Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Inside NATO’s Efforts To Plan For A Future Cyberwar

Maggie Miller at Politico had the scoop: "TALLINN, Estonia — Some 150 NATO cybersecurity experts assembled in an unimposing beige building in the heart of Estonia’s snow-covered capital ...
Continue Reading

New Threat Group Already Evolves Delivery Tactics to Include Google Ads

Delivering an equally new Royal ransomware, this threat group monitored by Microsoft Security Threat Intelligence has already shown signs of impressive innovation to trick victims.
Continue Reading

Latest Netflix-Impersonated Phishing Attacks Surge in Frequency by 78% Since October

Using a mix of invisible and lookalike characters, this phishing attack attempts to get past security scanners by obfuscating both email content and domain names.
Continue Reading

It’s Official: COVID-related Phishing is Dead as Scammers Return to Impersonating Famous Brands

New analysis of spam and malicious emails show the all but nonexistence of COVID-esque impersonation of government and pharm entities in lieu of international brands.
Continue Reading

Ransomware Attacks on Holidays and Weekends Increase and Take a Greater Toll on Organizations

With 97% of U.S. organizations experiencing a ransomware attack over a weekend or on a holiday, the impacts on response and recovery time are material, including loss of revenue.
Continue Reading

Your KnowBe4 Fresh Content Updates from November 2022

Check out the 55 new pieces of training content added in November, alongside the always fresh content update highlights and new features.
Continue Reading

Spoofing-as-a-Service Site Taken Down

Law enforcement authorities across Europe, Australia, the United States, Ukraine, and Canada have taken down a popular website used by cybercriminals to impersonate major corporations in ...
Continue Reading

[Keep An Eye Out] Beware of New Holiday Gift Card Scams

Every holiday season brings on an increase in gift card scams. Most people love to buy and use gift cards. They are convenient, easy to buy, easy to use, easy to gift, usually allow the ...
Continue Reading

Quiet Quitting Can Potentially Lead to Insider Security Risks

The phenomenon known as “quiet quitting,” in which employees become disengaged from their work while formally remaining in their jobs, can lead to serious security risks, according to Tim ...
Continue Reading

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

Merriam-Webster has announced "gaslighting" as the 2022 word of the year

Merriam-Webster has announced "gaslighting" as the 2022 word of the year. One definition of gaslighting is "to manipulate (someone) into believing that he or she is going insane or that ...
Continue Reading

[New App] Empower Your Users to Engage with Security Awareness and Compliance Training Anytime, Anywhere with the KnowBe4 Learner App

We’re excited to introduce a new way for your users to engage with KnowBe4 security awareness and compliance training anytime and anywhere with the KnowBe4 Learner App. And the best part? ...
Continue Reading

There’s No Such Thing as a Free Yeti, Only Social Engineering Tactics

It’s easy to think of the typical online holiday scam as something that affects mostly individuals. Sad, maybe, and unfortunate, but not something that might seriously threaten a ...
Continue Reading

WhatsApp data breach sees nearly 500 million user records up for sale

Craig Hale at Techradar reported: "A post on a “well-known hacking community forum” claims almost half a billion WhatsApp records have been breached and are up for sale. 
Continue Reading

[Send This To Your Users] 5 Top Scams To Watch Out For This Holiday Season

Here is a 3-minute article that we suggest you copy/paste and send to all your users as part of your ongoing security culture campaign.  "The holiday season is a time when people are ...
Continue Reading

Cybersecurity incidents cost organizations $1,197 per employee, per year

This statistic is alarming and underscores the importance of having a robust cybersecurity program in place. According to the Ponemon Institute, the average cost of a data breach is $3.8 ...
Continue Reading

A Recent, Complex, Ransomware Campaign

Microsoft has observed a threat actor that’s been running a phishing campaign since August 2022. The threat actor, which Microsoft tracks as “DEV-0569,” is using phishing emails to ...
Continue Reading

New Instagram Support Phishing Attack Fakes “Unusual Logon” Experience Well Enough to Fool Victims

Long gone are the days of tacky landing pages that barely impersonate a brand; threat actors are improving their social engineering game well enough to make anyone believe it’s the real ...
Continue Reading

Image-Based Phishing and Phone Scams Continue to Get Past Security Scanners

Using the simplest tactic of not including a single piece of content that can be considered malicious, these types of scams are making their way to inboxes every single time.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews