Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Eric Howes

Recent Posts

Not Your Father's Tech Support Scam

Over the past month or so customers using the Phish Alert Button (PAB) have been reporting a curious wave of what initially appeared to be run-of-the-mill tech support scam emails. As it ...
Continue Reading

Social Media & Parler in Troubling Times: New Opportunities for Malicious Actors

As most readers are undoubtedly aware, President Donald Trump has been de-platformed by major social media companies, including Twitter and Facebook, following events at the U.S. Capitol ...
Continue Reading

They're Here! COVID-19 Vaccine Phishes Finally Arrive

Anticipating that media attention surrounding the development and distribution of COVID-19 vaccines would undoubtedly spur malicious actors to launch new vaccine-themed phishing ...
Continue Reading

The COVID-19 Vaccine: The Next Wave of Coronavirus Phishing Emails & What You Can Do About It

With infection rates once again soaring in the United States and other countries around the world, the race to produce a COVID-19 vaccine has generated welcome news for a population ...
Continue Reading

All Con, All the Way Down: Bad Guys Spoof Phishing Link Hover Texts

At the heart of almost every phishing email is a spoof. In malicious emails spoofing is the art of deceptively imitating something or someone trusted by users in order to gain their ...
Continue Reading

Threatening Election Emails Land in Florida Inboxes

If you checked the news this morning, you probably noticed a story getting plenty of play on mainstream news sites: threatening election-themed emails sent to recipients in three states, ...
Continue Reading

[HEADS UP] Cybercriminals Launch Phishing Campaign to Capitalize on President's Health

As we predicted just a few days ago, malicious actors are now exploiting the media firestorm surrounding President Donald Trump's diagnosis late last week with COVID-19.
Continue Reading

Malicious Actors Crash U.S. Election: Spoofed Emails Attempt to Gather U.S. Voter Registration Data

Unless you recently beamed down from Mars, you are undoubtedly aware that election season is upon us in the United States. Indeed, the upcoming U.S. Presidential Election is currently ...
Continue Reading

They're Back: Bad Guys Spoof KnowBe4 Again

Earlier this week customers using the Phish Alert Button (PAB) began reporting yet another round of spoofed KnowBe4 security awareness training emails.  The emails reported are fairly ...
Continue Reading

Malicious Actors & State Actors: IT Admins Targeted with Fake Warning Notice

By Eric Howes,  KnowBe4 Principal Lab Researcher. For several years both Google and Yahoo have been warning users about potential attacks on their accounts by "state actors." Indeed, ...
Continue Reading

Phishing with Slack-Files.com: Bad Guys Find Yet Another Free Host for Malicious Files

Slack, the ubiquitous communication and collaboration platform, has been getting more and more attention over the past few months as a potential phishing platform and target for malicious ...
Continue Reading

An Embarrassment of Riches: Malicious Actors Target AWS Accounts

Amazon is an obvious target for malicious actors looking to leverage the trust and authority enjoyed by a widely known online service or brand in malicious emails and social engineering ...
Continue Reading

Phishing with Canva: Bad Guys Exploit Graphic Design Platform

Late last year we reported that Microsoft Sway, an online presentation program, was being exploited by malicious actors to host malicious files used in phishing attacks. Since then, ...
Continue Reading

FOLLOWUP: Small Business Administration Phishing Campaign

On Wednesday August 12 the Dept. of Homeland Security issued an alert concerning a phishing campaign using malicious spoofs of the Small Business Administration's (SBA) web site. The ...
Continue Reading

SBA Phishing: Malicious Actors "Return to Roots" in the Hunt for Money

By Eric Howes, KnowBe4 Principal Lab Researcher. The COVID-19 pandemic continues to dominate news headlines as well as the development of malicious email attacks designed to separate ...
Continue Reading

Re-Opening the American Economy? Malicious Actors Have a Plan...

By Eric Howes,  KnowBe4 Principal Lab Researcher.  If you've been following the news over the past week or so then you know that a robust debate has opened at federal, state, and local ...
Continue Reading

Struggling with the Whole WFH Thing? Fear Not! The Bad Guys are Here to Help!

By Eric Howes, KnowBe4's Principal Lab Researcher.  Over the past month we have provided readers with regular updates on the growth and development of Coronavirus-themed phishing emails ...
Continue Reading

They're Here! COVID-19 Stimulus Check Phishes Finally Arrive

Last week the FBI warned Americans to be on the look-out for malicious emails attempting to bamboozle users with news surrounding economic fiscal stimulus checks that were to be delivered ...
Continue Reading

[Heads-Up] Feeding Frenzy: COVID-19 Phishing Attacks Surge as U.S. Reels from Pandemic

By Eric Howes,  KnowBe4 Principal Lab Researcher. Having already published three blog pieces on the epidemic of Coronavirus-themed phishing emails and spam/scam offerings online (see ...
Continue Reading

Secret Service Warning: Exploiting the Coronavirus for Fraud and Profit.

By Eric Howes,  KnowBe4 Principal Lab Researcher. On Monday of this week we published a review of the coronavirus-themed emails that had been reported to us by customers using the Phish ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews