Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

KnowBe4 Fresh Content and Feature Updates - June 2019

Check out the content and feature updates in the KnowBe4 platform for the month of June!
Continue Reading

Which Of The Four Types of Social Engineering Is The Most Damaging?

Cybercriminals know that targeted social engineering attacks lead to the highest payoffs, so the frequency and sophistication of these attacks is guaranteed to increase, writes Jasmine ...
Continue Reading

See Ridiculously Easy Security Awareness Training and Phishing in Action! July 2019 KMSAT Live Demo

Old-school awareness training does not hack it anymore. Your email filters have an average 10-15% failure rate; you need a strong human firewall as your last line of defense. Join us ...
Continue Reading

1.5 Billion Gmail Calendar Users are the Target of a Crafty New Phishing Scam

Users of Google’s Calendar app are being warned about a scam that takes advantage of the popularity of the free service and its ability to schedule meetings easily.
Continue Reading

New KnowBe4 Benchmarking Report Unveils That Untrained Users Pose The Greatest Risk To Your Organization

KnowBe4, has released the new Phishing by Industry Benchmarking Report to measure an organization’s average Phish-prone percentage, which indicates how many of their employees are likely ...
Continue Reading

No, Mr. McAfee is Not Giving Away Money

Cryptocurrency giveaway scams are making a comeback, with fraudsters posing as John McAfee, Elon Musk, and the Tesla company, BleepingComputer reports.
Continue Reading

Chinese Hackers Infiltrate Global Telecom Networks With Spear Phishing

The WSJ revealed a brazen hack by Chinese state-sponsored bad actors who totally owned more than 10 global telecom networks, and had full admin access to their networks. They were able to ...
Continue Reading

"Elaborate" Identity Takeover Fraud Hits Australian Businesses

A new procurement scam has netted at least $1.5 million from Australian companies in New South Wales over the past few weeks, according to 10 daily. The scammers are posing as ...
Continue Reading

[NEW FEATURE] KnowBe4 User Event API Helps You Tailor Security Awareness Training Based on Custom User Risk Events

You already know the importance of frequent year-round simulated phishing attacks and security awareness training for your users to help you build a more resilient and secure ...
Continue Reading

CyberheistNews Vol 9 #26 [Heads-up] The U.S. Launched A Cyber Attack On Iran, And We're Expecting Spear Phishing Strike Backs

CyberheistNews Vol 9 #26 [Heads-up] The U.S. Launched A Cyber Attack On Iran, And We're Expecting Spear Phishing Strike Backs The tension in the Middle-East apparently prompted a ...
Continue Reading

Is Compliance Security’s Worst Enemy?

KnowBe4’s Data-Driven Defense Evangelist, Roger Grimes, explains why compliance and security are not aligned, and why compliance actually hurts security.
Continue Reading

Phishing Attacks Go Mobile as Cybercriminals Leverage Push Notifications

Taking advantage of the inherent trust in mobile content, the bad guys are using a mixture of phishing text messages and look-alike sites to trick users into giving up credentials.
Continue Reading

[Heads-up] The U.S. Launched A Cyber Attack On Iran, And We're Expecting Spear Phishing Strike Backs

The tension in the Middle-East apparently prompted a game-changing move by the U.S. President.  Washington Post sources say exactly 10 years after Stuxnet, the President approved a ...
Continue Reading

UK Forensic Crime Labs Shut Down Due To Ransomware Attack

Every police force across England and Wales has been forced to prioritize evidence for forensic testing following a criminal cyber attack affecting one of the primary forensic service ...
Continue Reading

FBI Alert: Last Week Conflict With Iran Can Cause Spear Phishing Retaliation

This blog post has been superseded by a more recent one.  You can find this new post here.
Continue Reading

Phishing Campaign Impersonates Email Alerts From DHS

An ongoing email-based phishing scam is attempting to fool recipients into opening malicious attachments disguised as notifications from the U.S. Department of Homeland Security (DHS), ...
Continue Reading

Why Do Organizations Still Under-report Cybercrime?

It’s estimated that organizations aren’t engaging with Law Enforcement when becoming a victim of a cybercrime in large numbers. We cover 5 reasons why organizations don’t.
Continue Reading

New Survey Uncovers Primary Challenges in Creating A Security Culture

New survey data from security vendor nCipher uncovers why organizations are finding it difficult to engage users to participate willingly in security-minded processes and behaviors.
Continue Reading

The Fake French Minister In A Silicone Mask Who Stole Millions

Identity theft is said to be the world's fastest-growing crime, but in sheer chutzpah there can be few cons to match the story of the fake French minister and his silicone mask.
Continue Reading

Maryland governor signs order to boost cybersecurity after Baltimore ransomware attack

The Hill reported: "Maryland Gov. Larry Hogan (R) on Tuesday signed an executive order aimed at strengthening the state’s cybersecurity capabilities, a month after a debilitating ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews