Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

Here Is A New Term For Your Cybercrime Glossary: Vendor Email Compromise (VEC)

Agari’s latest Email Fraud & Identity Deception Trends report highlights the growing threat of vendor email compromise (VEC), according to SecurityWeek. This is a variety of business ...
Continue Reading

Exactly Why Is Replying to Phishing Attacks A Really Bad Idea?

PhishLabs warns that replying to a phishing email, even if you know it’s a scam, can lead to further attacks. Most phishing campaigns are automated and replying to them puts you on a ...
Continue Reading

The Cold War Was Like Being Hit With A Club. Cyber War is Being Stung With A Syringe

America's Cold War with Russia was fought with the threat of mutually assured destruction using atomic weapons. Being hit with a nuke is very much like being whacked over the head with a ...
Continue Reading

APWG Q3 Report: Phishing Attacks at Highest Level in Three Years

According to the APWG’s new Phishing Activity Trends Report, the number of phishing attacks continued to rise into the autumn of 2019. The total number of phishing sites detected by APWG ...
Continue Reading

You Need To Start Thinking Differently About This Whole "Insider Threat" Concept

In order to defend against insider threats, you need an accurate picture of the problem. The CyberWire’s Carole Theriault spoke to a number of industry experts about insider threats and ...
Continue Reading

Ransomware Attack Blocks Hundreds Of Law Firms From Their Trial Records

I could not come up with a better scenario to get sued by a pack of angry lawyers. Reams of digital legal documents have been held hostage under a ransomware threat to TrialWorks, a ...
Continue Reading

Healthcare Industry Names KnowBe4 As The 2019 Top Rated Platform For Cybersecurity Training & Education

Black Book Market Research LLC surveyed over 2,876 security professionals from 733 provider organizations to identify gaps, vulnerabilities and deficiencies that persist in keeping ...
Continue Reading

American Nikkei Employee Falls For Social Engineering Scam And Loses 29 Million Dollars

Phil Muncaster at InfoSec Mag had the (painful) scoop: "Media giant Nikkei has become the latest firm to suffer a humiliating Business Email Compromise (BEC), after it admitted losing ...
Continue Reading

Phishing Kits Hosted on More than Six Thousand Domains

Akamai’s 2019 State of the Internet / Security Report found that 6,035 domains were being used to host 120 different phishing kits, according to BleepingComputer. The phishing kits ...
Continue Reading

[Heads Up] Scam Of The Week: Phishing Attacks Using Better Benefits And Pay Raise Bait

Millions of employees use KnowBe4's Phish Alert Button to report suspect emails, and thousands of organizations share these reports with us. This has become a fascinating threat source, ...
Continue Reading

KnowBe4 Fresh Content & Features Updates - October 2019

Check out the content and feature updates in the KnowBe4 platform for the month of October! 
Continue Reading

Webroot Threat Researchers Take a Fresh Look at Phishing Tactics

Most people aren’t aware of how sophisticated phishing email templates and websites have become, according to David Dufour from Webroot. Dufour recently told the CyberWire that criminals ...
Continue Reading

SAVE THE DATE!! KnowBe4 User Conference - April 15-17, 2020

KnowBe4’s third annual KB4-Con user conference will be held at the Gaylord Palms Resort & Convention Center in Orlando, FL. KnowBe4 customers get twofree event passes per organization! ...
Continue Reading

KnowBe4 Achieves FedRAMP Authorization from the US Federal Government

On October 25, 2019, KnowBe4 became the first and only security awareness training and simulated phishing provider to receive FedRAMP authorized status. We are very proud of this ...
Continue Reading

Captain Awareness Has A Halloween Message For You

Think Before You Click! 
Continue Reading

It's Benefits Enrollment Season Again...And That Means Prime Phishing Season!

By Eric Howes,  KnowBe4 Principal Lab Researcher. Not content just to make tax season even more miserable than it already is, malicious actors are increasingly maneuvering to capitalize ...
Continue Reading

[Heads-Up] North Korean Malware Found On Indian Nuclear Plant's Network

I am not a happy camper. This is exactly why I have been insisting on security awareness training for employees at critical infrastructure organizations. This could have been a Real Life ...
Continue Reading

Lessons Learned From Vishing Robocall Attacks In Mandarin

Among the specialized forms of vishing are those that target specific language communities. Chinese-speaking people in the US and around the world are increasingly being targeted with ...
Continue Reading

Join Us for a Live Demo on Simulated Phishing and Awareness Training

See Ridiculously Easy Security Awareness Training and Phishing in Action!
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews