Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

[NEW GAME] The Inside Man: New Recruits Game

4 out of 5 of Physicians Were Impacted by February’s Cyber Attack on Change Healthcare

Kudos! CEO Reveals He Got Phished

Half of U.K. Businesses Experienced a Security Breach or Cyber Attack in the Last 12 Months

Russian Threat Actor FIN7 Targeting the Automotive Industry with Spear Phishing Attacks

LastPass Warns of Deepfake Phishing Attempt

AI Voice Cloning and Bank Voice Authentication: A Recipe for Disaster?

KnowBe4 Named a Leader in the Spring 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) Software

Phishing Frenzy: Microsoft and Google Most Mimicked Brands in Cyber Scams

Cisco Calls Out Organizations As Being “Overconfident and Unprepared” for Cyber Attacks

CyberheistNews Vol 14 #16 Critical Improvements to the 7 Most Common Pieces of Cybersecurity Advice

KnowBe4 Named a Leader in the Spring 2024 G2 Grid Report for Security Awareness Training

[WARNING] FBI Issues Alert on Major Phishing Campaign That Impersonates US Toll Services

You Really Are Being Surveilled All the Time

I don't have to say it, do I?

[Heads Up] Global Cybercrime Hotspot Countries Revealed: Secure Your Defenses

State-Sponsored Disinformation Campaigns Targeting Africa Driving Instability And Violence

U.S. Department of Health Alert: Hackers are Targeting IT Help Desks at Healthcare Organizations

Cyber Attacks Could Cause Global Bank Runs

UK Councils Under Cyber Attack: The Urgent Need for a Culture of Cybersecurity and Resilience

Yesterday, in DC, I was given the Holland on the Hill Freddy Heineken Award

Water Facilities Compromised By Iranian Threat Actors

Top Tax Scams of 2024 Your Organization Should Watch Out For

Malvertising Campaigns Surged in 2023

Critical Improvements To The Seven Most Common Pieces of Cybersecurity Advice

New Phishing-as-a-Service (PhaaS) platform, 'Tycoon 2FA', Targets Microsoft 365 and Gmail Accounts

CyberheistNews Vol 14 #15 [Heads Up] Your Apple Users Are Now Targeted With New MFA Attacks

All The Ways the Internet is Surveilling You

Australian Government Commits to Become a World-Leader in Cybersecurity by 2030

Tokyo Police Department Warns of Phishing Scam That Uses Phony Arrest Warrants

Large-Scale StrelaStealer Campaign Impacts Over 100 Organizations Within the E.U. and U.S.

The Cyber Achilles' Heel: Why World Leaders and High-Profile Individuals Must Prioritise Cybersecurity

Catfishing Campaign Targets Members of the UK Government

Apple Users Become the Latest Targets of MFA Attacks

IT Leaders Can’t Stop AI and Deepfake Scams as They Top the List of Most Frequent Attacks

Malicious App Impersonates McAfee to Distribute Malware Via Text and Phone Calls

New Report Shows Phishing Links and Malicious Attachments Are The Top Entry Points of Cyber Attacks

CyberheistNews Vol 14 #14 [SCARY] Research Shows Weaponized GenAI Worm That Gets Distributed Via A Zero Click Phishing Email

Despite Cybersecurity Improvements in UK Organizations, Attacks Still Persist

Thread Hijacking Phishing Attack Targets Pennsylvania Journalist

Must-Read New Study on Russian Propaganda Techniques

Your KnowBe4 Compliance Plus Fresh Content Updates from March 2024

Russian Federation-backed threat group APT29 Now Targeting German Political Parties

Narwhal Spider Threat Group Behind New Phishing Campaign Impersonating Reputable Law Firms

75% of Organizations Believe They Are at Risk of Careless or Negligent Employees

New Malware Loader Delivers Agent Tesla Remote Access Trojan Via Phishing

Your KnowBe4 Fresh Content Updates from March 2024

[New Feature] Start Coaching Your Users in Real Time With the New Google Chat Integration for KnowBe4's SecurityCoach

The Number of New Pieces of Malware Per Minute Has Quadrupled in Just One Year

A Simple 'Payment is Underway' Phishing Email Downloads RATs from AWS, GitHub

[SCARY] Research Shows Weaponized GenAI Worm That Gets Distributed Via A Zero Click Phishing Email

It’s Official: Cyber Insurance is No Longer Seen as a 'Safety Net'

New Phishing-as-a-Service Kit Attempts to Bypass MFA

CyberheistNews Vol 14 #13 If Social Engineering Accounts for Up to 90% of Attacks, Why Is It Ignored?

[New Research] KnowBe4's Report is a Call to Action for Global Organizations to Improve Their Security Culture

The Average Malicious Website Exists for Less Than 10 Minutes

There Is Only So Much Lipstick You Can Put on a Cybercriminal Troll

Cloud-Conscious Cyber Attacks Spike 110% as Threat Groups Sharpen their Attack Skills

FBI: Losses Due to Cybercrime Jump to $12.5 Billion as Phishing Continues to Dominate

Social Engineering The #1 Root Cause Behind Most Cyber Crimes In FBI Report

Ransomware Group “RA World” Changes Its’ Name and Begins Targeting Countries Around the Globe

[Heads-Up] Phishing Campaign Delivers VCURMS RAT

CISA Recommends Continuous Cybersecurity Training

[Heads Up] Reinforce Your Defenses Against Rising Supply-Chain Cyber Threats

AI and the Boardroom: Bridging Innovation and Security

Phishing Tops 2023’s Most Common Cyber Attack Initial Access Method

State-Sponsored Russian Phishing Campaigns Target a Variety of Industries

Phishing-as-a-Service Platforms LabHost and Frappo Help Threat Actors Target Canadian Banks

CyberheistNews Vol 14 #12 [HEADS UP] I Am Announcing AIDA: Artificial Intelligence Defense Agents!

CISA: Healthcare Organizations Should Be Wary of Increased Ransomware Attacks by ALPHV Blackcat

If Social Engineering Accounts for up to 90% of Attacks, Why Is It Ignored?

Sophos: Over 75% of Cyber Incidents Target Small Businesses

Organizations Are Vulnerable to Image-based and QR Code Phishing

Despite Feeling Prepared for Image-Based Attacks, Most Organizations Have Been Compromised by Them

New Research: BEC Attacks Rose 246% in 2023

Compromised Credentials Postings on the Dark Web Increase 20% in Just One Year

AI-Driven Voice Cloning Tech Used in Vishing Campaigns

[Security Masterminds] The Art of Defending Against Social Engineering in the Age of AI: Insights from Rachel Tobac

I am announcing AIDA: Artificial Intelligence Defense Agents!

Dodging Digital Deception: How to Spot Fake Recruiters and Shield Your Career Search from Phishing Scams

How Much Will AI Help Cybercriminals?

Generative AI Results In 1760% Increase in BEC Attacks

CyberheistNews Vol 14 #11 Microsoft and OpenAI Team Up to Block Threat Actor Access to AI

The European Union's Unified Approach to Cybersecurity: The Cyber Solidarity Act

FBI's 2023 Internet Crime Report Highlights Alarming Trends on Ransomware

Three Essential Truths Every CISO Should Know To Guide Their Career

AI and Ransomware Top the List of Mid-Market IT Cyber Threats

European Diplomats Targeted With Phony Invitations to a Wine-Tasting Party

[On-Demand] Customer Spotlight: MESA’s Strategy for Building Strong Security Culture and Email Defense

New Research: Spike In DNS Queries Driving Phishing and Cyber Attacks

Chicago Man Sentenced to Eight Years in Prison for Phishing Scheme

Microsoft and OpenAI Team Up to Block Threat Actor Access to AI

CyberheistNews Vol 14 #10 [SCARY] You Knew About OSINT, But Did You Know About ADINT?

Phishers Abusing Legitimate but Neglected Domains To Pass DMARC Checks

Phishing Kit Targets the FCC and Crypto Exchanges

Planning with Purpose: 10 Tips to Develop Your Year-Long Security and Compliance Training Program

Cybercriminals Sent 1.76 Billion Social Media Phishing Emails in 2023

Email-Based Cyber Attacks Increase 222% as Phishing Dominates as the Top Vector

New Research: Ransomware Incidents Spike 84% in 2023

Phishing Campaign Targets Mexican Taxpayers With Tax-Themed Lures

Game-Changer: Biometric-Stealing Malware

When Threat Actors Don’t Have a Viable Email Platform to Phish From, They Just Steal Yours

Credential Theft Is Mostly Due To Phishing

[SCARY] You knew about OSINT, but did you know about ADINT?

Emails Are Responsible for 88% of Malicious File Deliveries

Annual Ransomware Payments Surpass $1 Billion

CyberheistNews Vol 14 #09 Exposed: Global Espionage Unleashed by China's Police in Groundbreaking Leak

Swiss Government Identified 10,000 Phishing Websites Impersonating 260 Brands

Your KnowBe4 Compliance Plus Fresh Content Updates from February 2024

Face off: New Banking Trojan steals biometrics to access victims’ bank accounts

Nearly One in Three Cyber Attacks In 2023 Involved The Abuse of Valid Accounts

Data Breach at French Healthcare Payment Processor Puts 20 Million Policyholders at Risk

Your KnowBe4 Fresh Content Updates from February 2024

Exposed: Global Espionage Unleashed by China's Police in Groundbreaking Leak

QR-Code Attacks Target the C-Suite 42 Times More than Standard Employees

Anyone Can Be Scammed and Phished, With Examples

Malware Delivered Through Phishing Surges 276%

[INFOGRAPHIC] KnowBe4’s Learner App by the Numbers

The Unsettling Leap of AI in Video Creation: A Glimpse Into Sora

IBM Tests Audio-Based Large Language Model to Hijack Live Conversations

Malvertising Campaign Spreads Phony Utility Bills

CyberheistNews Vol 14 #08 Browser-Based Phishing Attacks Increase 198%, With Evasive Attacks Increasing 206%

[On-Demand Webinar] Making The Return on Investment (ROI) Case For Security Awareness Training

State-Sponsored Threat Actors Targeting European Union Entities With Spear Phishing Campaigns

Only 7% of Organizations Can Restore Data Processes within 1-3 Days After a Ransomware Attack

[On-Demand Webinar] The IT Pro's How-to Guide to Building a Strong Security Culture

Augmented Security: The Impact of AR on Cybersecurity

Messaging Platform Telegram Sprouts Cyber Crime “Marketplaces” of Tools, Insights and Data

Iran-Aligned Threat Actor "CharmingCypress" Launches Spear Phishing Attacks

Over Half of Malware Downloads Originate from SaaS Apps

Phishing Campaign Exploits Remote Desktop Software

Number of Data Compromises Affecting U.S. Organizations Rises 77%

Cupid’s Arrow of Cyber Scams

Another Ransomware-as-a-Service Known as “Wing” Takes Flight on the Dark Web

AI in Cyberspace: A Double-Edged Sword

CyberheistNews Vol 14 #07 Social Engineering Masterstroke: How Deepfake CFO Duped a Firm out of $25 Million

Hard Lessons From Romance Scams

Security Teams Spend 71 Hours Responding to Every One Hour in a Cyber Attack

Americans Lose a Record $10 Billion to Fraud in 2023; Mostly Due To Investment Scams

Browser-Based Phishing Attacks Increase 198%, With Evasive Attacks Increasing 206%

Calculating Materiality for SEC Rule 1.05

Cybersecurity Resiliency and Your Board of Directors

Watch Out For Valentine’s Day Romance Scams

Unprecedented Rise of Malvertising as a Precursor to Ransomware

81% of Organizations Cite Phishing as the Top Security Risk

Chinese Hackers Spy on Dutch Ministry of Defense: A Story of Alarming Cyber Espionage

[On-Demand Webinar] How to Fight Long-Game Social Engineering Attacks

Synthetic Data: The New Frontier in Cyber Extortion

Generative AI Used to Launch Phishing Attacks

CyberheistNews Vol 14 #06 [New Threat] Attackers Are Now Using MS Teams to Phish Your Users

Fake “I Can’t Believe He’s Gone” Posts Seek to Steal Facebook Credentials

New Phishing-As-A-Service Kit with Ability to Bypass MFA Targets Microsoft 365 Accounts

Social Engineering Masterstroke: How Deepfake CFO Duped a Firm out of $25 Million

Vendor Email Compromise Attacks Against Financial Services Surge 137% Last Year

Microsoft Teams: The New Phishing Battlefront - How Attackers Are Exploiting Trusted Platforms

81% of Underwriters Expect Cyber Insurance Premiums to Increase as Risk is Expected to Soar

Associated Press: "Grave peril of digital conspiracy theories."

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Ransomware Payments On The Decline As Cyber Attackers Focus on The Smallest, And Largest, Organizations

FBI Cyber Alert: Tech Support Scams Steal Cash or Precious Metals

[Live Demo] Customizing Your Compliance Training to Increase Effectiveness

The Percentage of Organizations Globally Struck by Ransomware Hits an All-Time High

Open Redirects Used to Disguise Phishing Links

CyberheistNews Vol 14 #05 Myth of Massive Data Breach Busted: Big Headlines Mask a Minor Threat

Forget Deepfake Audio and Video. Now There’s AI-Based Handwriting!

Malvertising Targets Chinese-Speaking Users

Identify Weak User Passwords With KnowBe4’s Enhanced Weak Password Test

Scammers Use Airdrops to Lure Users With Phony NFTs

Bravo Host Andy Cohen Scammed Out of a “Sizable” Amount of Money by Fraudsters Posing as the Bank

Your KnowBe4 Compliance Plus Fresh Content Updates from January 2024

Your KnowBe4 Fresh Content Updates from January 2024

Houston, We Have a 2024 China Problem

The Number of Ransomware Attack Victims Surge in 2023 to over 4000

HP Enterprise Reveals It was hacked by the same Russians that broke into Microsoft

New Evasive Phishing Technique “Legacy URL Reputation Evasion" (LURE)

Social Engineering Attacks Rising in the Trucking Industry

New Deepfake Video Scam has “Taylor Swift” Offering Free French Cookware

Roblox Game 'Hack-A-Cat' Now Part of the Free KnowBe4 Children’s Interactive Cybersecurity Activity Kit

Use of Generative AI Apps Jumps 400% in 2023, Signaling the Potential for More AI-Themed Attacks

North Korean Threat Actor Targeting Cybersecurity Researchers With Spear Phishing Attacks

Myth of Massive Data Breach Busted: Big Headlines Mask a Minor Threat

CyberheistNews Vol 14 #04 'Swatting' Becomes the Latest Extortion Tactic in Ransomware Attacks

Facebook Phishing Scams Target Concerned Friends and Family

AI Does Not Scare Me, But It Will Make The Problem Of Social Engineering Much Worse

Russian State-Sponsored Threat Actor Targets High Profile Individuals in Phishing Campaign

Russian Hackers Win Big: Microsoft's Senior Exec Team Emails Breached

Facebook Work-From-Home “Job” Posting Scam Goes the Extra Mile to Trick Victims

More Than Half of Data Breaches in the U.K.’s Legal Sector are Due to Insider Error

Scammers Target Owners of Missing Pets

‘Swatting’ Becomes the Latest Extortion Tactic in Ransomware Attacks

Ninety-Four Percent of Organizations Sustained Phishing Attacks Last Year

Malicious APKs Drain Bank Accounts

Cryptocurrency Drainer Distributed Through Phishing

LinkedIn is Being Used for *Dating* – It’s a Recipe for Disaster

CyberheistNews Vol 14 #03 Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For

Analysis of Phishing Emails Shows High Likelihood They Were Written By AI

Women CyberSecurity Society Targeted by Smishing Campaign

Three-Quarters of Organizations Have Experienced Phishing Attack in the Last 12 Months

[New Phishing Template] Formula 1 Exclusive: Gene Haas on Guenther Steiner's Departure

Beware of "Get to Know Me" Surveys

Get the latest about social engineering

Subscribe to CyberheistNews