Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

[Wake-Up Call] It's Time to Focus More on Preventing Spear Phishing

CyberheistNews Vol 13 #22 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks

Spear Phishing Trends in 2023

Russian Ransomware Cybercriminal Behind $200 Million in Damages is Sanctioned by the U.S. Government

AI Voice-Based Scams Rise as One-Third of Victims Can’t Tell if the Voice is Real or Not

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

The Bookmark Trap: How Discord Admins Fell Prey to Social Engineering

[EPIC AI FAIL] Lawyer cites fake cases invented by ChatGPT

Tips from Customer Panel on Combining Security Awareness and Compliance Culture Training

“Magic Link” Phishing Attacks Scamming Users With Fake McAfee Renewals

[Mastering Minds]  China's Cognitive Warfare Ambitions Are Social Engineering At Scale

Your KnowBe4 Fresh Content Updates from May 2023

Verizon Sends New Smishing Warning

[SEG Headache] More Than Half of Cybersecurity Leaders Say That Too Many Phishing Attacks Get Through

Financial Fraud Phishing Attacks Increase 72% In One Year; Financial Industry Takes the Brunt

BatLoader Malware is Now Distributed in Drive-By Attacks

More Than Half of all Email-Based Cyberattacks Bypass Legacy Security Filters

[Hands-On Defense] Unpatched Software Causes 33% of Successful Attacks

CyberheistNews Vol 13 #21 [Double Trouble] 78% of Ransomware Victims Face Multiple Extortions in Scary Trend

[Microsoft Warning] A 38% Spike In Business Email Compromise with new Cybercrime-as-a-Service

AI-generated Disinformation Dipped The Markets Yesterday

[New & Improved] QR Code Phishing with Snail Mail Postcards

[Free Tool] Find out who falls victim to QR code phishing attacks with our QR Code Phishing Security Test

New Top-Level Domains as Potential Phishing Risk

Cyber Insurance: Is Paying a Ransom Counter-Productive?

Phishing Tops the List Globally as Both Initial Attack Vector and as part of Cyberattacks

New “Greatness” Phishing-as-a-Service Tool Aids in Attacks Against Microsoft 365 Customers

Large-Scale "Catphishing" that Targets Victims Looking for Love

KnowBe4 Celebrates Success of 60,000-Customer Milestone

The Number of Phishing Attacks Continues to Grow at a Rate of 150% Per Year

CyberheistNews Vol 13 #20 [Foot in the Door] The Q1 2023's Top-Clicked Phishing Scams | INFOGRAPHIC

The Face Off: AI Deepfakes and the Threat to the 2024 Election

The State of Organizational Cyber Defenses Impacts Cyber Insurance Availability, Cost, and Terms

FTC Warns of MetaMask and PayPal Phishing Campaigns

78% of Ransomware Victim Organizations Encounter Additional Threats-Turned-Extortions

Ransomware Gangs are “Big Game Hunting” as Victim Org Sizes and Ransom Payments Continue to Rise

Spain’s National Police Take Down a Phishing Gang

Munich Re: "3x growth estimated in cyber crime costs over the next 4 years"

U.K. Advance Fee Scams Increase by Over 600% in Less Than Two Years

Number of Ransomware Victim Organizations Nearly Doubles in March

King Charles Coronation Results in a Surge in Themed Scam Sites

Business Email Compromise and “Confidential” Mergers and Acquisitions

KnowBe4 Earns 2023 Top Rated Award from TrustRadius

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

Q1 2023 Top-Clicked Phishing Report [INFOGRAPHIC]

More InterPlanetary File System Services Use Also Means Phishing Abuse by Cybercriminals

CyberheistNews Vol 13 #19 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users

Dallas Police Department is the Latest Victim of a Ransomware Attack

Comprehensive Anti-Phishing Mitigations: A Quick Overview

Blocking Social Engineering by Foreign Bad Actors: The Role of the New Foreign Malign Influence Center

[Eye Opener] HTML Phishing Attacks Surge by 100% in 12 Months

[On-Demand] A Master Class on IT Security: Roger Grimes Teaches You Phishing Mitigation

[New Feature] Show Your C-Suite the ROI of Security Awareness Training with KnowBe4 Executive Reports

CNBC: Why Nearly 80% of Leaders are Increasing Cybersecurity Spend

Response-Based Business Email Compromise Contributes to 97% of Attacks

Global Cyber Attacks Continue to Rise as Q1 Sees a 7% Increase

Ransomware Attacks Surge 91% in a Single Month to Reach an All-Time High

Walmart Jumps to Top of the List of the Worlds Most Impersonated Brands Used in Phishing Attacks

Malware Downloads Facilitated by Social Engineering

[May the 4th] How Security Awareness Training Could Have Saved the Death Star

[FREE RESOURCE KIT] New Password Security Resource Kit to Celebrate World Password Day!

WSJ: "Merck’s Insurers On the Hook in $1.4 Billion NotPetya Attack, Court Says"

[Feet on the Ground] Stepping Carefully When Making an AI Your BFF

[Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users

CyberheistNews Vol 13 #18 [Eye on AI] Does ChatGPT Have Cybersecurity Tells?

The Two Best Things You Can Do To Protect Yourself and Organization

Phishing as an Espionage Tactic for Cybercriminals

Phishing Attack Frequency Rises Nearly 50% as Some Sectors Increase by as Much as 576%

Automate Reporting for Security Awareness Training Events and Suspicious Email Remediation Management with Cortex XSOAR and KnowBe4

Your KnowBe4 Fresh Content Updates from April 2023

Heart of the Matter: How LLMs Can Show Political Bias in Their Outputs

[Eyes Wide Shut] Fed Powell's Call with Russian Pranksters Exposed as Social Engineering

[Live Demo] Customizing Your Compliance Training to Increase Effectiveness

Does ChatGPT Have Cybersecurity Tells?

Latest QBot Attacks Use a Mixture of PDF Attachments and Windows Scripting Host Files to Infect Victims

Scammers Impersonate Zelle via the Lure of “Getting Paid” to Get Paid Themselves

Despite a Majority of Organizations Believing They’re Prepared for Cyber Attacks, Half Were Still Victims

Organizations Have No Idea of a Data Breach’s Root Cause in 42% of Reported Cases

Recruiting Money Mules

Fake Meta Tech Support Profiles for Fraud

CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

Another Perspective on ChatGPT's Social Engineering Potential

FBI Warns of Sextortion Scams that Yield a New Equally Scam-Like Service: Sextortion Assistance

Phishing for Credentials in Social Media-Based Platform Linktree

More Companies with Cyber Insurance Are Hit by Ransomware Than Those Without

OpenAI Transparency Report Highlights How GPT-4 Can be Used to Aid Both Sides of the Cybersecurity Battle

Nearly One-Half of IT Pros are Told to Keep Quiet About Security Breaches

Phishing Email Volume Doubles in Q1 as the use of Malware in Attacks Slightly Declines

Guarding Against AI-Enabled Social Engineering: Lessons from a Data Scientist's Experiment

That Email Isn’t from the New Jersey Attorney General

KnowBe4 Named a Leader in the Spring 2023 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

[Arm and a Leg] Cyber Insurers Are Worried About The Long-tail Cost of Attacks

London NatWest Bank Warns Customers of Alarming Impersonation Scams

KnowBe4 Named a Leader in the Spring 2023 G2 Grid Report for Security Awareness Training

CyberheistNews Vol 13 #16 [Finger on the Pulse]: How Phishers Leverage Recent AI Buzz

Indian Rail Passenger Ticketing Platform Warns of Online Fraud

[Head Start] Effective Methods How To Teach Social Engineering To An AI

Affinity Phishing Attacks Use Social Engineering Tactics to Prey on Victims

Large Language Models Will Change How ChatGPT and Other AI Tools Revolutionize Email Scams

‘Support’ Tops the List of Combosquatted Domains Used in Phishing Attacks

Recent Artificial Intelligence Hype is Used for Phishbait

Win The AI Wars To Enhance Security And Decrease Cyber Risk

CyberheistNews Vol 13 #15 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams

Top Takeaways You Could be Missing Out on my Upcoming Ransomware Master Class

[Free Tool] See Which Users Are Susceptible to Risky Security Behavior with SecurityCoach Free Preview!

[Jaw-Dropper] FTX's Cybersecurity Was Hilariously Bad

Alarming Tax Phishing Campaign Targets US with Malware

[INFOGRAPHIC] The Forrester Total Economic Impact™ of KnowBe4 by the Numbers

Your KnowBe4 Fresh Content Updates from March 2023

Recently Exposed North Korean Threat Actor APT43 Targeting Organizations With Spear Phishing

New Emotet Phishing Campaign Pretends to be the IRS Delivering W-9 Forms

FBI: Business Email Compromise Attacks Are Being Used to Make Bulk Goods Purchases from Vendors

1 in 8 Email Threats Now Make It Past Email Security Solutions

"We are hurtling toward a glitchy, spammy, scammy, AI-powered internet."

FBI: 870 Critical Infrastructure Organizations Were the Victim of Ransomware in 2022

That’s Not Actually Mr. Musk, That's a Scam

[On-Demand] A Master Class on IT Security: Roger Grimes Teaches Ransomware Mitigation

How Long Does It Take To Recover From a Ransomware Attack?

Scareware From a Phony Ransomware Group

Italy Bans ChatGPT: A Portent of the Future, Balancing the Pros and Cons

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

Social Engineering Attacks Utilizing Generative AI Increase by 135%

Latitude Forced To Stop Adding New Customers in Aftermath of Breach

Ukrainian Police Take Down Cybercrime Ring

Mid-Sized Businesses Lack the Staffing, Expertise, and Resources to Defend Against Cyberattacks

Majority of Government Employees are Partially Working Virtually Despite Increased User-Related Cyber Risks

Fake ChatGPT Scam Turns into a Fraudulent Money-Making Scheme

The New Face of Fraud: FTC Sheds Light on AI-Enhanced Family Emergency Scams

Artificial Intelligence Makes Phishing Text More Plausible

The Pope, Puff Jackets and Money going POOF!

Australian Police Arrest Business Email Compromise (BEC) Operators

[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoach

The FBI's Public Service Warning of Business Email Compromise

[Eyes Only] New Deepfake Pr0n Site Visits Skyrocket

CyberheistNews Vol 13 #13 [Eye Opener] How to Outsmart Sneaky AI-Based Phishing Attacks

Confessions of a Former 'The Inside Man' Skeptic

KnowBe4 Debuts Season 5 of Netflix-Style Security Awareness Series - ‘The Inside Man’

Oversharing Is a Risk to Information Security

Stay Ahead of the Game: Protect Yourself From Trojanized Chat Apps Targeting WhatsApp and Telegram Users

New Vendor Email Compromise Attack Seeks $36 Million

Ransomware Data Theft Extortion Goes up 40% to 70% From ‘21 to ’22

The Dangers of Vishing Campaigns and How To Protect Yourself

[Security Masterminds] Unlock Maximum Cybersecurity: 3 Crucial Steps to Enhance Your Capabilities, Coverage, and Culture

Users Clicking on Multiple Mobile Phishing Links Increases 637% in Just Two Years

Cyber Insurers Quietly Remove Coverage for Social Engineering and Fraudulent Instruction Claims

Half of Organizations Report at Least Monthly Outages from Cyberattacks

Facebook and Microsoft Top the List of Most Impersonated Brands in 2022

When a USB Flash Drive is Actually a Bomb

Identifying AI-Enabled Phishing

The Future of Cyber Attacks? Speed, More Speed

An Overview of Silicon Valley Bank Themed Social Engineering

CyberheistNews Vol 13 #12 [Heads Up] This Week's New SVB Meltdown Social Engineering Attacks

Bill 96 in Québec Brings Up Important Point About Training in Native Language Everywhere

[Eye Popper] The AI Genie Has Escaped: Stanford copied ChatGPT for a few hundred bucks

Report Shows Business Email Compromise (BEC) Attacks Increase and Phishing Used as Initial Attack Vector in the Last Year

Warning Customers About Social Engineering.

[Black Eye] The Lesson We Learned. Don't Let this Happen to You. #DMARC

Phishing Attacks Top List of Initial Access Vectors with Backdoor Deployment as Top Objective

92% of Organizations Have Fallen Victim to Phishing as Nearly Every Org is Concerned with Email Security

Understanding DMARC Better

[FREE RESOURCE KIT] New Phishing Security Resource Kit Now Available!

A 240% Rise in Dynamic Phishing

Three-Quarters of Organizations Have Experienced an Increase in Email-Based Threats

79% of Employee-Reported Phishing Emails Go Completely Undetected by Cybersecurity Solutions

University of Sydney Gives Students and Staff Advice on Avoiding Social Engineering Scams

Season 5 of ‘The Inside Man’ From KnowBe4 Is Less Than a Month Away!

Newest FBI Report Shows $10B in Losses Last Year Due to Internet Scams

5 Reasons Why SecurityCoach Is Awesome

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

Threat Actors are Using FINRA Impersonation For Their Attacks

Microsoft Warns of Business Email Compromise Attacks Taking Hours

[Heads Up] The SVB Bankruptcy Is A Social Engineering Bonanza

The interesting history and origin of the word "Bankruptcy"

One-Quarter of Users Fall for Online Scams Despite an Overconfidence in an Ability to Spot Them

Google: Analysis of Cyberattacks Targeting Ukraine Shed Light on What a Cyberwar Strategy Looks Like

Use of Malware Decreases in Cyber Attacks as Exploit Usage Skyrockets

The Education Sector Must Act Now

Phishing for Ring Customers

Three-Quarters of Vulnerabilities Used in Ransomware Attacks Were Discovered Before 2020

Half of all Sites Used in Phishing Attacks Impersonate Financial Institutions

Google Phishing Pages Jump 1,560% YoY

Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

[SCAM OF THE WEEK] Is ChatGPT Your Next Financial Advisor?

CyberheistNews Vol 13 #10 [Eye Opener] BusinessWeek: The Satellite Hack Everyone Is Finally Talking About

Three out of Four Organizations Have Experienced a Successful Email-Based Attack as Impacts Increase

Coping With “Double-Extortion” Royal Ransomware

Ransomware Attacks on Industrial Infrastructure Climb 87% Despite Security Improvements to ICS Environments

Executive Impersonation Business Email Compromise Attacks Go Beyond English Worldwide

[On-Demand] A Master Class on Cybersecurity: Roger Grimes Teaches Data-Driven Defense

Your KnowBe4 Fresh Content Updates from February 2023

Financial Services Sector at Risk of More Significant Impacts of Email-Based Cyber Attacks

CISA's latest ransomware warning promotes fighting social engineering at the top of the document, once again

[On-Demand] 5 Ways PhishER Saves You Time and Money

Customer Care Numbers as Phishbait

[Eye Opener] Businessweek: The Satellite Hack Everyone Is Finally Talking About

Remote Workers Significantly Increase the Cost of Remediating Email-Based Cyberattacks as Costs Average $1 Million

NameCheap’s SendGrid Email Account Compromised, Used to Send Phishing Emails

Business Email Compromise Gang Gets Jail Time for Stealing Millions

Blind Eagle Goes Phishing

CyberheistNews Vol 13 #09 [Eye Opener] Should You Click on Unsubscribe?


Get the latest about social engineering

Subscribe to CyberheistNews