Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Think BEC Won’t Cost You Much? How Does $130 Million Sound?

Homeland Security: U.S. Ransomware Attacks Have Doubled in the Last Year

Trezor Crypto Wallet Attacks Results in Class Action Lawsuit Against MailChimp Owner Intuit

Happy Credit Union Customers Become the Target of Spoofing Scams Due to a Lack of Email Security

European Wind-Energy Sector Is the Latest Target of Russian State-Sponsored Attacks

Beware of Spoofed Vanity URLs

KnowBe4 Earns 2022 Top Rated Award from TrustRadius

Another Report of SEO in Phishing

Mustang Panda Uses Spear Phishing to Conduct Cyberespionage

CyberheistNews Vol 12 #19 [Heads Up] There is a New Type of Phishing Campaign Using Simple Email Templates

Wave of Crypto Muggings Hits London's Financial District

Business Email Compromise Shouldn’t Be the Cost of Doing Business

10 of the Craziest Cyberattacks Seen In the Wild and How You Can Avoid Them

Your KnowBe4 Fresh Content Updates from April 2022

Cozy Bear Goes Typosquatting

Microsoft is Leading the Way to a Password-Less Future

SMTP Relay Email Spoofing Technique

89% of Organizations Experienced One or More Successful Email Breach Types During the Last 12 Months

FIN12 Threat Group Speeds Up Ransomware Attacks to Just Two Days After Initial Access

Organizations Have a 76% Likelihood of a Successful Cyberattack in the Next Year

CyberheistNews Vol 12 #18 [Heads Up] The 4 Major Tactics: How Hackers Steal Your Passwords and How To Defend Yourself

Man Convicted for $23 Million Phishing Scam Against the US DoD

Holding a Great Employee Education Meeting

Phishing Campaign Uses Simple Email Templates

75% of SMBs Would Only Survive Seven Days or less from a Ransomware Attack

Half of IT Leaders Say their Non-Technical Staff are Unprepared for a Cyber Attack

[EYE OPENER] The Ransom Payment is Only 15% of The Total Cost of Ransomware Attacks

Criminal Gang Impersonates Russian Government in Phishing Campaign

CyberheistNews Vol 12 #17 [EYE OPENER] "Being Annoying" as a Social Engineering Tactic

How Hackers Get Your Passwords and How To Defend Yourself

Hacking the Hacker: An Inside Look at the Karakurt Cyber Extortion Group

Nearly all Data Breaches in Q1 2022 Were the Result of a Cyber Attack

Cyber Attacks on the Global Supply Chain Have Increased by 51%

More_eggs Malware Distributed Via Spear Phishing

Community Associations Confront Social Engineering

If You Got a “Your Bill Is Paid For” Text, You’re Part of a Massive T-Mobile Texting Scam

LinkedIn is the Most Impersonated Brand in Phishing Attacks

New Phishing Attack Targets MetaMask Users for their Crypto Wallet Private Keys

UK Information Commissioner: Many Cybersecurity Incidents are “Preventable”

Critical: CISA Warns of Potential Attacks on Infrastructure by Russian State-Sponsored and Criminal Cyber Gangs

TraderTraitor: When States do Social Engineering

Ransomware Attacks Show Temporary Slowing but are Expected to Increase in 2022 [Graphs]

Only Half of All Organizations Have Refreshed Their Security Strategy Based on the Pandemic

FBI Warns of Bank Fraud Smishing Campaign

CyberheistNews Vol 12 #16 [Eye Opener] The Costliest Cybercrime: Business Email Compromise (BEC)

Social Engineering Campaign against African Banks

“Being Annoying” as a Social Engineering Approach

Q1 2022 Report: Holiday-Themed Phishing Emails Entice Employees to Click [INFOGRAPHIC]

Storytelling to Improve Your Organization's Security Culture [PODCAST]

Reduce Your Chances of Getting Scammed

Strategies to Achieve Compliance and Real Risk Reduction at the Same Time

Small and Medium Businesses Account for Nearly Half of all Ransomware Victim Organizations

One in Three U.K. Businesses Experience Cyber Attacks Weekly

Meta Stops Three Cyber Espionage Groups Targeting Critical Industries

Smishing Scams Abuse Name of Legitimate Ukrainian Charity

CyberheistNews Vol 12 #15 [Heads Up] Hard-boiled Social Engineering by a Fake "Emergency Data Request"

Business Email Compromise (BEC): the Costliest Cybercrime

Microsoft Azure's Static Web Apps Service Becomes the New Home for Phishing Attacks

KnowBe4 Named a Leader in the Spring 2022 G2 Grid Report for Security Awareness Training

KnowBe4's PhishER Platform Named a Leader in the Spring 2022 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

The Ransomware Hostage Rescue Checklist: Your Step-by-Step Guide to Preventing and Surviving an Ransomware Attack

Phishbait Invokes Russia's Ministry of Internal Affairs (Road Safety Division)

“Human Error” Ranked as the Top Cybersecurity Threat While Budgets Remain Misaligned

Multi-Million Dollar Scam Call Center Shut Down by Multinational Police Efforts

Mailchimp Phishing Attack Results in Potential Hit on 100K Trezor Crypto Wallets

“Europol Calling” (Not Necessarily)

Microsoft Warns of Lapsus$ “Targeting Organizations for Data Exfiltration and Destruction”

Info Stealer Malware Vidar Uses Microsoft Help Files to Launch Attacks

Ransomware Victims See Ransom Demands and Payments Increase as The Number of Published Data Victims Spikes

Social Engineering from Tehran

CyberheistNews Vol 12 #14 [EYE OPENER] A Lack of Employee Cyber Hygiene is the Next Big Threat

Social Engineering by "Emergency Data Request"

Your KnowBe4 Fresh Content Updates from March 2022

Simple Facebook Phishing Scam Takes an Unexpected Turn to Throw Potential Victims Off the Scent

Cisco: Web 3.0 Will be the Next Frontier for Social Engineering and Phishing Attacks

Cost of Internet Crimes in 2021 Increase 64% Exceeding $6.9 Billion

Obvious Phishbait, But Someone Will Bite

FBI Warns of Phishing Attacks Targeting Election Officials

A Lack of Employee Cyber Hygiene is the Next Big Threat

Ransomware Attack Volume Increases by 18% As the Number of Variants Jumps to 34 in Only One Quarter

Mobile Device Usage Have Led to Security Incidents in Nearly Half of Organizations

CyberheistNews Vol 12 #13 [Heads Up] Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online

Email Conversation Hacking to Distribute Malware

KnowBe4 and Okta Update

Making Better Push-Based MFA

Buy Now, Pay Later Scams

WIRED: "A Mysterious Satellite Hack Has Victims Far Beyond Ukraine"

Fidelity: "Why cybersecurity is material to all industries"

Repertoire of Ukraine Charity Phishing Scams

Initial Access Broker Group Relies on Social Engineering

Try the New Compliance Audit Readiness Assessment Today for the SSAE18 Framework

Number of Phishing Attacks Hits an All-Time High in 2021, Tripling That of Early 2020

Phishing Attack-Turned-Wire Fraud Case Sees a Win for the Policyholder

QakBot Banking Trojan Evolves and Now Takes Over Email Conversations to Spread Malware

Phishing Scam with Fraudulent Invoice Costs City of Fresno Over $600,000

Exploiting Trust in reCAPTCHA

Published Zelenskyy Deepfake Video Demonstrates the Modern War is Online

SMBs Are 350% More Likely to Experience Social Engineering Attacks Via Phishing

CyberheistNews Vol 12 #12 [New White House Alert] Train Your Users Against Threat of Russian Cyberattacks

[BREAKING] White House warns Russia is prepping possible cyberattacks against US

Chameleons Phish, Too

[Heads Up] New Evil Ransomware Feature: Disk Wiper if You Don't Pay

KnowBe4 Named a Leader in The Forrester Wave for Security Awareness and Training Solutions

Ransomware-Related Data Leaks Increase 82% as the Number of Cybercriminal Groups Nearly Triples

Backups Become the Focus as Three-Fourths of Organizations Experienced Ransomware Attacks

New Phishing Method Uses VNC to Bypass MFA Measures and Gives Cybercriminals Needed Access

[Eye Opener] Ukraine Is Now Being Hit With 4 Different Strains Of Wiper Malware

We Are In The First Open Source Intelligence War

CyberheistNews Vol 12 #11 [Heads Up] FBI: Ransomware Gang Breached 52 U.S. Critical Infrastructure Orgs

Shipping Fraud Rises Nearly 800% in 2021

Cybercrime-as-a-Service: Its Evolution and What You Can Do to Fight Back

Social Engineering through Contact Form

Email-Based Vishing Attacks Skyrocket 554% as Phishing, Social Media, and Malware Attacks Are All on the Rise

“Warm Greetings” (or not) : Saudi Aramco Impersonation

Phishing and Scam Pages Increase by 153% as Cybercriminals Seek to Establish Credibility

Passwords are Reused 64% of the Time as the Number of Passwords to Remember Reaches Over 100

KnowBe4's Position On Recent Russian Aggression

Up and To the Right: Ransomware Attacks Grow by 105% in 2021

83% of all Successful Ransomware Attacks Featured Double and Triple Extortion

Social Engineering a Major Factor in Cyberattack on Camera Maker Axis Communications

Domains Associated with Phishing Directed Against Ukraine

Phishing Impersonation and Attack Trends in 2021

CyberheistNews Vol 12 #10 [Heads Up] A New Phishing Attack Warns About A Suspicious Russian Login

[World Premiere] KnowBe4’s New Season 4 of Netflix-Style Security Awareness Video Series - ‘The Inside Man’

FBI: Ransomware gang breached 52 US critical infrastructure orgs

By the Way, There's No Draft - Smishing Campaign Alert

Log4j - Kevin Mitnick Explains One of the Most Serious Vulnerabilities in the Last Decade

The Recent Log4J Vulnerability Equation: Remote Code Execution (RCE) + National Vulnerability Database (NVD) = 10.0

According to KnowBe4 Research's Q1 2022 Report: Shadow IT Is Real

Phishing Attacks Impersonating LinkedIn are up 232% in the Last Month Alone!

FBI: Scammers Take Business Email Compromise Attacks to Virtual Meeting Platforms

CISA: 2021 Cyberattack Trends Indicate Increases in Global Ransomware Attacks

Your KnowBe4 Fresh Content Updates from February 2022

What It's Like to Be the Face of Romance (Scams)

Gain Insight into Where Your Organization Stands with the Security Culture Maturity Model

Data Breach Volumes in the U.S. Grow by 10% in 2021

Timely “Help Ukraine” Online Crypto Scams Take in Millions

FBI: SIM Swapping Attacks See More Than 500% Increases in The Number of Attacks and Monetary Losses

UK ICO Sees a Massive Increase in Targeted Email Attacks

Phishing Emails Warn of a Suspicious Login From Russia

CyberheistNews Vol 12 #09 [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk

Scammers Will Take Advantage of New IRS Rules

Russia Could “Absolutely” Lash Out at US Through Cyber, Lawmaker Warns

Wartime Suffering as Phishbait

[EYES OPEN] The Kremlin Propaganda Machine Now Works Overtime. INFOGRAPHIC

[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk

When the Phishers Want a Reply, not a Click

CyberheistNews Vol 12 #08 [Eye Opener] Here Are the 4 Traits of Most Scams

New Phishing Campaign Angles for Monzo Banking Customers

20 Year-Old “Right-to-Left Override” Functionality Used in Attacks to Trick Microsoft 365 Users Out of Credentials

New QBot Attack Only Takes 30 Minutes to Elevate Privileges and Steal Data

Phishing Campaign Targets NFT Speculators

[Heads Up] There Is A Whole New Type of Blockchain Scam Called "Ice phishing"

Conti Ransomware Attacks Reap in $180 Million in 2021 as Average Ransomware Payments Rise by 34%

Coinbase’s QR Code Superbowl Ad Only Helps Normalize QR-Based Scams

Scammers Use a Mix of Stolen Credentials, Inbox Rules, and a Rogue Outlook Client Install to Phish Internal and External Victims

Traits of Most Scams

Phishing Attacks on Social Media Doubled Over 2021

CyberheistNews Vol 12 #07 [Heads Up] FBI Warns Against New Criminal QR Code Scams

[On-Demand Webinar] Incredible Email Hacks You'd Never Expect and How You Can Stop Them

Meta Files Lawsuit Over Phishing Attacks

FBI: Scammers Exploit Job Posting Sites with Fake Jobs to Steal Money and Personal Information

New Cyberattack Campaign Delivers Multiple RATs via Trusted Cloud Services

Engaging Your Remote Workforce: Go Beyond Compliance with Training

Brand Impersonation and the Healthcare Sector

Introducing the New 'Security Masterminds' Podcast

Updated Ransomware Hostage Rescue Manual

Use of Excel .XLL Add-Ins Soars Nearly 600% to Infect Systems in Phishing Attacks

Average Ransomware Ransoms Jump 130% While Use of Data Exfiltration Grows

The Evolution and Future of Ransomware

Scammers Now Exploit 'Slinks' in LinkedIn

CyberheistNews Vol 12 #06 [Heads Up] Beware of New Quickbooks Payment Scams

QR Codes in the Time of Cybercrime

As Tax Season Starts, So Do IRS Scams - Here’s What to Look For

KnowBe4 Named a Leader in the Winter 2022 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

Phone Number Only Phishing on the Rise

The 4 Things You Should Be Doing Right Now To Best Improve Your Cybersecurity

The Benefits of Paranoia

U.K. Snack Manufacturer Expects Months of Delays After Ransomware Attack

Your KnowBe4 Fresh Content Updates from January 2022

Web Trackers Collect Much More Info About Your Users’ Browsing Activity Than Previously Believed

[New Feature] Give Your Users Additional Learning Opportunities Driven By AI with New AI-Recommended Optional Learning Feature

1 in 7 Ransomware Extortion Leaks Include Sensitive Operational Technology Details

Opinion: Is Your Cyber Insurance Going To Cover “Cyber War”?

KnowBe4 Unveils Official Trailer for ‘The Inside Man’ Season 4

COVID-19 Test-Related Phishing Scams Jump 521% Into January

8 New Malware Payloads Spotted As Part of Attacks Against Ukrainian Targets

New Phishing Campaign is Impersonating Zoom to Steal Credentials

CyberheistNews Vol 12 #05 [Heads Up] DHS Sounds Alarm on New Russian Destructive Disk Wiper Attack Potential

Beware of QuickBooks Payment Scams

Increased “Shipping Delays” Now Served as Phishbait

KnowBe4 Continues to be One of Okta's Most Popular Apps in the 2021 Businesses at Work Report

[On-Demand Webinar] A Data-Driven Approach for Your Third-Party Risk Management Processes

Microsoft Warns of Latest “Consent Phishing” Attack Intent on Reading Your Email

Dark Web Service Sells Access to Compromised Accounts and Browser Sessions

Malicious Office Documents Jump to 37% of All Malware Downloads at the End of 2021

[Heads Up!] DHS Sounds Alarm on New Russian Destructive Disk Wiper Attack Potential

Ransomware Operators Try to Recruit Insiders

Irish Teaching Council Fined €60,000 for Phishing-Induced Breach

CyberheistNews Vol 12 #04 [FBI HEADS UP] US Defense Industry Targeted with New USB-Based Ransomware Attacks

Get the latest about social engineering

Subscribe to CyberheistNews