Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Think Tanks Targeted by APT Actors

How Are Credential-Theft Phishing Websites Avoiding Detection? They Just Invert the Website Background

Number of Phishing Websites Double and Unique Phishing Campaigns Triple in Q3

Maze Ransomware Group Retires (Retires!), Leaving a Gap in the Ransomware Marketplace

When the Bad Guys Hide in Plain Sight: Hacking Platforms You Know and Trust

KnowBe4 Fresh Content Updates from November: Including A New Holiday Training Resource Kit

Average Ransomware Payment Significantly Increases Risk

[HEADS UP] FBI Warns US Companies of BEC Scammers

Dutch Government Sees Phishing More Than Double in 2020

South African Post Office Issues Warning on Postal Phishing Attack

CyberheistNews Vol 10 #49 [Eye Opener] How Many Phishing Sites? A Whopping 2 Million in 2020 So Far

Zoom Impersonation a New Variant of Familiar Phishbait

Giving Tuesday Means an Influx of Charity Scams

Computer Security Day

Fake Zoom Invite Leads to one Australian Company's Downfall

Is the Secret to Stopping Cyberattacks Making Users "Phishing Aware"?

Phishing Attacks in the U.K. Rise by 73% During Pandemic Months as Vishing and Smishing Attacks Also Increase

Egregor Ransomware Finds a New Way to Inform You That You’re a Victim of Cyberattack: Printers

See Ridiculously Easy Security Awareness Training and Phishing

Journalists Need Phishing Awareness, Too

[Heads-Up] A Hacker Is Selling Access To The Email Accounts Of Hundreds Of C-Level Executives

The Risk of the “To” Line

Credential-Stealing VPN Exploits

How Many Phishing Sites? Over 2 Million in 2020 (so far)

CyberheistNews Vol 10 #48 [Scam of the Week] Black Friday & Cyber Monday Top 10 Cybersecurity Tips

2021 Prediction: Expect Ransomware Attacks Will Increase in Frequency and Variety

Email Sandboxes Are Detected and Rendered Useless in New Office 365 Phishing Attack

Ransomware Downtime Costs for SMBs Are 50 Times More than the Ransom Itself!

The COVID-19 Vaccine: The Next Wave of Coronavirus Phishing Emails & What You Can Do About It

Beware of Black Friday Deals That Are Too Good To Be True

Famous U.K. Soccer Club Becomes the Next Victim of a Cyber Attack

You're Fired (Not Really, Just Clicked on a Phishing Email)

[Scam of the Week] Black Friday & Cyber Monday Top 10 Cybersecurity Tips

OPSEC, OPSEC, OPSEC...

[ModStore Release] New 2021 Versions of 3 Flagship Courses Now Live!

Remote Workers Continue to Put Organizations Critically at Risk of Cyberattack

One-Third of Employees Say Their Company Has No Cybersecurity Measures in Place While Working from Home

Phishing Attacks Rose by 220% At Pandemic Peak Amid Global COVID-Related Fears

Google's Free Services and Phishing Campaigns: A Likely Pair

Spotting Retail Scams During the Holiday Season

[Free Resource Kit] Stay Safe This Holiday Season with KnowBe4!

[HEADS UP] Allowing Site Notifications Can be Very Costly

Nearly Half of Spear Phishing Emails Bypass Security Filters

Will You Get Spoofed for the Holidays? Find out for a Chance to WIN!

CyberheistNews Vol 10 #47 [SCARY EYE OPENER] The Bad Guys Can Now Bypass Your Filters and Implant Malicious Emails Straight Into Your Inbox

[HEADS UP] Phishing Emails Double in November as Black Friday and Cyber Monday Nears Closer

Why Use Malware When Cybercriminals Can Use Social Engineering?

KnowBe4 is Named Cybersecurity Company of the Decade

[HEADS UP] Ransomware Gangs Partner to Extort Victims

Phishing in Facebook's Pond

KnowBe4 Wins Tampa Bay Tech's 2020 Company of the Year Award

Ransomware Attacks Officially Hit a New Low and Go Where No Cyberattack Has Gone Before: Death

Cybercriminals Can Now Bypass Security Solutions and Implant Malicious Emails Directly into Inboxes with "Email Appender"

Scammers Target Singles Day Shoppers

Emotet Makes Another Comeback with New Tactics, Techniques and Procedures

New “Election Interference” Phishing Scams Infect Victims with Qbot Trojan

University Research Shows Security Awareness Training is a Necessary Layer of Defense

CyberheistNews Vol 10 #46 [Eye Opener] Almost Half Of Ransomware Attacks Now Involve Data Exfiltration And Extortion

Britain's Government Will Tackle Online Misinformation Claims on Anti-Vaccine

Twitter Hack Only Took 24 Hours from Start to Takeover

BEC Incidents Intent on Invoice or Payment Fraud Increase 155% Across All Industries

Ryuk Ransomware Takes a Single Victim for $34 Million in Ransom

Threat Actors Use Fake Sites for Espionage

Fake Microsoft Teams Updates to Infect Systems

The Most Common Password Frustrations

Cyber Security Awareness Month is Over... Now What?

Malicious Macros Remain Highly Effective

Brand-New Ransomware Simulator Now With 21 Latest Infection Scenarios

Cybercriminals Target Brazilian Government in a Ransomware Attack

6 Lessons I Learned from Hacking 130 MFA Solutions

Unfortunate Learning Lessons from Clicking on a Suspicious Phishing Email

Phishing Links Sent Via Legitimate Google Drive Notifications

Cannabis Company GrowDiaries Suffers Data Breach of 3.4 Million Users

Thinking Skeptically About Smishing

[On-Demand Webinar] Top 5 IT Security Myths Your CISO Believes Are True… BUSTED!

Organizational Security Posture Effectiveness Declines by 38% Due to COVID

WARNING: Americans’ Password Habits are Horrible, Putting Organizations at Risk

Cyber Insurers Expect to Raise Ransomware Policy Premiums as Much as 25%

Manipulation by Disinformation: How Elections are Swayed

CyberheistNews Vol 10 #45 [Heads Up] Here Are Some Truly Scary Social Media Stats

Conman in the Secret World

Brand-New Tool: Is your organization ready for the new CMMC compliance audit? Find out now!

[SCAM OF THE WEEK] Sean Connery's Final Wish is Revealed

[HEADS UP] British Broadcasting Corporation Receives 250,000 Phishing Emails a Day

JavaScript Obfuscation on Phishing Pages Continues to Rise by 70%

Famous VC Firm: "The New Attack Surface is Your Life"

Learn to Combat These Three Cybersecurity Monsters This Halloween and Beyond

KnowBe4 Fresh Content Updates from October: Including New SCIM Integration Support for Azure Active Directory

Cybersecurity Awareness Month Lessons Learned: Out of Bounds Communication

New Ransomware, OldGremlin, Coming Soon to an Organization Near You!

Phishing Attacks Can Come from an Unlimited Number of Trusted Phishing Sites Thanks to Google App Engine

More Ransomware Creators Jump on the Leak Site Bandwagon as the Number of Sites and Data Breach Posts Skyrocket in Q3

[HEADS UP] U.S. Government Warns of Ransomware Threat Against Hospitals

Don't Neglect the Threat of Vishing

Cybersecurity Awareness Month Weekly Tip: Security Awareness Training

Here's Your Guide for Combating the Global Disinformation Pandemic

Here Are Some Truly Scary Social Media Stats!

Nearly Half of the World’s Workers Don’t Know What a Mobile Phishing Attack Is

Fraud Attacks Targeting the Mid-Market Organization Increase 129%

New Qbot Phishing Attack Pretends to be Windows Defender to Trick Its Victims

Researchers Discover Most Microsoft 365 Admins Don't Enable Multi-Factor Authentication

"Berserk Bear", The Russian Hackers Playing ‘Chekhov’s Gun’ With US Infrastructure

Could A Botched Ransomware Attack Have Caused The Massive Mauritius Oil Spill?

CyberheistNews Vol 10 #44 [FUN DEPARTMENT] The Ultimate Cyber Security Tip

[NEW BOOK] Hacking Multi-Factor Authentication

[HEADS UP] Remote Workers Disregard Security Awareness Training

Couple Avoids Becoming a Victim to Publishers Clearing House Scam

[HEADS UP] Cybercriminals Threaten Patients in Clinic Data Breach

[HEADS UP] Fraudsters are Exploiting High Demand Air Freight

All Con, All the Way Down: Bad Guys Spoof Phishing Link Hover Texts

[INFOGRAPHIC] 20 Ways to Build Your Security Fortress From Anywhere

Members of the Cybercrime Group Responsible for NotPetya Indicted by U.S. Government

REvil Ransomware Gang Flexes Its Hiring Muscle With a $1 Million Deposit on a Hacking Hiring Website

[HEADS UP] Cybercriminal Sells Info on 186 Million U.S. Voters

The Ultimate Cyber Security Tip

[HEADS UP] Australia Warns Citizens of JobKeeper Phishing Email

Cybersecurity Awareness Month Weekly Tip: Social Media Safety

Middle Management is the Next Target for Phishing Attacks

[On-Demand] Lessons Learned: An IT Pro’s Experience Building his Last Line of Defense

Threatening Election Emails Land in Florida Inboxes

Notes on Social Engineering, and What to Do About It

[HEADS UP] Russian Intelligence Officers Charged With Hacking

CyberheistNews Vol 10 #43 There's a Whole War Going On: The New HBO Film Tracing 10 Years of Cyber Attacks

The Geography of Business Email Compromise

Threat Actors Take Advantage of Exchange Online and Outlook on the Web with New Levels of Sophistication

Another Office 365 OAuth Attack Targets Coinbase Users to Gain Compromised Email Access

The Risk of Redirector Domains in Phishing Attacks

Security Awareness Training Compliance and .GOV

5 Cyber Security Awareness Month Tips for Cybersecurity Professionals

The Secret to This Email Phishing Campaign is Volume

Q3 2020 Top-Clicked Phishing Subjects: Coronavirus-Related Attacks Still Prevalent [INFOGRAPHIC]

Two-Month Email Compromise and Impersonation Attack Results in a $15M Take

Fake Social Media Verification Scams Are the Gateway to Something Much More Sinister

FINRA Yet Again Becomes the Impersonated Brand at the Center of Phishing Attacks on Brokerage Firms

[HEADS UP] Ransomware Attacks Skyrocket During COVID-19

Trends in Malicious Attachments Used in Phishing Emails

[eSummit] Your Cybersecurity Awareness Month Action Plan

CyberheistNews Vol 10 #42 New Office 365 Phishing Attack Checks Your Stolen Credentials in Real-Time

Sophisticated Mercenary Group Excels at Social Engineering

Cybersecurity Awareness Month Weekly Tip: Password Security

Microsoft 365 vs. Office 365: What’s the difference?

The Market for Phishing Kits

Scam Of The Week: Bad Guys Prep For Prime Day Phishing Attacks

[HEADS UP] Local Boston Town Falls Victim to a Phishing Attack

Ransomware Attacks Will Keep Getting Worse

New Mount Ransomware Joins the Millionaires Club Demanding Seven Figure Ransoms

61% of Successful Phishing Attacks Against Government Organizations Result in Full Compromise of Credentials

Cybersecurity Awareness Month Weekly Tip: Current Phishing Threats

An Autopsy of a $15 Million Heist

New Office 365 Phishing Attack Checks Your Stolen Credentials in Real-Time

USPS and FedEx Phishing Attack Texts Flood Mobile Phones

Gartner Recognizes KnowBe4 as a Representative Vendor for Security Awareness Training Program Platforms

[HEADS UP] Cybercriminals Launch Phishing Campaign to Capitalize on President's Health

The Most Dangerous Celebrity of 2020...

The Pesky Password Problem: Policies That Help You Gain the Upper Hand on the Bad Guys

See How You Can Get Audits Done in Half the Time at Half the Cost

CyberheistNews Vol 10 #41 [Heads Up] Paying Ransomware Criminals Might Land You a Steep Federal Fine

Scammers are using Black Lives Matter as Phishbait

Healthcare Sector Still Sustains Phishing Campaigns

New Articles and Updates From the KnowBe4 Technical Content Team in Q3 2020

[Heads Up] Scam of The Week: Watch Out For Trump COVID Disinformation

[Heads up] Paying Ransomware Criminals Might Land You A Steep Federal Fine

Interesting Mini-Movie On Disinformation From The FBI

September Fresh Content Updates from KnowBe4: Get Your 2020 Resource Kit for National Cybersecurity Awareness Month

Malicious Actors Crash U.S. Election: Spoofed Emails Attempt to Gather U.S. Voter Registration Data

Newly Relaunched ProLock Ransomware Seeks Ransoms as High as $3 Million

Global Ransomware Attacks Increase by 715 Percent as Cybercriminals Capitalize on the Pandemic Opportunity

Two Men Charged in a Case of Phishing NFL and NBA Players

Don't Just Catch a Phish, Captcha One

Happy National Cybersecurity Awareness Month 2020 From KnowBe4!

[CRITICAL] 250,000 Microsoft Exchange Servers are Unpatched and Vulnerable to Remote Code Execution Attacks!

[Heads Up] This Ingenious Worm Phishing Campaign Is A Game-Changer In Password Theft And Account Takeovers

Phishing Attacks Continue to Grow More Sophisticated

[FREE COURSE] 'Social Media: Staying Connected in a Secure World' Now Available to Support National Cybersecurity Awareness Month

What’s the Information Stolen in a Phishing Attack Really Worth?

Spike in Emotet Attacks Against Government Agencies Seen Around the Globe in September

The 2020 Election is Expected to be the Next Big Theme for Cyber Attacks

CyberheistNews Vol 10 #40 [Scary Stuff] A Chinese Antivirus Vendor Is Tied to a Decade-Long Hacking Spree

KnowBe4 Named a Leader in the Fall 2020 G2 Grid Report for Security Awareness Training

KnowBe4 Earns 2020 Top Rated Award from TrustRadius

Phishing Campaign Goes After AT&T Employees’ MFA Codes

Organizations Working From Home Opens Wider Target for Cybercriminals

Chinese Antivirus Vendor Tied to Part of a Decade-Long Hacking Spree

Cyberattacks Targeting State and Local Government Increase by 50%

60% of the US Workforce Will Be Working Remotely by 2024 (and That’s a Problem)

Tribune Publishing apologizes for fake bonus offer in phishing-simulation email

Abusing App Engine to Automate Phishing

Which Users in Your Organization Put You at Risk?

KnowBe4 Receives a 2020 Tech Cares Award

Five Alarming Approaches to Extortion

Credential Stuffing to Stuff the Ballot Box

CyberheistNews Vol 10 #39 CrowdStrike: "More Cyberattacks in the First Half of 2020 Than in All of 2019"

[On-Demand] The Critical Need to Improve Your Compliance Processes

Credential Stuffing Used Against Financial Services

[On-Demand] Your Organization Through the Eyes of an Attacker

[Announcement] KnowBe4 ModStore: New Series "Security Snapshots" from Twist & Shout

Bitcoin Millionaire Loses $16 Million to a Compromised Wallet and Simple Social Engineering

Joint Cybersecurity Advisory Outlines Approaches to Discovering and Remediating Attacks

Beware of Fake Forwarded Phishes

Crowdstrike: "More Cyberattacks in the First Half of 2020 Than in All of 2019"


Get the latest about social engineering

Subscribe to CyberheistNews