Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

The Number of New Pieces of Malware Per Minute Has Quadrupled in Just One Year

A Simple 'Payment is Underway' Phishing Email Downloads RATs from AWS, GitHub

[SCARY] Research Shows Weaponized GenAI Worm That Gets Distributed Via A Zero Click Phishing Email

It’s Official: Cyber Insurance is No Longer Seen as a 'Safety Net'

New Phishing-as-a-Service Kit Attempts to Bypass MFA

CyberheistNews Vol 14 #13 If Social Engineering Accounts for Up to 90% of Attacks, Why Is It Ignored?

[New Research] KnowBe4's Report is a Call to Action for Global Organizations to Improve Their Security Culture

The Average Malicious Website Exists for Less Than 10 Minutes

There Is Only So Much Lipstick You Can Put on a Cybercriminal Troll

Cloud-Conscious Cyber Attacks Spike 110% as Threat Groups Sharpen their Attack Skills

FBI: Losses Due to Cybercrime Jump to $12.5 Billion as Phishing Continues to Dominate

Social Engineering The #1 Root Cause Behind Most Cyber Crimes In FBI Report

Ransomware Group “RA World” Changes Its’ Name and Begins Targeting Countries Around the Globe

[Heads-Up] Phishing Campaign Delivers VCURMS RAT

CISA Recommends Continuous Cybersecurity Training

[Heads Up] Reinforce Your Defenses Against Rising Supply-Chain Cyber Threats

AI and the Boardroom: Bridging Innovation and Security

Phishing Tops 2023’s Most Common Cyber Attack Initial Access Method

State-Sponsored Russian Phishing Campaigns Target a Variety of Industries

Phishing-as-a-Service Platforms LabHost and Frappo Help Threat Actors Target Canadian Banks

CyberheistNews Vol 14 #12 [HEADS UP] I Am Announcing AIDA: Artificial Intelligence Defense Agents!

CISA: Healthcare Organizations Should Be Wary of Increased Ransomware Attacks by ALPHV Blackcat

If Social Engineering Accounts for up to 90% of Attacks, Why Is It Ignored?

Sophos: Over 75% of Cyber Incidents Target Small Businesses

Organizations Are Vulnerable to Image-based and QR Code Phishing

Despite Feeling Prepared for Image-Based Attacks, Most Organizations Have Been Compromised by Them

New Research: BEC Attacks Rose 246% in 2023

Compromised Credentials Postings on the Dark Web Increase 20% in Just One Year

AI-Driven Voice Cloning Tech Used in Vishing Campaigns

[Security Masterminds] The Art of Defending Against Social Engineering in the Age of AI: Insights from Rachel Tobac

I am announcing AIDA: Artificial Intelligence Defense Agents!

Dodging Digital Deception: How to Spot Fake Recruiters and Shield Your Career Search from Phishing Scams

How Much Will AI Help Cybercriminals?

Generative AI Results In 1760% Increase in BEC Attacks

CyberheistNews Vol 14 #11 Microsoft and OpenAI Team Up to Block Threat Actor Access to AI

The European Union's Unified Approach to Cybersecurity: The Cyber Solidarity Act

FBI's 2023 Internet Crime Report Highlights Alarming Trends on Ransomware

Three Essential Truths Every CISO Should Know To Guide Their Career

AI and Ransomware Top the List of Mid-Market IT Cyber Threats

European Diplomats Targeted With Phony Invitations to a Wine-Tasting Party

[On-Demand] Customer Spotlight: MESA’s Strategy for Building Strong Security Culture and Email Defense

New Research: Spike In DNS Queries Driving Phishing and Cyber Attacks

Chicago Man Sentenced to Eight Years in Prison for Phishing Scheme

Microsoft and OpenAI Team Up to Block Threat Actor Access to AI

CyberheistNews Vol 14 #10 [SCARY] You Knew About OSINT, But Did You Know About ADINT?

Phishers Abusing Legitimate but Neglected Domains To Pass DMARC Checks

Phishing Kit Targets the FCC and Crypto Exchanges

Planning with Purpose: 10 Tips to Develop Your Year-Long Security and Compliance Training Program

Cybercriminals Sent 1.76 Billion Social Media Phishing Emails in 2023

Email-Based Cyber Attacks Increase 222% as Phishing Dominates as the Top Vector

New Research: Ransomware Incidents Spike 84% in 2023

Phishing Campaign Targets Mexican Taxpayers With Tax-Themed Lures

Game-Changer: Biometric-Stealing Malware

When Threat Actors Don’t Have a Viable Email Platform to Phish From, They Just Steal Yours

Credential Theft Is Mostly Due To Phishing

[SCARY] You knew about OSINT, but did you know about ADINT?

Emails Are Responsible for 88% of Malicious File Deliveries

Annual Ransomware Payments Surpass $1 Billion

CyberheistNews Vol 14 #09 Exposed: Global Espionage Unleashed by China's Police in Groundbreaking Leak

Swiss Government Identified 10,000 Phishing Websites Impersonating 260 Brands

Your KnowBe4 Compliance Plus Fresh Content Updates from February 2024

Face off: New Banking Trojan steals biometrics to access victims’ bank accounts

Nearly One in Three Cyber Attacks In 2023 Involved The Abuse of Valid Accounts

Data Breach at French Healthcare Payment Processor Puts 20 Million Policyholders at Risk

Your KnowBe4 Fresh Content Updates from February 2024

Exposed: Global Espionage Unleashed by China's Police in Groundbreaking Leak

QR-Code Attacks Target the C-Suite 42 Times More than Standard Employees

Anyone Can Be Scammed and Phished, With Examples

Malware Delivered Through Phishing Surges 276%

[INFOGRAPHIC] KnowBe4’s Learner App by the Numbers

The Unsettling Leap of AI in Video Creation: A Glimpse Into Sora

IBM Tests Audio-Based Large Language Model to Hijack Live Conversations

Malvertising Campaign Spreads Phony Utility Bills

CyberheistNews Vol 14 #08 Browser-Based Phishing Attacks Increase 198%, With Evasive Attacks Increasing 206%

[On-Demand Webinar] Making The Return on Investment (ROI) Case For Security Awareness Training

State-Sponsored Threat Actors Targeting European Union Entities With Spear Phishing Campaigns

Only 7% of Organizations Can Restore Data Processes within 1-3 Days After a Ransomware Attack

[On-Demand Webinar] The IT Pro's How-to Guide to Building a Strong Security Culture

Augmented Security: The Impact of AR on Cybersecurity

Messaging Platform Telegram Sprouts Cyber Crime “Marketplaces” of Tools, Insights and Data

Iran-Aligned Threat Actor "CharmingCypress" Launches Spear Phishing Attacks

Over Half of Malware Downloads Originate from SaaS Apps

Phishing Campaign Exploits Remote Desktop Software

Number of Data Compromises Affecting U.S. Organizations Rises 77%

Cupid’s Arrow of Cyber Scams

Another Ransomware-as-a-Service Known as “Wing” Takes Flight on the Dark Web

AI in Cyberspace: A Double-Edged Sword

CyberheistNews Vol 14 #07 Social Engineering Masterstroke: How Deepfake CFO Duped a Firm out of $25 Million

Hard Lessons From Romance Scams

Security Teams Spend 71 Hours Responding to Every One Hour in a Cyber Attack

Americans Lose a Record $10 Billion to Fraud in 2023; Mostly Due To Investment Scams

Browser-Based Phishing Attacks Increase 198%, With Evasive Attacks Increasing 206%

Calculating Materiality for SEC Rule 1.05

Cybersecurity Resiliency and Your Board of Directors

Watch Out For Valentine’s Day Romance Scams

Unprecedented Rise of Malvertising as a Precursor to Ransomware

81% of Organizations Cite Phishing as the Top Security Risk

Chinese Hackers Spy on Dutch Ministry of Defense: A Story of Alarming Cyber Espionage

[On-Demand Webinar] How to Fight Long-Game Social Engineering Attacks

Synthetic Data: The New Frontier in Cyber Extortion

Generative AI Used to Launch Phishing Attacks

CyberheistNews Vol 14 #06 [New Threat] Attackers Are Now Using MS Teams to Phish Your Users

Fake “I Can’t Believe He’s Gone” Posts Seek to Steal Facebook Credentials

New Phishing-As-A-Service Kit with Ability to Bypass MFA Targets Microsoft 365 Accounts

Social Engineering Masterstroke: How Deepfake CFO Duped a Firm out of $25 Million

Vendor Email Compromise Attacks Against Financial Services Surge 137% Last Year

Microsoft Teams: The New Phishing Battlefront - How Attackers Are Exploiting Trusted Platforms

81% of Underwriters Expect Cyber Insurance Premiums to Increase as Risk is Expected to Soar

Associated Press: "Grave peril of digital conspiracy theories."

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Ransomware Payments On The Decline As Cyber Attackers Focus on The Smallest, And Largest, Organizations

FBI Cyber Alert: Tech Support Scams Steal Cash or Precious Metals

[Live Demo] Customizing Your Compliance Training to Increase Effectiveness

The Percentage of Organizations Globally Struck by Ransomware Hits an All-Time High

Open Redirects Used to Disguise Phishing Links

CyberheistNews Vol 14 #05 Myth of Massive Data Breach Busted: Big Headlines Mask a Minor Threat

Forget Deepfake Audio and Video. Now There’s AI-Based Handwriting!

Malvertising Targets Chinese-Speaking Users

Identify Weak User Passwords With KnowBe4’s Enhanced Weak Password Test

Scammers Use Airdrops to Lure Users With Phony NFTs

Bravo Host Andy Cohen Scammed Out of a “Sizable” Amount of Money by Fraudsters Posing as the Bank

Your KnowBe4 Compliance Plus Fresh Content Updates from January 2024

Your KnowBe4 Fresh Content Updates from January 2024

Houston, We Have a 2024 China Problem

The Number of Ransomware Attack Victims Surge in 2023 to over 4000

HP Enterprise Reveals It was hacked by the same Russians that broke into Microsoft

New Evasive Phishing Technique “Legacy URL Reputation Evasion" (LURE)

Social Engineering Attacks Rising in the Trucking Industry

New Deepfake Video Scam has “Taylor Swift” Offering Free French Cookware

Roblox Game 'Hack-A-Cat' Now Part of the Free KnowBe4 Children’s Interactive Cybersecurity Activity Kit

Use of Generative AI Apps Jumps 400% in 2023, Signaling the Potential for More AI-Themed Attacks

North Korean Threat Actor Targeting Cybersecurity Researchers With Spear Phishing Attacks

Myth of Massive Data Breach Busted: Big Headlines Mask a Minor Threat

CyberheistNews Vol 14 #04 'Swatting' Becomes the Latest Extortion Tactic in Ransomware Attacks

Facebook Phishing Scams Target Concerned Friends and Family

AI Does Not Scare Me, But It Will Make The Problem Of Social Engineering Much Worse

Russian State-Sponsored Threat Actor Targets High Profile Individuals in Phishing Campaign

Russian Hackers Win Big: Microsoft's Senior Exec Team Emails Breached

Facebook Work-From-Home “Job” Posting Scam Goes the Extra Mile to Trick Victims

More Than Half of Data Breaches in the U.K.’s Legal Sector are Due to Insider Error

Scammers Target Owners of Missing Pets

‘Swatting’ Becomes the Latest Extortion Tactic in Ransomware Attacks

Ninety-Four Percent of Organizations Sustained Phishing Attacks Last Year

Malicious APKs Drain Bank Accounts

Cryptocurrency Drainer Distributed Through Phishing

LinkedIn is Being Used for *Dating* – It’s a Recipe for Disaster

CyberheistNews Vol 14 #03 Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For

Analysis of Phishing Emails Shows High Likelihood They Were Written By AI

Women CyberSecurity Society Targeted by Smishing Campaign

Three-Quarters of Organizations Have Experienced Phishing Attack in the Last 12 Months

[New Phishing Template] Formula 1 Exclusive: Gene Haas on Guenther Steiner's Departure

Beware of "Get to Know Me" Surveys

Microsoft Takes the Lead in Q4 2023 for Alarming Phishing Attempts

FTC Issues Warning About the Dangers of QR Code-Based Scams

KnowBe4 Named a Leader in the Winter 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

[Security Masterminds] Revolutionizing Cybersecurity Training: How AI Is Changing the Game

Beyond the Scams: Unraveling the Dark Tactics of Real-World Kidnapping Scams and Virtual Extortion

Pikabot Malware Spreading Through Phishing Campaigns

KnowBe4 Named a Leader in the Winter 2024 G2 Grid Report for Security Awareness Training

Cybercriminals Celebrate the Holidays with Dark Web Data Dumps, Dubbed  “Leaksmas”

Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For

CyberheistNews Vol 14 #02 AI Breaks Free: New Insights Into The Latest Chatbot Jailbreak Hack

Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them

FBI Releases Blackcat Ransomware Decryption Tool to Victims, Disrupting Attacks

2024 Security Software Pricing Preference Survey

Black Basta Ransomware Decryptor Released to Help Some Victims

Beware of Fraudulent Charge Messages

Phishing Reigns as the Most Likely and Most Feared Cyber Attack

[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoach

AI-Powered Invoice Fraud: How This Latest Scam Hijacks Your Business Transactions

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Lockbit 3.0 Ransomware Disrupts Emergency Care at Multiple German Hospitals

CyberheistNews Vol 14 #01 [Heads Up] SMTP Smuggling - How It Easily Circumvents Your Email Defenses

New Research: Phishing Attacks Stole $295 Million In Crypto In 2023

A Dream Team Security Awareness Training Program?

[Security Masterminds] Beyond the Technical: Cultivating Empathy in Cybersecurity

AI Breaks Free: New Insights into the Latest Chatbot Jailbreak Hack

AI in 2024: The Top 10 Cutting Edge Social Engineering Threats

Your KnowBe4 Fresh Content Updates from December 2023

Impersonation Attack Data Breaches Predicted to Increase in 2024

U.K. Government 'Ill-Prepared' to Deal With High Risk of Catastrophic Ransomware Attacks

[Heads Up] SMTP Smuggling - How It Easily Circumvents Your Email Defenses

We Do What We Are Trained To Do

Ransomware Attacks Rise 85% Compared to the Previous Year

Cyber Scammers Beef Up the Number of Fake Delivery Websites Just in Time for Christmas

CyberheistNews Vol 13 #52 [IRS Alert] Three Tips To Protect Against Tax Season Refund Scams

Nice! I Made it in The Top 25 Cybersecurity CEOs to Watch in 2024

The AI Threat: How America's 2024 Election Could Be Compromised

SC Mag: "Attacks on critical infrastructure are harbingers of war: Are we prepared?"

Missing the Lock Icon in Chrome’s Address Bar? It’s a Move to Make You More Secure

Underground Cyber Crime Marketplaces are Now Showing Up on the Open Web

Interest in AI-Generated ‘Undressing’ Increases 2000% as it Becomes a Mainstream Online Business

Cancer Center Patients Become Attempted Victims of Data Extortion

“Mr. Anon” Infostealer Attacks Start with a Fake Hotel Booking Query Email

New Remote “Job” Scam Tells Victims They'll Get Paid For Liking YouTube Videos

Holiday Scams Include Thousands of Impersonation Phishing Domains per Brand

CyberheistNews Vol 13 #51 Phishing Is Still the No. 1 Attack Vector, With Huge 144% Malicious URL Spike

Unique Malware Used in Cyber Attacks Increases by 70% in Just One Quarter

[IRS Alert] Three Tips To Protect Against Tax Season Refund Scams

Why Security Awareness Training Is Effective in Reducing Cybersecurity Risk


Get the latest about social engineering

Subscribe to CyberheistNews