Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

Retail is in Trouble: 77% Of Retail Organizations Have Been Hit by Ransomware

With Retail seeing and feeling the impact of more ransomware attacks than nearly every other industry, a new report focuses in on what the repercussions look like for this sector… and ...
Continue Reading

“Browser-in-the-Browser” Phishing Technique Spotted in New Steam Account Attack

Luring victims using a realistic- and legitimate-looking fake browser window to steal Steam accounts, this new type of social engineering may be a sign of things to come.
Continue Reading

Phishing Campaign Targets GitHub Users

GitHub has issued an alert warning of a phishing campaign targeting users by impersonating the popular DevOps tool CircleCI, BleepingComputer reports. The phishing emails inform users ...
Continue Reading

[New Feature] Managing Your Risk and Compliance Tasks Just Got Easier with KCM’s Jira Integration

We’re thrilled to announce that Atlassian Jira integration support is now available with KnowBe4’s KCM GRC platform.
Continue Reading

Security Practices Are Improving, But Cybercriminals Are Keeping Up

A survey by the Spanish GetApp software rating site has found that the number of organizations using phishing simulations has risen from 30% in 2019 to 70% in 2022. Despite this positive ...
Continue Reading

Phishing Attacks Reach an All-Time High, Quadrupling That of Early 2020

New quarterly data from the Anti-Phishing Working Group shows unprecedented phishing activity with increases in BEC, use of social media, vishing, and smishing.
Continue Reading

Social Engineering Targets Healthcare Payment Processors

The US Federal Bureau of Investigation (FBI) has issued an alert warning of an increase in phishing and other social engineering attacks against healthcare payment processors.
Continue Reading

[HEADS UP] Bank of America Warns About Recent Scams That Request Zelle Payment Due to 'Suspicious Activity'

Bank of America recently sent a customer service email warning users to watch out for this new phishing attack.
Continue Reading

Uber security breach 'looks bad', caused by social engineering

It was all over the news, but ZDNet's Eileen Yu was one of the first. -- "Hacker is believed to have breached Uber's entire network in a social engineering attack, which one security ...
Continue Reading

Phishing from a French Government Career Website

Attackers are exploiting a legitimate French government website to send phishing messages, according to researchers at Vade. The website, Pôle Emploi, is a career site for companies ...
Continue Reading

[MSP News] Manage Your Multiple KnowBe4 Accounts Faster with Managed Training and Phishing Rolled Into One

You wanted the ability to manage both phishing and training campaigns across multiple KnowBe4 accounts, and we listened!
Continue Reading

Cisco Attempt Attributed to Lapsus$ Group

Security researchers at Cisco Talos have issued an update on the cyberattack Cisco sustained earlier this year. The attack began with a phishing attack against a Cisco employee, which led ...
Continue Reading

[HEADS UP] The Online Scams exploiting Queen Elizabeth's Death are Here

The Sun just reported that experts are sending a warning about online scams in relation to Queen Elizabeth's passing.
Continue Reading

Scammer Continues Phishing From Prison

Dutch authorities have announced that an imprisoned scammer was running a phishing operation from his jail cell, Cybernews reports. The crook used four mobile phones to post malicious ads ...
Continue Reading

Ransomware Gangs Improve Attack Speed and Evade Detection with New "Intermittent Encryption" Tactic

As ransomware gangs look for new ways to improve their execution, this relatively new encryption tactic has been gaining popularity in multiple ransomware families.
Continue Reading

Striving for 100% Completion Rates: Getting Compliance on Your Compliance Training

You might think 100% completion rates on any employee training sounds too good to be true. But, getting compliance on your compliance training is possible!
Continue Reading

Report: 80% of Phishing Attacks Leverage Legitimate Web Infrastructure and Services

Threat actors are taking advantage of every free tool and service they can to improve their changes of successfully fooling security solutions, with compromised websites taking the lead.
Continue Reading

Gaming-Related Phishing Trends

Researchers at Kaspersky have found that the vast majority of gaming-related malware lures are targeted at Minecraft players. Roblox came in at a distant second, and the researchers note ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews