Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

[Heads Up] The Chinese Have Likely Hacked Your Exchange Email Server

Think Your Cyber Insurance is Going to Cover that $6 Million in Cyber Fraud? Think Again.

1 in 4 Business Email Compromise Attacks Use Lookalike Domains to Trick Victims

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Vendor Email Compromise is Officially A Big (Seven-Figure) Problem

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Someone Hacked The Four Top Russian Cybercrime Forums In One Month

KnowBe4 Fresh Content Updates from February: Including New Season 3 of 'The Inside Man' Now Available

[ALERT] New Stanford Research: 88% Of Data Breaches Are Caused By Human Error

Most Phishing Emails Are After Credentials

POTRAZ Warns of Phishing Scams

CyberheistNews Vol 11 #09 [Heads Up] New Ryuk Ransomware Strain Now Worms Itself To All Your Windows LAN Devices

Universal Health Services Becomes Next Victim of Ryuk Ransomware, Costing $67 Million

By Their Poor Idiomatic Control Shall Ye Know Them

Hacking Multifactor Authentication: An IT Pro’s Lessons Learned After Testing 150 MFA Products

[HEADS UP] New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

New York State Education Department Warns of Phishing Campaign

Phishing Attacks Double in 2020 While Carrying the Highest Month of Attacks on Record

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency

Microsoft Dominates as the Most Impersonated Brand in Phishing Attacks

[Heads Up] New Ryuk Ransomware Strain Now Worms Itself To All Your Windows LAN Devices

New scary good deepfake videos of Tom Cruise show the threat to society is very real

[Heads Up] Ransomware and Phishing Attacks Are Not Going Away in 2021

Phishing Catch of the Day: Your Inbox Will be Deactivated

The Dilemma: Best-of-Breed Stand-Alone or a Bundled Suite of tools?

Phishing Targets Industrial Control Systems

Bogus FedEx and DHL Phishbait

Running Headfirst Into a Breach

CyberheistNews Vol 11 #08 [Eye Opener] Major Video Game Maker Refuses to Negotiate With Ransomware Cyber Criminals

More NHS-Themed COVID-19 Vaccine Phishing

[HEADS UP] Texas Electric Company Warns of Scam Involving Losing Power

The First Documented Russian Hack in...1981?

U.K. Phishing Attack Targets Those Seeking the COVID-19 Vaccine

Be on the Watch for W-2 Phishing Scams!

The Cybersecurity Book You Should Read

Popular Car Company Becomes Next Target in $20 Million Dollar Ransomware Attack

KnowBe4 Named a January 2021 Gartner Peer Insights Customers’ Choice for Security Awareness Computer-Based Training Across Three Categories

KnowBe4 Adds New Language Localization Options to its Security Awareness Training and Simulated Phishing Platform

The DOJ Charged Two Alleged Members of North Korea’s Military Intelligence Services With a Scheme That Included Attempts to Steal $1.3 Billion Over the Past Half-Decade for Pyongyang

Redirection to Zero Days

Does Your Domain Have an Evil Twin? Find Out for a Chance to Win!

Bogus Bug Reports as Phishbait, Scams

Microsoft Finds 80% of Organizations Encounter an Increase in Security Threats Due to Remote Workers

Microsoft: SolarWinds attack took more than 1,000 engineers to create

CyberheistNews Vol 11 #07 [HEADS UP] New Phishing Attack Uses Morse Code to Avoid Detection By Your Email Scanners

Phishing and Impersonated Brands

Caught by a CAPTCHA?

A Ransomware Victim Refuses to Pay

New Novel Campaign Targeting Security Researchers Uses Really Creative Social Engineering to Fool Victims

New Phishing Scam Uses Fake PPP Loans to Trick Victims into Giving Up Personal Information

Dutch Intelligence Agencies Warn About Chinese and Russian Cyber Espionage

[Heads Up] Growing Collaboration Among Criminal Groups Heightens Ransomware Triple Threat

[Scary?] AI Can Now Learn To Manipulate Human Behavior

Phishing for Love

[New E-Book] Comprehensive Anti-Phishing Guide

It’s Not Only About the URL

[HEADS UP] NHS Issues Warning as UK COVID-19 Vaccine Scams Are Still Running Rampant

US Gmail Users Are Preferred Phishing Targets

New Phishing Attack Uses Morse Code to Avoid Detection by Email Scanners

New Phishing Attack Uses Google Firebase to Trick Microsoft and Achieve a Spam Confidence Level of Just 1

Cannabis Company Loses Millions in BEC Scam

CyberheistNews Vol 11 #06 [Heads Up] Email Phishing Is Now the Top Ransomware Attack Vector

[World Premiere] KnowBe4’s New Season 3 of Netflix-Style Security Awareness Video Series - ‘The Inside Man’

Three Tips to Stay Safe on the Road and the Information Superhighway

The Three Best Things You Can Do To Improve Your Computer Security

There’s Still No Real Answer to the Ransomware Epidemic

Every Employee is Part of Your Security

Cold Reality Dawns: Covid-19 Is Likely Here to Stay But Your Employees Are Vulnerable

How the United States Lost to Hackers, And Why The New President Wants To Fix It With 10 Billion Dollars

One-Fourth of a SOC’s Life Is Researching Sketchy Emails

SOC teams spend nearly a quarter of their day handling suspicious emails

Hackers are Winning the Cyberwar, Largely Because They Target People

Using Legitimate Services to Bypass Phishing Protections

[On-Demand Webinar] A Master Class on IT Security: Roger Grimes Teaches Ransomware Mitigation

CyberheistNews Vol 11 #05 [Heads Up] CISA's New War on Ransomware Awareness Campaign

UK Research and Innovation Becomes Next Victim Hit with Ransomware

[Heads Up] Email Phishing Is Now the Top Ransomware Attack Vector

Trickbot is Targeting the Legal Sector

KnowBe4 graduates to become one of Okta's most popular apps by number of customers

KnowBe4 Fresh Content Updates from January: Including 'The Inside Man' Season 3 Official Trailer

[HEADS UP] New Phishing Kit Spotted on Over 700 Domains

Beware the Long Con Phish

Data Privacy and Fingerprints

2021 Begins a New Decade of Privacy

NSA Warns Against Using Third-Party DNS and Encourages DNS Over HTTPS

Australians Experienced over 200K Scams in 2020 Costing Over A$176 Million

UK Insurer Defends the Coverage of Ransomware Payments

A UK Case Study: Recognizing COVID-19 Phishing

Microsoft: "Congrats KnowBe4 On being One Of The Top Apps In 2020"

CyberheistNews Vol 11 #04 [NEW] The 10 Phases of Organizational Security Awareness

Confident About Detecting Spoofed, Scam Emails?

CISA's New Anti-Ransomware Campaign

KnowBe4 Unveils Official Trailer for ‘The Inside Man’ Season 3

Thousands of Stolen Credentials Accessible via Google Search as Cybercriminals Accidentally Make Them Public

Microsoft Continues to Dominate as the Leading Brand Impersonated in Phishing Attacks

Motivations of Phishing Criminals

The Many Ways You Can Be Phished

World Economic Forum: COVID Makes Cybersecurity Problem No. 1

Interpol Warns of Romance Scams

[INFOGRAPHIC] Q4 2020 Work From Home Phishing Emails on the Rise

Charming Kitten Phishing and Smishing Attacks Use Legitimate Google Links and a Tricky Redirection Strategy to Fool Security Solutions

CyberheistNews Vol 11 #03 [Heads Up] Now Here Is Some Exciting Certification News... :-D

Familiar Advice, but Worth Repeating

Data Activist Group Publishes Exfiltrated Ransomware Data Previously Available Only on the Dark Web

Social Engineering is a Core Element of Nearly Every Cyber Attack

The 10 Phases Of Organizational Security Awareness

Vaccine Research Companies are the Target of New Ransomware Attacks

68% of Organizations Experiencing One Cyberattack Experience a Second Within 12 Months!

Healthcare Sees Double the Increase in the Amount of Ransomware Attacks Since November

Google Finds an Alarming Thousands of Phishing Sites Everyday in 2020

Employees Are Too Trusting of Workspace Tools

CyberheistNews Vol 11 #02 [Heads Up] Was SolarWinds Really a Daisy Supply Chain Attack?

How Crime Pays, Ransomware Edition

How to Spot the (Phish) Hook

[On-Demand Webinar] Discover 5 Major Threats to Your Digital Supply Chain and How to Reduce Your Vendor Risk

Social Media & Parler in Troubling Times: New Opportunities for Malicious Actors

Email Scammers Impersonate U.S. Government Agencies Offering Pandemic Financial Assistance

It’s Time for Organizations to Begin Propping Up the Human Firewall

Fake Scandal Video Serves Malware

SolarWinds Hit With Class-Action Lawsuit Following Orion Breach

[Heads Up] Was SolarWinds Really A Daisy Supply Chain Attack?

KnowBe4 Wins Multiple 2021 "Best of" Awards From TrustRadius

PayPal Phishing: “Your Account is Limited”

[HEADS UP] Australian Cyber Security Centre is Being Used in Malware Campaign

Welcome to The InfoSec Neighborhood!

It Looks Like Chinese Cybercriminal Group APT27 May Be Shifting to Ransomware Attacks

A Close Look at a Banking Scam

See Ridiculously Easy Security Awareness Training and Phishing

CyberheistNews Vol 11 #01 [Heads Up] Your Top 2021 Cyber Security Challenge: Securing Those Remote Employees

[On-Demand Webinar] Malicious Browser Notifications: The New Phishing Attack Not Blocked by Your Current Cyber Defense

Why Small Businesses Often Say ‘Why Bother?’ When Dealing With Cybercrime

2020 Phishing Attack Report Shows Over Half of Respondents Noticed Increase in Attacks

Signs of Inbound Ransomware

Securing Remote Employees is the Top 2021 Cybersecurity Challenge for Organizations

Phobos Ransomware Is Alive and Well, Targeting SMBs and Asking for Ransoms of $19K

Scammers Use a $100 Amazon Gift Card to Deliver the Banking Trojan Dridex to Their Victims

2020 Top Phishing and Vishing Attacks And Trends

Beware of Puppy Scams

How to Start a Successful Security Awareness Training Program

What You Need to Know About DMARC

CyberheistNews Vol 10 #53 [Heads Up] Here's Some Powerful Ammo to Grab More of Your Year-End InfoSec Budget

BEC Attacks Nearly Doubled in 2020

Cybercriminals Attempt to Exploit Australian Fears on COVID-19

A Friend Needs Money Urgently? You're Probably Getting Scammed

KnowBe4 Fresh Content Updates from December: Including New 2021 KnowBe4 Flagship Training Modules

[Heads Up] Here's Some Powerful Ammo To Grab More Of Your End-Of-Year InfoSec Budget

How Can You Be More at Risk With MFA?

Private Online Shopping Risks Affect Businesses, Too

FireEye's Mandia on SolarWinds hack: 'This was a sniper round'

Just 8% of U.K. Firms Offer Regular Security Training

Wedbush Analyst: "Cybersecurity spending will increase 20% in 2021 Due To SolarWinds."

[HACK ALERT] Here Is A Whole New Way Cyber Criminals Empty Out Your Bank Account

CyberheistNews Vol 10 #52 [Heads Up] Recent SolarWinds MFA Bypass Attack Pushes the Limits

Eye-Opening Password Predictions: Remote Work Will Increase Risk for Data Breaches

No, it's not You in the Facebook Video... it's a Phishing Link

KnowBe4 is not a SolarWinds Orion Customer

MountLocker Ransomware Provides a Glimpse into What’s Next in Ransomware-as-a-Service

Beware! The Holidays Bring the Worst Out in Cyber Scammers

New Office 365 Credential Scam Uses a Received Fax to Trick Victims

The Cost of Ransoms Demanded and Paid Double in 2020!

Over Half of Users Admit to Reusing the Same Password on Multiple Accounts

A Christmas poem to remind everyone to stay safe for the Holidays!

[NEW PhishER Feature] Use Security Roles to Create a Multi-Tiered Incident Response System in PhishER

[INFOGRAPHIC] 2020 Holiday Phishing Red Flags

Learning More on Social Engineering Tactics are the Key to Preventing Phishing Expeditions

Solarwinds MFA Bypass Attack Pushes Limits

University-themed Phishbait Angles for Students

CyberheistNews Vol 10 #51 [HEADS UP] They're Here! The COVID-19 Vaccine Phishes Finally Arrive

Facebook Describes APT32 Social Engineering Campaign

New Security Doc For Your End-users: "The Iceberg"

[HEADS UP] New York DMV Warns of Phishing Attack

85% Of Employees are More Likely to Leak Files Now Than Pre-Coronavirus

Zoom Phishing is Still Rampant

Data Breaches Are Expected to Decline While Ransomware and BEC Gain Steam

5 Tips For Consolidating Remote Work Tech Debt

All 200 Million Office 365 Users at Risk by a New Global Spear Phishing Attack Spoofing

Shame! Shame! I Got Phished

CISA Emergency Directive: Pull Plug On SOLARWINDS ORION NOW.

Just How Far Can Three Cybercriminals Reach? How about 150 Countries!

Check Point Says to Expect More Shipping and Delivery Phishing Emails This Season

Who’s on the Phone? It’s the Ransomware Guys “Encouraging” You to Pay the Ransom!

Updates on Vishing

GDPR Compliance Scams Rising

They're Here! COVID-19 Vaccine Phishes Finally Arrive

Why Are You Being Phished?

Embarrassment is Better Than Regret - Report Suspected Phishing Emails

You know it's going to be a long day when...

CyberheistNews Vol 10 #50 [Scam of the Week] Warn Your Employees About New Zoom Phishing Attacks

Election-themed Phishing is Likely to Persist

Phishing Campaign Targets COVID Vaccine Cold Supply Chain

Ransomware Gangs Are Now Cold-Calling Victims If They Restore From Backups Without Paying

Exploits Leveraging Excel 4.0 Macros Increase as Organizations Continue to Rely on this Legacy Technology

BEC Scam Litigation Demonstrates How Your Company Can Be Out $500,000

New “Back to Work” HR-Themed Phishing Scam Works to Steal Internal User Credentials

Think Tanks Targeted by APT Actors

How Are Credential-Theft Phishing Websites Avoiding Detection? They Just Invert the Website Background

Number of Phishing Websites Double and Unique Phishing Campaigns Triple in Q3

Maze Ransomware Group Retires (Retires!), Leaving a Gap in the Ransomware Marketplace

[On-Demand Webinar] When the Bad Guys Hide in Plain Sight: Hacking Platforms You Know and Trust

KnowBe4 Fresh Content Updates from November: Including A New Holiday Training Resource Kit

Get the latest about social engineering

Subscribe to CyberheistNews