Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Security Awareness Training Can Help Defeat Deepfake and AI Phishing

Vishing Gang Takes Victims for “Tens of Millions” Using Little More than Social Engineering

The Israel-Palestine Conflict is the Latest Example of Phishing Attacks Taking Advantage of Current Events

Criminals Are Cautious About Adopting Malicious Generative AI Tools

Top Four Security Tips for Cyber Safety on National Computer Security Day

Your KnowBe4 Fresh Content Updates from November 2023

No One Knows How Online Pharmacy Company was Hit with a Data Breach Impacting 2.3 Million Customers

QR Code Phishing Campaigns on the Rise

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Users Fall for Smishing Attacks 6-10 Times More Than Email-Based Attacks

Who Knew Neanderthals were so High-Tech?

CyberheistNews Vol 13 #48 Bloomberg Crypto Channel Hack Exposes Discord Users to Phishing Attacks

My Top 7 Cybersecurity Reflections for 2024

Initial Access Broker Activity Doubles in One Year’s Time

Huntress Finds Business Email Compromise (BEC) Increases In Q3, 2024

New Data Covers How the Retail Market is at Greater Risk of Industry-Specific Cyberthreats

Digital Skimming Increases by 50%, Just in Time for the Holiday Season

Phishing Attacks Expected to More Than Double During the Black Friday and Cyber Monday Shopping Week

Visa Warns of Increased Phishing Scams During Holiday Season

Old Bloomberg Crypto Account Bio Link Used in Discord Phishing Attack

73% of Organizations Affected by Ransomware Attacks Globally in 2023, According to Statista

CyberheistNews Vol 13 #47 [Heads Up] FBI Warning: How Callback Phishing Makes It Past All Your Filters

With Expected Increases of Holiday Sales Comes Similar Expectations of More Cyber Scams

Cybercrime Group "Scattered Spider" is a Social Engineering Threat

KnowBe4 Integrates With Cisco Duo To Streamline Secure Sign Ins

Johnny Jet's $3,000 Podcast Scam Nightmare – Unveiling the Elaborate Con that Hijacked his Facebook Kingdom

QR Code Phishing Attacks Surging

[Keynote Announcement] See Rachel Tobac at KB4-CON 2024!

BlackCat Ransomware's New SEC Reporting Tactic: Turn Regulations Against Victims

How to Help "Frequent Clickers" Become More Mindful

New ASD Cyber Threats Report Shows A Cybercrime Incident Is Reported in Australia Every Six Minutes

AI-Manipulated Media Through Deepfakes and Voice Clones: Their Potential for Deception

It’s Official: Scams Via Email and Text are Inescapable as Nearly Every American Receives Fake Messages Daily

Online Scammer Poses as Skype, Swindles Victims Through Cryptocurrency Scam

1 Out of Every 34 Organizations Worldwide Have Experienced an Attempted Ransomware Attack

[Holiday Resource Kit] The Holiday Season is Here. How Are You Staying Cyber Safe?

CyberheistNews Vol 13 #46 [Heads Up] Cybersecurity Expert: AI Lends Phishing Plausibility for Bad Actors

AI Disinformation Exposed: A Fake "Tom Cruise" Attacks the Olympics

[HEADS UP] FBI Warns About Callback Phishing

What Do the Latest SEC Charges Against Solarwinds’ CISO Mean for CISOs Everywhere?

[INFOGRAPHIC] Original Research: Cybersecurity Challenges Faced by European Infosec Leaders

“Skillful Social Engineering of the IT Support Desk” One of the Most Common Tactics in Ransomware Attacks

KnowBe4 Wins Multiple 2023 Best Of Awards From TrustRadius

New Phishing Campaign Abusing .top Domains

New York Department of Financial Services Strengthens Cybersecurity Regulation

New State of Phishing Report 2023: An Alarming Surge in Phishing Threats

Targeted Social Engineering on the Rise With Lowering Phishing-as-a-Service Costs

Get Ready: International Fraud Awareness Week

CyberheistNews Vol 13 #45 [BUDGET AMMO] The Outstanding ROI of KnowBe4's Security Awareness Training Platform

IT Admins Continue to Use Weak Passwords

Healthcare Sector Experiencing Increases in Ransomware, Ransoms and Downtime

Spear Phishing Becomes Most Common Attack Technique in Q3 2023

Cybersecurity Expert: AI Lends Phishing Plausibility for Bad Actors

Small Businesses are Experiencing More Cyber Attacks

Investigate User-Reported Emails with Ease Through the Powerful Combination of CrowdStrike Falcon Sandbox and KnowBe4 PhishER Plus

WSJ: "SEC Sues SolarWinds Over 2020 Hack Attributed to Russians"

September Sees a 32% Increase in the Number of Ransomware Attacks in Just One Month

Cybercriminal Group Octo Tempest and Its Menacing Phishbait

CyberheistNews Vol 13 #44 [Don't Get Trapped] The Dark History of Phishing and More Social Engineering

Exposed: Scam Artists Mimicking PepsiCo in Phishing Schemes

The Outstanding ROI of KnowBe4's Security Awareness Training Platform

New Amazon-Themed Phishing Campaign Targets Microsoft Live Outlook Users

[Live Demo] Customizing Your Compliance Training to Increase Effectiveness

Your KnowBe4 Fresh Content Updates from October 2023

Celebrating Cybersecurity Awareness Month with KnowBe4: Insights from Our Valued Customers

Human-Crafted Phishing Emails Only Three Percent More Successful Than AI-Generated Ones, According To IBM

[On-Demand Webinar] The Role of AI in Email Security and How Real-Time Threat Intelligence Can Supercharge Your SOC Team

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

FBI Warns of North Korean Social Engineering Tactics and Recruitment/Hiring of IT Workers

[Cybersecurity Awareness Month] Mindful Defense: Enchantments Against Spear Phishing By Breachatrix le Phish

Leadership Less Involved in Cyber-Preparedness Despite a Majority of Orgs Thinking Data Loss from a Cyber Attack Likely in the Next 12 Months

Most Organizations Believe Malicious Use of AI is Close to Evading Detection

Functionality Misuse from Multiple Legitimate Company Websites is the Latest Example of ‘Site Hopping’

One Out of Every Eight Emails Found to be Malicious as Attackers Continue to Hone Their Skills

Vietnam-Based Cyber Groups Using Fake Job Postings to Deliver Malware

CyberheistNews Vol 13 #43 Phishing Attacks Surge by 173% In Q3, 2023; Malware Threats Soar by 110%

A Brief History of Phishing, and Other Forms of Social Engineering

QR Code Phishing on the Rise: The Alarming Findings From the Hoxhunt Challenge

Phishing-as-a-Service: As Simple As Uploading A Logo

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

Phishing Attacks Surge By 173% In Q3, 2023; Malware Threats Soar By 110%

[Cybersecurity Awareness Month] How To Stop the Ransomwolf Attacks: Similarities to the Werewolves Terrors

Cyber Insurers Note Ransomware Claims Rose Significantly in the First Half of 2023

Summit Sabotage: Malicious Phishing Campaign Hits Female Political Leaders Using Social Engineering

CyberheistNews Vol 13 #42 [DISINFO ALERT]: Israel-Hamas War Causes a Deluge of Dis- And Misinfo

Phishing Tests Start The Virtuous Cycle Of A Strong Security Culture

Exponential Deepfake Porn is Out of Control And a Huge Security Risk

Subscribe to CyberheistNews, Now Available on LinkedIn!

9 in 10 CISOs Report at Least One Disruptive Cyberattack in the Last Year

60% of Organizations are Very Concerned About the Potential Impact of Ransomware Attacks

53% of Organizations Experienced Cyber Attacks

Should You Use Controversial Simulated Phishing Test Emails?

KnowBe4 Named a Leader in the Fall 2023 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

New Research: Phishing Remains the Most Popular Technique for Bad Actors

Beware of Bogus Roborock Retailers: The Perils of Misleading URLs in E-Commerce

“Human-Operated” Ransomware Attacks Double in the Last Year

Harvested Credentials Are Put Up for Sale Monthly on the Dark Web at a Rate of 10,000 a Month

New Cyber Attack Techniques Will Not Replace Old-School Social Engineering

Business Email Compromise Attempts Skyrocket in the Last Year

[INFOGRAPHIC] KnowBe4’s SecurityCoach: Top 10 Integrations

KnowBe4 Named a Leader in the Fall 2023 G2 Grid Report for Security Awareness Training

[Cybersecurity Awareness Month] Password Security: Do Not Get Bit by Count Hackula

[DISINFORMATION ALERT] Israel-Hamas war causes deluge of dis- and misinformation

Smishing Triad Threat Actor Sets Its Sights on the UAE

CyberheistNews Vol 13 #41 [Risky New Data] More Than Half of Phishing Scams Now Use Obfuscation

74% of CEOs Concerned About Their Organization's Ability to Protect Against Cyber Attacks, Despite Seeing Cybersecurity as Critical

Register for KB4-CON EMEA 2023 Now!

Ransomware Attack Dwell Time Drops by 77% to Under 24 Hours

One Out of Five Organizations Must Improve Their Security Posture to be Eligible for Cyber Insurance

Healthcare Industry Witnesses 279% Increase in Business Email Compromise Attacks in 2023

Energy Sector Experiences Three Times More Operational Technology Cybersecurity Incidents Than Any Other Industry

Stay a Step Ahead of your #1 Downtime Threat - Business Email Compromise

The Role of AI in Email Security and How Real-Time Threat Intelligence Can Supercharge Your SOC Team

Clorox Experiences Significant Financial Loss Stemming From Recent Cyber Attack

[Risky New Data] More than Half of Phishing Scams Now Use Obfuscation

New Gartner Forecast Shows Global Security and Risk Management Spending to Increase by 14% in 2024

[FREE RESOURCES] Celebrate Cybersecurity Awareness Month This October with our Cyber-Monsters!

Senior Executives Beware: The Rise of EvilProxy Phishing Campaigns

Malicious URLs In Phishing Emails: Hover, Click and Inspect Again

Open-Source Intelligence (OSINT): Learn the Methods Bad Actors Use to Hack Your Organization

[Cybersecurity Awareness Month] Spoofy Steve's Business Email Compromise Scams You Need to Watch Out For

Generative AI and the Automation of Social Engineering Increasingly Used By Threat Actors

[HEADS UP] Aurora Police Department Warns of Contactless Payment Processors Scams

CyberheistNews Vol 13 #40 Why BJ Fogg and Daniel Kahneman Are Big Security Pro Must-Knows

Lazarus Attack on Spanish Aerospace Company Started with Messages from Phony Meta Recruiters

New SMS Phishing Campaign Impersonating The US Postal Service

Security Awareness Is Dead. Long Live Security Awareness

Your KnowBe4 Fresh Content Updates from September 2023

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

[Heads Up] China Invests Billions in Huge Global Disinformation Campaign

Ransomware Now Considered a “Crisis” in the Financial Services Sector

It’s Official – Generative AI Has Made Phishing Emails Foolproof

Threat Group UNC3944 Continues to See Success Using Text-Based Social Engineering

Pharma Industry Seeing Reduction in Data Breach Costs, But Still Have Much to Do

Facebook Messenger Becomes the Delivery Mechanism for Infostealer Malware Attack

How Zero-Point Fonts in Phishing Emails Make Them Look Safe

Cyber Insurance Claims Increased by 12% in First Half of 2023, Attacks More Frequent and Severe Than Ever

[Cybersecurity Awareness Month] Frankenphisher – The Monster of Social Engineering Artificial Intelligence

[HEADS UP] If You're a LastPass User, You May be the Next Phishing Email Target

New Threat Actor Impersonates the Red Cross to Deliver Malware

[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoach

Exploring the DORA: Key Takeaways from the New EU Financial Sector Risk Regulation

Why BJ Fogg and Daniel Kahneman Are Big Security Pro Must-Knows

Ukrainian Military Targeted in Sophisticated Phishing Attack Using Drone Manuals

Practical Insights To Improve Security Awareness in Higher Education

Deepfakes: The Threat to Reality and How To Defend Against It

CyberheistNews Vol 13 #39 How Chinese Bad Actors Infected Networks With Thumb Stick Malware

New Wave of Hospitality Phishing Attacks: Compromise User Credentials, Then Go Phish

Organizations Starting to Understand the Impact of Ransomware, But Their Efforts Not Enough to Overcome Infostealer Malware

[NEW RELEASE]: Unleash the Power of Cybersecurity Education with KnowBe4’s 'Hack-A-Cat' on Roblox

Cybercriminals Use Google Looker Studio to Host Crypto Scam to Steal Money and Credentials

Tools From Cybercrime Software Vendor W3LL Found to be Behind the Compromise of 56K Microsoft 365 Accounts

MFA Defenses Fall Victim to New Phishing-As-A-Service Offerings

[YIKES] AI Now Enables Subliminal Image "Inception"

Chinese Spies Infected Dozens of Networks With Thumb Drive Malware

New SEC Rules Add Challenges in Uncertain Cyber Insurance Market

Vanishing Act: The Secret Weapon Cybercriminals Use in Your Inbox

Scam-as-a-Service Classiscam Expands Impersonation in Attacks to Include Over 250 Brands

USPS Customers Become the Latest Target of the Chinese Smishing Group Called “Smishing Triad”

Tighter Policies Mixed with Higher Costs Are Creating a Cyber Insurance Gap

TikTok Impersonations of Elon Musk Scam Victims of Their Bitcoin

Data Breach Costs Rise, But Cybersecurity Pros Still Take Risks

China's Cyber Offensive: FBI Director Reveals Unmatched Scale of Hacking Operations

Romance Scams That Run Your Crypto Wallet Dry

CyberheistNews Vol 13 #38 No Dice for MGM Vegas As It Battles Ransomware Attack Downtime

The International Joint Commission Falls Victim to Ransomware Attack; 80GB Of Data Stolen

[New PhishER Feature] Immediately Add User-Reported Email Threats to Your M365 Blocklist

Mark Cuban’s MetaMask wallet drained nearly $900,000 in suspected phishing attack

The BISO Secret Weapon: Enhancing Collaboration for Cybersecurity and Business Growth with Nicole Dove

91% of Cybersecurity Professionals Have Experienced Cyber Attacks that Use AI

New Phishing Attack Uses Social Engineering to Impersonate the National Danish Police

Hacker Deepfakes Employee's Voice in Phone Call to Breach IT Company

New Scam Impersonates QuickBooks to Steal Credentials, Extract Money

Microsoft (Once Again) Tops the List of Most Impersonated Brands in 2023

Board Members' Lack of Security Awareness Puts Businesses at Risk of Cyber Attacks, Finds Savanti Report

No Dice for MGM Las Vegas as It Battles Fallout from Ransomware Attack After a 10-minute Vishing Scam

MGM Suffers Ransomware Attack that Started with a Simple Helpdesk Call

Can Someone Guess My Password From the Wi-Fi Signal On My Phone?

Can You Guess Common Phishing Themes in Southeast Asia?

AP Stylebook Data Breach Compromises Customer Personal Information

CyberheistNews Vol 13 #37 Scary New IT Admin Attack Exposes Your MFA Weakness

Phishing Scammers are Using Artificial Intelligence To Create Perfect Emails

Cybercriminals Selling "Golden Tickets" to Phish Microsoft 365... $500,000 in Sales in 10 Months

Microsoft Teams Phishing Campaign Distributes DarkGate Malware

[dot]US Domain Exploited for Phishing

Organizations Tie Executive Pay to Cybersecurity Performance Hoping To Enhance Protection Against Hackers

New Telekopye Phishing Toolkit Uses Telegram-Based Bots To Turn Novice Scammers into Experts

Brand Impersonation Hits a New High with as Many as 73 Lookalike Domains Per Brand

Ransomware Attacks Speed up 44% Leaving Less Time for Detection and Response

Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods

Scary New IT Admin Attack Exposes Your MFA Weakness

CISA Says to Exercise Caution For Disaster-Related Malicious Scams

CyberheistNews Vol 13 #36 [Must Know] Top 10 Trends in Business Email Compromise for 2023

How Secure Is Your Authentication Method?

Nearly One-Quarter of Financial-Themed Spam Emails are Phishing Attacks

Cyberattacks Targeting Government Agencies and Institutions Increases in Q2 by 40%

New “Early Warning” System in the U.K. Tips Off Ransomware Targets

New Adversary in the Middle Platform Circumvents MFA Protections “At Scale”

You Asked and Here It Is! KnowBe4's New Content Manager Feature is Unveiled

Labor Day Alert: Mobile Phishing Attacks on the Rise for Remote Employees

Get the latest about social engineering

Subscribe to CyberheistNews