Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

[NEW FEATURE] Admins Can Save and Schedule KnowBe4 Reports to Automatically Send on a Recurring Basis

Enterprise Organizations Have as Much as an 85% Chance of Receiving a BEC Attack Every Week

Probability of Experiencing a Vendor Email Compromise Attack Increases 96%

New Phishing Attack on Microsoft 365 Users Leverages Open Redirects to Avoid Detection

That's Not the US Department of Transportation, It's a Phishing Attack

Brute Force Attacks are on the Rise as June sees a 671% increase

Researchers Discover Vulnerability Used for Deception and SSID Stripping

U.S. Cyber Command General Promises 'Surge' To Fight Ransomware Attacks

Register for the Cybersecurity Virtual Summit KB4-CON EMEA Today!

CyberheistNews Vol 11 #36 [EYE OPENER] The Number Of Daily Ransomware Attacks Skyrockets Nearly 1,000% In 2021

Social Media as Artillery Preparation for Spear Phishing

Business Email Compromise Scam takes New Hampshire Town for $2.3 Million

Ransomware Resurrection? REvil Servers Come Back Online

Blame it on the Lizard Brain

A Master Class on Cybersecurity: Roger Grimes Teaches Data-Driven Defense

Wanting to Stream the Italian Grand Prix This Weekend? It Might Be a Scam.

Five Signs of Social Engineering

A Look at Phishing Keywords

The Number of Daily Ransomware Attacks Increase Nearly 1000% in 2021

The Amount of Weekly New Phishing URLs Has Grown Nearly 2.5x Since 2020

BEC, Fraud, and Ransomware Attacks Are All on the Rise and Costing More Than Ever

Phishing for the German Bundestag

[FREE COURSES] Two New Training Modules are Now Available to Support Cybersecurity Awareness Month

CyberheistNews Vol 11 #35 [Heads Up] When the URL Domain Is Not Enough To Avoid That Phish

Windows 11 Phishbait by Active Threat Group Now Delivers Malware

Conti's Ransomware Playbook Includes Recon for Users with Privileged Access

Be Wary of Unrequested Disc Images

Email-Based Cyberattacks Double Between January and June

CISA: Ransomware Attacks Favor Holidays and Weekends

Ransomware Attacks in 2021 Have Increased Nearly Three-fold in the First Half of the Year

Your KnowBe4 Fresh Content Updates from August

BEC and the Underworld's Resources

Large Phishing Campaign Abuses Open Redirects

When the URL Domain Is Not Enough To Avoid a Phish

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

CyberheistNews Vol 11 #34 [Heads Up] A Tricky New COVID-19 Phishing Caper

[FREE Resource Kit] Cybersecurity Awareness Month 2021 Now Available

U.K. Organizations See Double the Number of Ransomware Attacks in the First Half of 2021

Cryptominers are Tricked out of Cryptocurrency Using Phishing Scams Involving the Purchase of Mining Equipment

Cybercriminals Can Post Jobs on LinkedIn Posing as Any Employer They Want

A COVID-19 Phishing Caper

A Look at a Ransomware Affiliate

Nigerian Threat Actors Solicit Victim Organization Employees to Deploy Demon Ransomware

Arrests in International Fraud Scheme Due to Social Engineering

Hospitals Continue to be Ransomware Targets as Half Experience Shutdowns in the Last 6 Months

Microsoft Warns of New Phishing-Turned-Vishing-Turned-Phishing Attack Aimed at Installing Ransomware

CyberheistNews Vol 11 #33 [EYE OPENER] The Anatomy Of New Smishing Attacks And How To Avoid Them

“Compromise” is the “C” in “MICE”

CISA shares guidance on how to prevent ransomware data breaches

Phishing Attacks Have Increased by 22% This Year

Defending Against Ransomware Attacks Should Start (and Can End) With Security Awareness Training

Can the Microsoft 365 Platform Be Trusted to Stop Security Breaches?

Deepfakes Continue to be a Concern as the Technology Improves and Becomes More Convincing

Trend Micro: Most Organizations in the World Will Likely Be Compromised in the Next 12 Months

Cyber Attacks Grow 125% as Ransomware Tops the List Plaguing Enterprise Organizations

The Average Ransom Demand of $5.3M in 2021 is Up 518% From Last Year

Copyright Scammers Now Making Phone Calls

Attackers Use Morse Code to Encode Phishing Attachments

KnowBe4’s Automated Security Awareness Program Builder Now Available in Nine Languages

CyberheistNews Vol 11 #32 [Heads Up] The Cyber Insurance Industry Is Wrongly Hedging Its Bets On MFA

The Anatomy of Smishing Attacks and How to Avoid Them

Military Personnel Vulnerable to Fraud

Words of Advice for Organizations on Cybersecurity Best Practices

What’s in a (Ransomware Gang) Name? (A Gang by Any Other Name is Just as Dangerous)

Is Being a Ransomware Affiliate Profitable? The Math Says it is!

Android Trojan Goes After Facebook Accounts

Spear Phishing Becomes a Bigger Problem as the Average Organization is Targeted 700 Times a Year

DarkSide Ransomware Returns as BlackMatter After Sudden Shutdown of Operations

Cyber Insurance Rates Climb 30% as Ransomware Attacks, Costs, and Payments are All on the Rise

CyberheistNews Vol 11 #31 [HEADS UP] Microsoft Warns of Sneaky Phishing Campaign

Cyber Insurance Industry Wrongly Hedging Its Bets on MFA

FTC Warns of Unemployment Insurance Phishing Scheme

Your KnowBe4 Fresh Content Updates from July

12 Steps to a Security Ignorance Program

BEC Attacks Are Targeting Lower-Level Employees

[On-Demand Webinar] Open Source Intelligence (OSINT): Learn the Methods Bad Actors Use to Hack Your Organization

79% of Employees Have Knowingly Engaged in Risky Online Activities in the Past Year

You Knew It Would Eventually Happen: Ransomware Lawsuits

Egress: 73% of Orgs Were Victims of Phishing Attacks in the Last Year

CyberheistNews Vol 11 #30 [Eye Opener] Image Inversion as a New Phishing Technique

Ransomware Extortion Attacks Continue to Rise in Frequency as Ransom Payments Decrease by 40%

Phishing Attacks Target IT Professionals More Than Any Other Organizational Role

How Social Engineers Use Social Media

[HEADS UP] Microsoft Warns of Sneaky Phishing Campaign

New Phishing Campaign Uses Blackmail to Lure Victims

Visit KnowBe4 at Black Hat USA 2021 - Virtual & In Person Event

Two of the Most Common and Successful Ransomware Attack Methods are Exposed

Ransomware Attacks This Year Are Already Higher Than 2020

Happy 22nd Annual SysAdmin Day from KnowBe4!

Scammers Use Milanote App to Host Phishing Content and Avoid Detection by Secure Email Gateways

The World’s Most Impersonated Brand in Phishing Attacks Is… (and it’s NOT Microsoft!)

Over 700 Ransomware Victim Organizations are Named on Data Leak Sites in Q2

Image Inversion as a Phishing Technique

Cybercriminals Are Growing More Organized

Warning: A New Ransomware Cartel Has Formed Sharing Techniques, Code, and Infrastructure

U.K. Employees Pose a Major Cybersecurity Risk to Business as They Return to the Office

77% of Organizations Are Unable to Access Systems or Networks Post-Ransomware Attack

CyberheistNews Vol 11 #29 [Heads Up] New Phishing Threat Infographic: Your Users Are Failing Security and HR-Related Attacks

Phishing Attacks Surged in Q2 2021

Milanote Exploited to Host Phishing Content

Mission Possible: Turning Compliance Into Tangible Security

Remote Employees Adopt Bad Cybersecurity Habits While Working from Home

U.S. State Department Issues a Reward for Information on Foreign Cybercriminals Targeting Critical Infrastructure

Updated Ransomware Simulator Now With 23 Latest Infection Scenarios

Microsoft Takes Down Homoglyph Domains

[HEADS UP] 2021 Tokyo Olympics Mean Olympic-Themed Phishing Attacks

Mint Mobile, Porting Numbers, and Identity Theft

Microsoft Continues to be the Top Impersonated Brand in Phishing Attacks

The Cost and Impact of Cybercrime Can Now Be Measured in a Single Minute

CyberheistNews Vol 11 #28 [HEADS UP] Live Phishing Attack Uses New Infection Technique to Deliver Malware

[INFOGRAPHIC] New Report Shows Users Are Falling for Security and HR-Related Phishing Attacks

New LuminousMoth APT Takes a Double-Infection Vector Approach to Attacks

Nearly Every Organization Has Had an Insider-Caused Data Breach in the Last Year

Facebook Disrupts Iranian Social Engineering Operation

[On-Demand Webinar] 2021 Phishing By Industry Benchmarking Report

KnowBe4 Receives Four ISO Certifications From ISOQAR, A Certifying Organization

84% of Organizations Experienced Ransomware and Phishing-Related Security Events in the Last 12 Months

CISA Publishes Darkside Malware Analysis Report and Updated Best Practice Guidance Against Ransomware

Cryptocurrencies and Email Extortion Trends

Phishing Campaign Uses Novel Technique to Deliver Malware

New York Department of Financial Services Issues New Guidance to Financial Services Orgs to Counter Ransomware

Year-Long Phishing Campaign Targets Energy, Oil & Gas Companies Using Spoofed B2B Correspondence

Spear Phishing Campaign Targets Energy Companies

CyberheistNews Vol 11 #27 [EYE OPENER] They're Here... The Ransomware Ecosystem Now Has Criminal VC Investors

Ransomware Attacks Put Singapore Organizations at Risk of Violation of the Personal Data Protection Act

Counterterrorism Strategies Could Be the Key to Stopping Ransomware

Phishbait Follows Current Events

The Pandemic’s Paradigm Shift with Cybersecurity

How to Defeat REvil Ransomware

KnowBe4 Fresh Content Updates from June

[On-Demand Webinar] Implement DMARC the Right Way to Keep Phishing Attacks Out of Your Inbox

Ransomware Attacks from Within Russia So Impactful, U.S. Government Says They Will Take Action If Russia Won’t

How REvil Works: A Look Inside the World’s Most Famous Ransomware-as-a-Service

Social Engineering and Organizational Culture

KnowBe4’s 2021 Phishing By Industry Benchmarking Report Reveals that 31.4% of Untrained End Users Will Fail a Phishing Test

Lazarus Group Continues Targeting Defense Contractors

87% Increase in Social Engineering Scams During the First Quarter of 2021 Compared to Q1 2020

KnowBe4 Named a Leader in the Summer 2021 G2 Grid Report for Security Awareness Training

Your The Majority of Business Email Compromise Phishing Attacks Initially Go for Credentials, Not Money

It Was Only a Matter of Time: The Ransomware Ecosystem Has Given Birth to VC Investors

CyberheistNews Vol 11 #26 [Eye Opener] Almost All LinkedIn User’s Data Has Been Scraped and Is up for Sale on the Dark Web

WhatsApp Phishing Scams Significantly Increase

HMRC-Branded Phishing Attacks Targeting U.K. Users Saw an 87% Increase During COVID

Two-Thirds of Organizations Have Experienced Spear Phishing Attacks in 2021

Important Kaseya Notice! Turn VSA Off. Now. Ransomware. Updated

[BREAKING] NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign

New IcedID and QBot Phishing Campaigns Are Running Amuck

How to Get The Most Out of Your Compliance Platform

Almost All LinkedIn User’s Data Has Been Scraped and is Up for Sale on the Dark Web

Spear Phishing Impersonation Attacks Take on New Tactics to Become More Convincing and Effective

Yet Another Disk Image File Format Spotted in the Wild Used to Deliver Malware

35% of All Security Incidents are Business Email Compromise Phishing Attacks

[Eye Opener] The Biggest Bitcoin Heist Ever: A Whopping 3.6 Billion Dollars!

CyberheistNews Vol 11 #25 [Heads Up] Attackers Abuse Your Google Docs With a New Phishing Angle

New Phishing Attack Adds a Call Center Step to Get You to Download Malware

Cybersecurity and Business Priorities Don’t Appear to Be Aligning – and That’s Bad for Your Security Stance

An Unusual Attachment is Most Likely a Phishing Campaign

Misconfigured Cloud Database Increases Risk of Social Engineering

[HEADS UP] Over 400% Increase in Ransomware Victims

Threat Actors use Google Ads to Target People Migrating to Encrypted Messaging Services like Signal and Telegram

Attackers Abuse Google Docs for Phishing Attacks

ADATA Ransomware Attack Results in the Publishing of 700GB of Data Stolen

60% of Orgs Needed New Security Policies to Secure Their Remote Workforce

Turning Compliance Into Tangible Security

80% of Ransomware Victim Organizations Experience a Second Attack

Leaked Copies of Windows 11 Could Be Tempting Phishbait for Techies

Why Phishing Attacks Are So Easy, Successful and Profitable – and What to do About It

The Number of Phishing Sites in March Was Twice That of the Previous Year

KnowBe4 Makes eSecurity Planet's Best Security Awareness Training for Employees 2021 List

Credential Stuffing in the Travel and Retail Sectors

CyberheistNews Vol 11 #24 [Scam of the Week] If Your Users Are Amazon Shoppers, Heed This Prime Day Phishing Alert

Understanding Ransomware’s True Costs

[Heads Up] If You're an Amazon Prime Shopper, Heed This Prime Day Phishing Alert

Bad Security Habits During the Pandemic

Ragnar Locker Ransomware Finds Its Next Victim in Taiwan Computer Memory Manufacturer ADATA

The Number of Phishing Websites Hits an All-Time High Reaching Nearly 350% Growth

Tax Organizations Need to Focus on Cybersecurity

New BEC Phishing Attack Steals Office 365 Credentials and Bypasses MFA

Bad Cyber Hygiene: 54% Of Employees Admit They Use the Same Passwords Across Multiple Work Accounts

CyberheistNews Vol 11 #23 [Heads Up] Ransomware Attacks Run Rampant As Fujifilm Becomes the Next Victim

EA Got Social Engineered via Slack Channel and Lost 780 GB valued Millions

New “Ransomware Update” Phishing Attack Seeks to Enjoy the Same Successes as the Recent Pipeline Attack

Fax/Scan Phishing Attacks Jump Nearly 500% as Workers Return to the Office

KnowBe4 Earns 2021 Top Rated Award from TrustRadius

Deal or No Deal: The Double-edged Sword of the IT Security Bundle

Insights Into Credential Phishing

FINRA Warns U.S. Brokerage Firms of New Phishing Campaign Threatening Penalties for Non-Compliance

Ransomware Tops IBMs List of Most Observed Attack Types with Sodinokibi Maintaining the Lead

78% of CISOs Say Attacks Have Increased as a Result of More Employees Working from Home

Chinese Hacker Group Debuts After 3 Years of Testing with a Previously Unseen Backdoor Exploit

The Future Of Ransomware

CyberheistNews Vol 11 #22 [Heads Up] New Email Attack Takes a Phishing-Turned-Vishing Angle To Steal Credit Card Info

Phishing Trends Show Adult Themes Have Skyrocketed 974%

KnowBe4 Fresh Content Updates from May: Including New Mobile-First Training Modules

Ransomware Attacks Run Rampant as Fujifilm Becomes the Next Victim

[REUTERS BREAKING NEWS] U.S. to give ransomware hacks similar priority as terrorism

Everyone Has It Wrong. It Is Not Double Extortion, It Is Quintuple Extortion!

Ransomware's Impact Highlights the Threat of Social Engineering

REvil Ransomware Behind Attack on the World’s Largest Meat Producer

Fake Positive Reviews Mask Spoofed Browser Extensions

Get the latest about social engineering

Subscribe to CyberheistNews