Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

New Ransomware Threat Group, RansomHub, is so Effective, the NSA is Already Warning You About Them

BEC Scams Have Caused $55 Billion in Losses Over the Past Ten Years

[4-Minute Survey] Share Your Thoughts on AI in InfoSec With Me?

Authorized Push Payment Fraud Responsible for Over Half of U.K. Frauds and Scams

Attackers Using HTTP Response Headers to Redirect Victims to Phishing Pages

Your Lawyers Are Increasingly Targeted by Phishing Attacks, Ransomware

Forget the Talent Gap – It’s an Experience Gap

Losses From Investment Scams have Increased Six-Fold Since 2021

CyberheistNews Vol 14 #37 Scammers Use Fake Funeral LiveStream Social Media Posts to Extort Victims

[On-Demand Webinar] On How To Avoid Hiring Nation-State Fake Employees

Election-Themed Scams Are on the Rise

Use of Malicious Links Surges by 133% in Q1, Setting the Tone for the First Half of 2024

Phishing Attack Takes a Two-Step Approach to Leverage Legitimate Sites and Evade Detection

Manufacturing Sector Is the Latest Target of Advanced Credential Harvesting Attacks

Phishing is Still the Top Initial Access Vector

Threat Actors Increasingly Exploit Deepfakes for Social Engineering

[Security Masterminds Podcast] The Human Side of Cybersecurity: Bridging the Gap with Empathy and Strategy

CyberheistNews Vol 14 #36 KnowBe4 Expands Children's Interactive Cybersecurity Activity Kit for 2024/2025 School Year

Organizations in the Middle East Targeted By Malware Impersonating Palo Alto GlobalProtect VPN

Major Scam Operation Uses Deepfake Videos

Your KnowBe4 Compliance Plus Fresh Content Updates from August 2024

Scammers Use Fake Funeral LiveStream Social Media Posts to Extort Victims

Nearly Half of Mid-Market and Enterprise Organizations Have Experienced Four or More Ransomware Attacks in the Last Year

Threat Actors Abuse Microsoft Sway to Launch QR Code Phishing Attacks

U.S. Experiences 52% Increase in the Number of Ransomware Attacks in One Year

Your KnowBe4 Fresh Content Updates from August 2024

Fewer, High-Profile Ransomware Attacks Are Yielding Higher Ransoms

Iran’s APT42 Targets WhatsApp Users With Spear-Phishing Attacks

Email Compromise Remains Top Threat Incident Type for the Third Quarter in a Row

Phishing Attacks Are Increasingly Targeting Social Media and Smartphone Users

CyberheistNews Vol 14 #35 [PROVED] Unsuspecting Call Recipients Are Super Vulnerable to AI Vishing

More Carrots and Fewer Sticks

Ransomware Recovery Costs Have Doubled for State and Local Governments

KnowBe4 Expands Children’s Interactive Cybersecurity Activity Kit for 2024/2025 School Year

Business Email Compromise Scams Rise 20%, Making up Nearly Half of all Spam Emails

The Number of Email-Based Cyber Attacks Detected Surge 239% in 1H 2024

Malvertising Campaign Impersonates Dozens of Google Products

Deceptive AI: A New Wave of Cyber Threats

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

Phishing Scammers Leverage Microsoft Dynamics 365 to Target US Government Contractors

Threat Actors Abuse URL Rewriting to Mask Phishing Links

Cybersecurity in 2024: Reflecting on the Past, Preparing for the Future

CyberheistNews Vol 14 #34 [HEADS UP] Real Social Engineering Attack on KnowBe4 Employee Foiled

The Long Road to Recovery Following a Ransomware Attack

U.K. Management Almost Twice as Likely to Fall for Phishing Attacks Versus Entry-Level Employees

Ransomware Group Known as ‘Royal’ Rebrands as BlackSuit and Is Leveraging New Attack Methods

Is Disabling Clickable URL Links Enough?

[PROVED] Unsuspecting Call Recipients Are Super Vulnerable to AI Vishing

File-Sharing Phishing Attacks Increased by 350% Over the Past Year

Ransomware Payments Decline While Data Exfiltration Payments Are On The Rise

Latest Phishing Scam Uses Cross-Site Scripting Attack to Harvest Personal Details

Employment Scams Continue to Target Job Seekers Via Phony Employment Offers

Real Social Engineering Attack on KnowBe4 Employee Foiled

Reflecting on KnowBe4's 5th Consecutive TrustRadius Tech Cares Award

Summer Lovin' or Summer Scammin'?

Chameleon Malware Poses as CRM App

CyberheistNews Vol 14 #33 Your Users Still Fall For Phishing Attacks Because of URL Shorteners

Attackers Abuse Google Drawings to Host Phishing Pages

[FREE RESOURCE KIT] 2024 Cybersecurity Awareness Month Kit Now Available

Hacker Stories: A Facebook Physical Threat

A Whopping 33% of Young Americans Are Exposed to Political Lies on TikTok

[WHOA] - This 'Unpatch Attack' Is A New One To Me!

Not Just Us: North Korean Remote IT Fraudster Arrested in Tennessee

New Phishing Campaign Targets Israeli Organizations To Deliver Malware

SEC Report Provides Insight into Key Tronic Ransomware Costs Totaling Over $17 Million

[On-Demand Webinar] 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk

62% of Phishing Emails Bypassed DMARC Checks in 1H of 2024

“Pastejacking” Attacks Are Becoming a Thing (Because Users are Falling for Them)

AI Tools Have Increased the Sophistication of Social Engineering Attacks

New Malvertising Campaign Impersonates Google Authenticator

CyberheistNews Vol 14 #32 QR Code Phishing is Still on the Rise - The SEG is Dead

KnowBe4 Honors the World Famous Hacker for the First National Social Engineering Day

Creating a Big Security Culture With a Tiny Button

Brand Impersonation of Microsoft Increases 50% in One Quarter

Your Users Still Fall For Phishing Attacks Because of URL Shorteners

Prisoner Swap Includes Russian Hackers and KGB Assassin

Global Cyber Attacks See Highest Increases in the Last Two Years

New Research: Smaller Companies Receiving Higher Rates Of Phishing Emails

KnowBe4 Named a Leader in the Summer 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) Software

Half of Travel-Themed Spam Emails Are Scams

The First Half of 2024 Results in More Than 1 Billion Data Breach Victims

KnowBe4 Named a Leader in the Summer 2024 G2 Grid Report for Security Awareness Training

Organizations Prepare for More Evolved AI-Based Cyber Attacks as Deepfakes Become Top Concern

New Phishing Kit Uses Voice Call Generator to Impersonate Spanish Banks

Fortune 50 Ransomware Victim Pays an Eye-Watering $75 Million

CyberheistNews Vol 14 #31 How The Whole World Now Knows About Fake North Korean IT Workers

Scammers Exploit Interest in Generative AI Tools

IoT: Internet of Threats?

The 2024 Olympics Offers Plenty of Opportunity For Online Scammers

QR Code Phishing is Still on the Rise. The SEG is Dead.

Nearly All Ransomware Attacks Now Include Exfiltration of Data…But Not All Are Notified

Roger’s Hacking Stories

How The Whole World Now Knows About Fake North Korean IT Workers

New Phishing Scam Leverages Chat To Add Credibility And Ensure Success

Phishing Campaigns Continue To Exploit CrowdStrike Outage

Russian Super-Threat Group Fin7 Comes Back from the Dead

Your KnowBe4 Fresh Content Updates from July 2024

Your KnowBe4 Compliance Plus Fresh Content Updates from July 2024

North Korean Fake IT Worker FAQ

Phishing Campaigns Abuse Cloud Platforms to Target Latin America

Is Your Bank Really Calling? How to Protect Yourself from Financial Impersonation Fraud

Crypto Data Breach Continues to Fuel Phishing Scams Years Later

How a North Korean Fake IT Worker Tried to Infiltrate Us

CyberheistNews Vol 14 #30 The SEC Fines a Public Company 2 Million+ For Ransomware Negligence

Phishing Attacks Will Likely Follow Last Week’s Global IT Outage

[Security Masterminds Podcast] Securing Software Over 50 Years: Reflections from an Industry Veteran

CrowdStrike Phishing Attacks Appear in Record Time

78% of Organizations Are Targets of Ransomware Attacks Two or More Times in Twelve Months

CISA’s Red Team Exercise Shows Value of Phishing, but Misses the Best Recommendation

Cyber Threats Targeting the 2024 Paris Olympics

Change Healthcare Ransomware Attack May Cost Nearly $2.5 Billion

Chile Leads Latin America With New Cybersecurity Governance

7 in 10 Organizations Experienced a Business Email Compromise Attack in the Last 12 Months

New Ransomware Threat Group Calls Attack Victims to Ensure Payments

Malvertising Campaign Impersonates Microsoft Teams

[NEW FREE TOOL]: Reveal Your Network's Hidden Weaknesses with KnowBe4's BreachSim Data Exfiltration Simulator

SEC Fines Publicly Traded Company $2.125 Million For Negligence Before, During, and After a Ransomware Attack

Espionage-Intent Threat Groups Are Now Using Ransomware as a Diversion Tactic in Cyberattacks

IRS Warns of Phishing Attacks Targeting Car Dealerships

From Reactive to Proactive: Cyber Insurance is Driving Optimal Security Investments for Organizations

Phishing Continues to Be the Primary Entry to Ransomware Attacks

CyberheistNews Vol 14 #29 [Warn Your Users] High Scam Risk After Failed Trump Assassination

[On-Demand Webinar] Crack the Code on Ransomware: Empowering Your Last Line of Defense

[Warn Your Users] High Scam Risk After Failed Trump Assassination

Phishing Attacks Against State and Local Governments Are Surging

Ransomware Attacks on Healthcare Is Costing Lives

Russian Spear Phishing Campaigns Target NATO Entities

From Policy to Practice in Security Culture: What Security Frameworks Recommend

Dodgy New Phishing Platform Targets Microsoft 365 Accounts at Financial Firms

Amazon-Related Scams Spike Ahead of Prime Day

CyberheistNews Vol 14 #28 [Urgent Alert] 5 Critical Steps to Shield Your Teens from Rising Sextortion

Phishing Attacks Target High Profile YouTube Accounts

The Importance of Security Culture: When Telecom Giants Resort to Malware

Travelers Beware: Booking.com Warns of Increases in AI-Enabled Travel Scams

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

State-Sponsored Phishing Campaigns Target 40,000 VIP Individuals

Don't Fall for It: How to Spot Social Media Job Scams a Mile Away

Phishing Attacks Themed Around Popular Weight Loss Drugs Increase 183%

New “Paste and Run” Phishing Technique Makes CTRL-V A Cyber Attack Accomplice

[Urgent Alert] 5 Critical Steps to Shield Your Teens from Rising Sextortion

Ransomware Attack on U.K. Health Service Laboratory Disrupts Major London Hospital Services

Hacked Customer Support Portal Being Used to Send Phishing Emails

CyberheistNews Vol 14 #27 [Important Alert] TeamViewer Network Breached as Russian APT29 Hackers Strike Again

The Curious Case of the Payroll Pilfering

New Malware Campaign Impersonates AI Tools To Trick Users

Your KnowBe4 Compliance Plus Fresh Content Updates from June 2024

[Important Alert] TeamViewer Network Breached as Russian APT29 Hackers Strike Again

KnowBe4 Recognized as Cyber Security Educator of the Year at IT Europa Awards 2024

Your KnowBe4 Fresh Content Updates from June 2024

Russian Threat Actor Launches Spear Phishing Attacks Against French Diplomats

FBI Warns of Phishing Campaign Targeting the Healthcare Industry

Cybercriminals Set Sights on Digital Identities of Singapore Citizens

The Double-Edged Sword of AI: Empowering Cybercriminals and the Need for Heightened Cybersecurity Awareness

Simulated Phishing Tests Matter

Mexican Organizations Under Attack from Specialized Cyber Criminals

Phishing Attacks in the UK Have Surged

CyberheistNews Vol 14 #26 [Heads Up] Tricky Fake Invoice Phishing Attack Uses Search to Deliver Malware

FREE Resource Kit for Ransomware Awareness Month in July

Balancing Act: The European Union's AI Act and the Quest for Responsible Innovation

BEC Attacks Accounted for More Than One in Ten Social Engineering Attacks in 2023

My Hacker Story: A Cautionary Tale of Intern Antics and Cultural Learnings

The Indispensable World of Red Teaming

Vacation-Themed Scams Are Spiking

Happy 1st Birthday to Our KnowBe4 Community!

Brazilian Entities Increasingly Targeted by Nation-State Phishing Attacks

The Overlooked Truth: User Experience in Cybersecurity

CyberheistNews Vol 14 #25 Microsoft and KnowBe4 Collaborate on Ribbon Phish Alert Button for Outlook

[Heads Up] Tricky Fake Invoice Phishing Attack Uses Search to Deliver Malware

No Politician Too Small: School Board Candidates Targeted By Phishing and BEC Scams

Microsoft and KnowBe4 Collaborate on Ribbon Phish Alert Button for Outlook

Unmasking the Threat: Why Phishing Scams are Surging in Japan

Phishing Campaign Targets Job Seekers With WARMCOOKIE Backdoor

The Global Reach of Cyber Threats: Why Security Awareness Training is More Important Than Ever

Cybercriminals Use New V3B Phishing Kit to Mimic 54 Different Banks in the European Union

Phishing With Deepfakes for HK$200 Million

New Research Shows An Alarming Trend of Phishing Attacks Doubling For US and European Organizations

Beware: Major AI Chatbots Now Intentionally Spreading Election Disinformation

Sinister "More_eggs" Malware Cracks Into Companies by Targeting Hiring Managers

CyberheistNews Vol 14 #24 [NEW 2024 RESEARCH] Reveals that 34% of Green Users Will Fail a Phishing Test

DarkGate Malware Being Spread Via Excel Docs Attached To Phishing Emails

New HR-Themed Credential Harvesting Phishing Attack Uses Legitimate Signature Platform Yousign

Bruce Schneier: "AI Will Increase the Quantity—and Quality—of Phishing Scams"

Everything You Can Do to Fight Social Engineering and Phishing

[New Feature] Find Out if They've Got a Bad Reputation in Record Time with PhishER Plus Threat Intel

Nearly Three-Quarters of Organizations Were the Target of Attempted Business Email Compromise Attacks

Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing

Breach or Bluff: Cyber Criminals' Slippery Tactics

Minnesotans Targeted by Scammers With Phony Arrest Warrants

Social Engineering Scams Can Come in the Mail, Too

“Operation Endgame” Ends with the Arrest of 4 Cybercriminal Suspects and 100 Servers

26% of Global Organizations Lack Security Training Programs

Best Buy/Geek Squad Impersonation Scams Surged in 2023

Email Compromise Continues to Dominate as Top Threat Incident Type as Tactics Evolve

CyberheistNews Vol 14 #23 [SPECIAL] The Hard Evidence That Phishing Training and Testing Really Works Great

[NEW RESEARCH]: KnowBe4’s 2024 Phishing by Industry Benchmarking Report Reveals that 34.3% of Untrained End Users Will Fail a Phishing Test

Enhance NIS2 Compliance: Elevate Your Cybersecurity with Awareness & Culture Before The Deadline

Russia’s Military Intelligence Service Launches Spear Phishing Attacks

New Transparent Phishing Attacks Leverage Cloudflare Worker Serverless Computing

Your KnowBe4 Compliance Plus Fresh Content Updates from May 2024

The Hard Evidence That Phishing Training and Testing Really Works Great


Get the latest about social engineering

Subscribe to CyberheistNews