Sleuth

How bad is computer security in the business world? Complete disarray, if you believe a friend of mine who's worked in the industry forever. Behold his hair-raising tales from within the IT security industry. Here is one story, and there are worse: "I once worked for a great security company that was acquired by a very large, very well-known antivirus vendor. One of the first things we did was to pen test the antivirus vendor's software that was running on tens of millions of computers. What did we find? Hundreds of buffer overflow bugs and other exploits. The software people were running to protect themselves probably had more bugs than the software they were trying to protect." More:
http://www.infoworld.com/t/security/horrifying-confessions-of-security-sleuth-246101?

KnowBe4

What's Eating Internet Security?

Researchers constantly are discovering new ways to attack existing systems, "not because computers are better or faster, but just because of new investigations, insight or inspiration," said Seth Hanford, manager of Cisco's Threat Research Analysis & Communications. In short, we could be discovering more security flaws because we're now paying more attention to security. This is an interesting article at TechNewsWorld:
http://www.technewsworld.com/edpick/80734.html

 

KnowBe4

"Lots Of Bad Guys Doing Bad Things"

The new Symantec Internet Security Threat Report, June edition stated it succinctly with that title.

"Symantec Matt" said on Spiceworks: "In case you didn't have time for some light reading, I am here to bring you the June Internet Security Threat Report. Like StarLord said "something good...something bad...a bit of both". Grab the full June Internet Security Threat Report as there is all kinds of important info in there concerning:
   - Targeted Attacks & Data Breaches
   - Malware Tactics & Vulnerabilities
   - Social Media & Mobile Threats
   - Phishing, Spam & Email Threats

Some key findings in this months report:
   - There was an average of 88 spear-phishing attacks per day in June.
   - The number of Android variants per family reached the lowest levels seen in the last twelve months, at 18 variants per family.
   - The largest data breach reported in June took place in May, and resulted in the exposure of 1.3 million identities.
Here is the deck at slideshare.net:
http://www.slideshare.net/symantec/june-internet-security-threat-report

KnowBe4

All Major Browsers Contain Security Vulnerabilities!

Have a look at the close numbers between IE, Chrome, and Firefox. Just because you use something else than IE doesn’t mean you’re safer. Even Apple's Safari has almost 600 known holes. Yikes. Although checking attachments in the Google VIEW option is still my favorite option to prevent malware infections. See for yourself:
Internet Explorer 1337 CVE entries:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=internet+explorer
Google Chrome 1113 CVE entries:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=chrome
Firefox 1217 CVE entries:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox
Safari 598 CVE entries:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=safari

 

KnowBe4

Cyberheist 'FAVE' LINKS:

* This Week's Links We Like. Tips, Hints And Fun Stuff.

I didn't think an airliner could do this ... until I saw this video of Boeing test pilots practicing with their Dreamliner 787-9 for the Farnborough Air Show 2014. Straight up & vertical, and NO CGI!:
http://www.flixxy.com/i-did-not-think-an-airliner-could-do-this-boeing-787-9-dreamliner.htm

Weird Al’s Star-Studded Parody of Pharrell’s ‘Happy’ Is Perfection:
http://www.wired.com/2014/07/weird-al-happy-parody/

A moving company in Taiwan has a clever way of using two forklifts to get their truck loaded quickly and efficiently:
http://www.flixxy.com/two-forklifts-and-a-truck-in-taiwan.htm?utm_source=nl

A very funny commercial by shampoo.ch, a Swiss website for hair care and beauty products. Look at those girl's faces:
http://www.flixxy.com/sexy-window-cleaner-at-the-hair-salon.htm?utm_source=nl

What's more entertaining than watching a cute panda playing on a slide? Watching 4 cute pandas playing on a slide!
http://www.flixxy.com/cute-pandas-playing-on-the-slide.htm?utm_source=nl

Lions are powerful animals, but they are also capable of lots of love and affection. WOW:
http://www.flixxy.com/there-is-nothing-like-a-lion-love.htm?utm_source=nl

 
KnowBe4
Facebook LinkedIn Blog Twitter YouTube YouTube

Scam Of The Week: MH17 Airplane Crash

 

MH17 DisasterAlmost 300 people get shot out of the air and the only thing cyber-criminals can think of is how to exploit the disaster. What else is new. Disgusting.

Scammers are now using the MH17 disaster in the Ukraine to trick people in clicking on links, both on Facebook, Twitter and phishing emails.

Here are some examples, a link that supposedly was a video of the Malaysia Airlines crash went to a pornographic website. Facebook pages dedicated to victims are having links to scam websites as well, for instance, a Facebook apparently dedicated to Liam Sweeney was set up, hosting spam and uses his name and picture. The page was deleted but others will spring up.

Hundreds of tweets were posted that apparently were about the MH17 disaster, but in reality included spam links or links that lead to a malware infection. When you see some title that claims a video camera catching the MH17 Crash over Ukraine, delete it, ignore it and do not forward, or worse, retweet it.

Previous disasters have been exploited like this, but the bad guys have pulled all the stops and go for Social Media in a big way these days. Be wary of anything that is about flight MH17 the coming months. THINK BEFORE YOU CLICK !

 

Phishing Scam Of The Week: "Transportation Manager"

 

© Depositphotos.com/ belchonockUnscrupulous eastern European cyber mafias are preying on U.S. workers that try to make ends meet and look for a second (or third) job. This is not a new scam, but it is sticking up its ugly head again in a slightly different form. The scam was newly reported by our friends at hoax-slayer.

Phishing emails go out looking for a "Transportation Manager" which involves accepting, repacking and reposting various parcels. It looks like an easy and well-paid job that you can do from home.

The scam comes in two forms:

There are two forms of this scam. One is to have the person fill out a form with a lot of personal information which then gets used for Identity Theft. The second form is even worse. The job is in fact a criminal ruse designed to trick you into receiving goods bought with stolen credit cards and sending them on to your new criminal 'employer', often overseas. Supposedly, the 'company' will cover all postage fees and you will receive a monthly salary as well as a per-package 'commission'.

"Job" is a reshipping Scam

The criminals are too smart to have the goods delivered directly to their own homes, because that could help police locate and identify them. So, instead, they line up a 'parcel mule' who will accept delivery of the ill-gotten goods and reship them to a location specified by the thieves. 

To add insult to injury, the victim may be 'paid' via a fake or stolen check, or worse, funds transferred from hijacked accounts. The workers may be asked to deduct their 'wage' and 'commission' from these funds and wire the remainder back to the 'company' via a money wire service such as Western Union. This way, the workers not only reship tainted goods, they may also be tricked into laundering money stolen by the criminals.

'Workers' May Become Trapped and Face Criminal Charges

Often, investigations lead police directly to the doors of the victim. People caught up in such scams have faced criminal charges and had to deal with ongoing and damaging repercussions. Moreover, people can become trapped within such schemes and find it quite difficult to extricate themselves. After they have already started the job, they may belatedly realize that they are involved in a scam. But, by that time, they may be too scared to involve police in case they get in trouble themselves. And, if they try to terminate the arrangement, the criminals may threaten them with exposure or bully them into continuing.

The upshot

Treat any offer that involves you receiving goods at your house or payments on your bank accounts as very suspect, delete these emails and never answer them. If you get emails that promise easy jobs via the Internet, and ask for a lot of personal information, do not give out any personal data unless you are sure that the outfit is legit, and even then be very wary!

 

 

 

 

 

 


Cryptolocker Is Not Dead

 

Tyler Moffitt, Threat Team member at WebrootTyler Moffitt, Threat Team Member at Webroot wrote:

"Recently in the news the FBI filed a status report updating on the court-authorized measures to neutralize GameOver Zeus and Cryptolocker. While the report states that “all or nearly all” of the active computers infected with GameOver Zeus have been liberated from the criminals’ control, they also stated that Cryptolocker is “effectively non-functional and unable to encrypt newly infected computers.” Their reasoning for this is that Cryptolocker has been neutralized by the disruption and cannot communicate with the command and control servers to receive instructions or send RSA keys after encryption. Read more here

"While seizing the majority of the GameOver Zeus Botnets from the suspected “mastermind” Evgeniy Bogachev was a big impact to the number of computers infected with GameOver Zeus – about a 31 percent decrease, it’s a very bold claim to state that Cryptolocker has been “neutralized”.

The reason why this claim should be scrutinized is because it is only the samples dropped on victims computers that communicated to those specific servers seized that are no longer a threat. All samples currently being deployed by different botnets that communicate to different command and control servers are unaffected by this siege – the majority of encrypting ransomware.

Although Evgeniy Bogachev and his group had control of a major chunk of zeus botnets and command and control servers that deployed cryptolocker, it was certainly not all or even the majority of zeus botnets in existence. Most malware authors spread their samples through botnets that they either accumulated themselves (Evgeniy), or just rent time on a botnet from someone like Evgeniy (most common). So now that Evgeniy’s servers are seized, malware authors are just going to rent from some of the many other botnets out there that are still for lease."

Webroot has encountered ransomware strains in the wild that are still hard at work at infecting users: CryptoWall, new “Cryptolocker”, DirCrypt,  and CryptoDefense.

"All of these work in almost exactly the same way as the infamous traditional cryptolocker we’ve all seen, but they have some improvements. First is that there is no GUI and instead just background changes and texts instructions in every directory that was encrypted.

"Second is that you no longer pay using a moneypak key in the GUI, but instead you have to install tor or another layered encryption browser to pay them securely and directly. This allows malware authors to skip money mules and increase the percent of profits. The best way to stay protected by attacks like this is to utilize backups to either the cloud or offline external storage.

"Webroot has backup features built into our product that allow you to have directories constantly synced to the cloud. If you were to get infected by a zero day variant of encrypting ransomware you can just restore your files back as we save a snapshot history for each of your files up to ten previous copies.

So while this is a great win on behalf of the FBI, it’s very bold to claim that cryptolocker is now dead. A better way to put it would be that Evgeniy M. Bogachev’s brand of cryptolocker and anyone who purchased time on his botnet is now useless."

And it's obvious that you need to step users through effective Security Awareness Training to make sure they do not fall for social engineering tricks like this. 

We fully agree and Hat Tip to Tyler!

ALERT: Ransomware Infection = Official Data Breach

 

Benjamin  F. Edwards nit by ransomwareThis is one of the rare Cyberheist NewsFlash issues that we send when we run into something important enough to alert you about right away. Please forward to your friends and colleagues.

We have just found out that if your organization needs to comply with data security regulation or is located in a state where data breaches are required to be made public by law, there is another large increase of risk and cost related to ransomware.

It was reported in several news media that brokerage house Benjamin F. Edwards & Co. (BFE) had a data breach that was a result of a CryptoLocker copycat ransomware infection called CryptoWall. The brokerage house announced this week that they had suffered the data breach on May 24, 2014 when they had their computer systems compromised by an "unauthorized third party".

The breach was discovered three days later on May 27, 2014. A month later, on June 27, they started sending out breach notification letters to their customers, offering affected customers free identity protection, fraud protection and credit monitoring for 12 months.

Additional information was included in the New Hampshire Dept of Justice disclosure notice  (PDF). "In more detail, an employee of BFE was the victim of a CryptoWall malware infection (a variant of the more common Cryptolocker malware) that encrypted files on the employee’s computer and files on certain shared drives to which the user had access. As a result of the infection, data was transferred to a suspicious IP address. The investigation of a professional forensic expert has not, however, been able to reveal the content of the data transmitted to the IP address."

We are seeing a new wave of ransomware created by Russian cybercriminals, and our recent survey shows that IT pros expect it to get worse the rest of the year. To add insult to injury, apart from the confidential files being encrypted and ransom extorted, the ransomware sends unidentified data out of the victim’s network. That means the malware infection needs to be treated as a data breach with accompanying very high costs. Educating users with effective security awareness training can proof companies against ransomware like CryptoLocker plus its copycats and protect against lost credibility with customers.”

Remember, the impact of a data breach is heavy, here are just a few bullets

  • The average consolidated data breach cost is $136 per lost record.
  • Customer churn

  • Loss of reputation 

  • Legal costs

  • Heavy impact on IT resources 

  • Offering customers free identity theft protection, fraud protection and credit monitoring

Don’t let this happen to you. Step your users through effective Kevin Mitnick Security Awareness Training and send them our automated simulated phishing attacks at least once a month. We feel so confident this will stop users from opening infected attachments that we will pay your crypto-ransom if you get hit.

Learn more about our guarantee and find out how affordable this is for your organization. 

Get A Quote Now

 

Brokerage house Gets Hit With CryptoWall Ransomware

 

Benjamin F. Edwards The brokerage house, Benjamin F. Edwards & Co., announced this week that they had suffered a data breach. May 24, 2014 they had their computer systems compromised by an unauthorized third party. The breach was discovered three days later on May 27, 2014. On June 27, they started sending out breach notification letters to their customers. The company is offering affected customers identity protection, fraud protection and credit monitoring for 12 months at no cost. 

It turns out that the issue that lead to the data breach was a CryptoWall malware infection. This additional information was included in the New Hampshire disclosure notice. Here is the quote:

"In more detail, an employee of BFE was the victim of a CryptoWall malware infection (a variant of the more common Cryptolocker malware) that encrypted files on the employee’s computer and files on certain shared drives to which the user had access. As a result of the infection, data was transferred to a suspicious IP address. The investigation of a professional forensic expert has not, however, been able to reveal the content of the data transmitted to the IP address."

Do not let this happen to you. Step your users through effective Kevin Mitnick Security Awareness Training and send them our automated simulated phishing attacks at least once a month. We feel so confident this will stop users from opening infected attachments that we will pay your crypto-ransom if you get hit! Find out how affordable this is for your organization.

Get A Quote Now


CyberheistNews Vol 4, # 28 Five Travel Scams Of The Week

 
CyberheistNews Vol 4, # 28
KnowBe4
Stu Sjouwerman's New Security Newsletter Don't miss the Fave Links! Case Studies Resources About Us Contact Us
Facebook LinkedIn Blog Twitter YouTube YouTube
 

CyberheistNews Vol 4, 28

Editor's Corner

KnowBe4

Five Travel Scams Of The Week

It's summer and a lot of people are on the road, but some of your employees are always traveling for business, and often these are management-level people with access to lots of confidential data.

These days, you can’t travel on either business or vacation and let your electronic guard down. Here are a few popular scams they need to watch out for. Send this to all employees that might benefit and and protect your network at the same time:

1) Fake Free Wi-Fi Network that you find when you look for access to your business account. It has the hotel's name, but the scammers are listening in on the (company confidential) traffic. Verify with the hotel before logon on "free Hotel Wi-Fi".

2) Fake Software Update where a traveler attempting to set up a hotel internet connection sees an "Update-popup" for a popular software product. Click on it and malware installs. Always update laptops before you leave and never update while you travel.

3) Pizza Delivery Scam where you find a flyer slipped under your hotel door. When you call to order, they take your card data but never deliver because the flyer was a scam. Get food recommendations from the concierge!

4) An ATM Security Team is warning about new ATM skimmers that are almost impossible to detect with the naked eye. Thanks to a slimmed-down profile, the devices sit within the throat of an ATM card slot, capturing data when a traveler slides their card inside. A spy camera then tapes the customer as they enter their PIN number on the keypad. Especially when on the road, COVER YOUR HAND WHEN TYPING IN THE PIN!

5) Late Night Hotel Front Desk Call where you get a call alerting you there is a problem with your credit card and please verify the number. Except it's a scammer who now has your number or perhaps just skimmed your card at the ATM and needs some more info to make a fake duplicate card so they can grab the maximum cash. Especially when you travel, _never_ give out credit card information if you did not initiate the call!

Quotes of the Week

"Love is a friendship set to music." - Joseph Campbell, Writer (1904 – 1987)

"One loyal friend is worth ten thousand relatives." - Euripides - Writer (480 - 406 BC)

Thanks for reading CyberheistNews! Please forward to your friends. But if you want to unsubscribe,
you can do that right here

Thanks for reading CyberheistNews! Warm Regards, Stu Sjouwerman | Email me: feedback@knowbe4.com
Facebook LinkedIn Blog Twitter YouTube YouTube
KnowBe4

KnowBe4 Extends Crypto-Ransom Guarantee

Mid June, KnowBe4 announced that we will pay the ransom if someone is hit with a ransomware strain while they are our customer. Basically, we are confident that employees who A) step through our training and B) get sent one of our simulated phishing attacks at least once a month, they simply will not fall for ransomware attacks which rely on social engineering. This was a June-only special offer though.

Many of you wanted to take us up on this offer but could not get budget approval in time, so we got a lot of requests to extend it so you had some more time to get the OK. And since we really want all of you to train your end-users, we have extended our crypto-ransom guarantee! Here is the new page where you can fill out a form to find out how affordable Kevin Mitnick Security Awareness Training is for your organization TODAY:
http://info.knowbe4.com/ransomware-cryptolocker-guarantee-0

KnowBe4

New Study: AV And Anti-Malware Most Used Controls For APT Defense

A global poll revealed that AV and anti-malware technologies were employed at nearly all enterprises as a line of defense against APT attacks, while security pros used other key security controls far less.

ISACA, an association with over 115,000 constituents which focuses on IT governance, risk and privacy concerns, released its second annual Advanced Persistent Threat (APT) Awareness report last week.

Here is a relevant section that you should send to management with a note that budget for security awareness training would be a very, very good idea:

"While these controls are proficient for defending against traditional attacks, they are probably not as well suited for preventing APTs for a number of reasons,” such as zero-day threats and use of spear phishing attacks, the report continued. “This indicates that additional controls – and perhaps an increased focus on email security and user education – could be beneficial.":
http://www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/Advanced-Persistent-Threats-Awareness-Study-Results.aspx

KnowBe4

Mob-Busting Tool Used Against Online Crime

Remember the RICO laws that were enacted against the mafia in the seventies? The Racketeering Influenced and Corrupt Organizations Act, originally used to bring down crime families, is now being utilized against hackers who in many cases have never met and don't know each other's real names.

 

Federal prosecutors are now using mob-busting tactics to catch and disrupt online crooks, applying a law written to dismantle Mafia families to pursue loose affiliations of thieves scattered around the world. The article in in the Wall Street Journal, there is a pay-wall but perhaps your execs have access already. This is good ammo to get some awareness on the C- and Board level:
http://online.wsj.com/articles/cybercrime-is-likened-to-organized-crime-1404841253

KnowBe4

Big-Screen Con Artists: 7 Great Movies About Social Engineering

They may have been called con artists, scoundrels or even matchstick men. Regardless of the name, social engineers have been the subject of several great movies over the years. Here are seven examples of films where social engineers' techniques were turned into big-screen stories. I am watching these seven movies as a combination of both business and pleasure. You do the same and tell me which is your fave?
http://www.csoonline.com/article/2358750/data-protection/big-screen-con-artists--7-great-movies-about-social-engineering.html

KnowBe4

Worst Data Breaches Of 2014…So Far

KnowBe4
The Identity Theft Resource Center, which tracks data breaches, has counted 381 reported breaches and 10.8 million records exposed from the start of the year through June. We identified the worst of these for the first quarter of the year, and now we show you the worst for April though June. Slideshow at Networkworld:
http://www.networkworld.com/article/2452764/security/158884-Worst-data-breaches-of-2014-So-far.html?

Cyberheist 'FAVE' LINKS:

* This Week's Links We Like. Tips, Hints And Fun Stuff.

In a robot lab at TEDGlobal, Raffaello D'Andrea demos his flying quadcopters: robots that think like athletes, solving physical problems with algorithms that help them learn. In a series of nifty demos, D'Andrea show drones that play catch, balance and make decisions together -- and watch out for an I-want-this-now demo of Kinect-controlled quads. Lunch & learn !!!
http://youtu.be/w2itwFJCgFQ

Ksenia Parkhatskaya could have been plucked from the 1920s and put on the stage today. Just watch her dance the Charleston:
http://www.flixxy.com/stockholm-tap-festival-ksenia-parkhatskaya.htm?utm_source=nl

An amazing performer does magic with glass balls on the streets of Carcassonne Castle in the South of France:
http://www.flixxy.com/skillful-virtuoso.htm

Japanese master craftsman Noboru Honma produces beautiful razor-thin veneers by using simple traditional techniques:
http://www.flixxy.com/gucci-japan-hand.htm?utm_source=nl

Only in Addis Ababa, can you see a man and a goat riding together on a bicycle:
http://www.flixxy.com/man-riding-a-bike-with-a-goat-in-ethiopia.htm?utm_source=nl

And while we are there, it is amazing how well the traffic flows without traffic lights at a major intersection in Addis Ababa, the capital city of Ethiopia.
http://www.flixxy.com/crossroads-without-traffic-lights-in-ethiopia.htm?utm_source=nl

Tele Servo Bender emulates a lap steel sound using servos. Crafty blend of music and hi-tech!:
http://youtu.be/fSQ9Dg65EFo

Dogs just want to be friends with cats, while cats prefer to have their own space. Despite repeated rejections, dogs keep trying ....
http://www.flixxy.com/dogs-annoying-cats-with-their-friendship.htm

Glass harpist Jamey Turner plays Mozart's Adagio in C Minor on wine glasses in Old Town Alexandria, Virginia. He's actually pretty good:
http://www.flixxy.com/street-performer-playing-mozart-on-water-glasses.htm?utm_source=nl

Celine Dion was so impressed when she saw Charice (16) perform one of her songs on 'Oprah,' that she invited her on stage at Madison Square Garden for a duet: 16 years old and WORLD CLASS:
http://www.flixxy.com/charice-and-celine-dion-duet-at-madison-square-garden-hd.htm

3 year old Nathan Robles demonstrated incredible dexterity, concentration and quickness.
http://www.flixxy.com/amazing-3-year-old-cup-stacker.htm?utm_source=nl

Highlights from the Budapest Airshow 2014 featuring planes flying through the beautiful city and taking off from and flying under the bridges of the Danube river.
http://www.flixxy.com/budapest-airshow-2014-highlights.htm

 
KnowBe4
Facebook LinkedIn Blog Twitter YouTube YouTube

Five Travel Scams Of The Week

 

Scam Of The WeekIt's summer and a lot of people are on the road, but some of your employees are always traveling for business, and often these are management-level people with access to lots of confidential data.

These days, you can’t travel on either business or vacation and let your electronic guard down. Here are a few popular scams they need to watch out for. Send this to all employees that might benefit and and protect your network at the same time:

1) Fake Free Wi-Fi Network that you find when you look for access to your business account. It has the hotel's name, but the scammers are listening in on the (company confidential) traffic. Verify with the hotel before logon on "free Hotel Wi-Fi".

2) Fake Software Update where a traveler attempting to set up a hotel internet connection sees an "Update-popup" for a popular software product. Click on it and malware installs. Always update laptops before you leave and never update while you travel.

3) Pizza Delivery Scam where you find a flyer slipped under your hotel door. When you call to order, they take your card data but never deliver because the flyer was a scam. Get food recommendations from the concierge!

4) An ATM Security Team is warning about new ATM skimmers that are almost impossible to detect with the naked eye. Thanks to a slimmed-down profile, the devices sit within the throat of an ATM card slot, capturing data when a traveler slides their card inside. A spy camera then tapes the customer as they enter their PIN number on the keypad. Especially
when on the road, COVER YOUR HAND WHEN TYPING IN THE PIN!

5) Late Night Hotel Front Desk Call where you get a call alerting you there is a problem with your credit card and please verify the number. Except it's a scammer who now has your number or perhaps just skimmed your card at the ATM and needs some more info to make a fake duplicate card so they can grab the maximum cash. Especially when you travel, never give out credit card information if you did not initiate the call!

It is time for effective Security Awareness Training for all employees.

Get A Quote Now

KnowBe4 Is Hiring A Renewal Sales/Customer Service Rep

 

We are hiring a Renewal Sales/Customer Service Rep

This is an exciting position as an entry level renewal sales/customer service representative. You are responsible for contacting existing customers and sign them up for a renewal of their subscription. All renewals are organized and processed during the course of the month and requires helping customers with questions and assisting them with changes to the original order. Coordination with the sales team may be needed if upselling is involved. Daily and monthly production statistics are tracked as a performance indicator.

Skills Required:

  • Superior Customer Service skills
  • Strong communication skills (written/verbal)
  • Excellent time management and organization skills
  • Team Oriented

Qualifications:

  • Microsoft Excel and Word
  • Web browser (Chrome, Internet Explorer)
  • Salesforce CRM, preferred
Email your Resume to HR@KnowBe4.com.
All Posts