Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

Books

Cyberheist E-Book

Find all of Stu's books on Amazon

REvil Springs Back to Life and Hits a Fortune 500 Company

Sep 6, 2022 11:00:00 AM By Stu Sjouwerman

The previously-thought defunct cybercriminal gang appears to not only reopened for business but has re-established themselves as a major threat by touting 400GBs of stolen data.

The Number of Phishing Attack Cases in Japan Hit an All-Time High

Sep 6, 2022 10:30:00 AM By Stu Sjouwerman

The number of reported cases of phishing to Japan’s Council of Anti-Phishing reached over 100,000 in July, just as a notice of scams impersonating Japan’s National Tax Agency is released.

Instagram Phishing: Scammers Exploit Instagram Verification Program

Sep 4, 2022 12:16:10 PM By Stu Sjouwerman

Researchers at Vade warn that an email phishing campaign is informing users that their Instagram account is eligible to receive a blue verification badge. If a user clicks the link, ...

Fraud Warning from DHS OIG

Sep 2, 2022 8:45:00 AM By Stu Sjouwerman

The Department of Homeland Security’s Office of the Inspector General (DHS OIG) has issued an alert to warn that scammers are posing as DHS employees.

Your KnowBe4 Fresh Content Updates from August 2022

Sep 2, 2022 7:00:00 AM By Stu Sjouwerman

Check out the 50 new pieces of training content added in August, alongside the always fresh content update highlights and new features.

Phishing Attacks Leveraging Legitimate SaaS Platforms Soars 1100%

Aug 31, 2022 9:30:27 AM By Stu Sjouwerman

As threat actors look for ways to evade detection by security solutions, the use of cloud applications has seen a material jump in the last 12 months, according to new data.

Phishing and Malicious Emails Are Still the Primary Initial Attack Vector

Aug 31, 2022 9:30:19 AM By Stu Sjouwerman

As cybercriminals continue to evolve their techniques, they continue to rely on phishing as the most successful tried and true method of initial attack, according to new data from Acronis.

LockBit Ransomware Group Steps Up Their Game with Triple Extortion as the Next Evolution

Aug 31, 2022 9:30:12 AM By Stu Sjouwerman

After suffering a taste of their own medicine as part of a response effort from victim organization Entrust, LockBit appears to have bounced back even stronger than before.

Lost in Translation? New Cryptomining Malware Attacks Based in Turkey Cause Suspicion

Aug 31, 2022 9:30:07 AM By Stu Sjouwerman

Researchers at Check Point warn that attackers based in Turkey are distributing cryptomining malware via free software distribution websites, including Softpedia and uptodown. The ...

[KREBS ON SECURITY] How 1-Time Passcodes Became a Corporate Liability

Aug 30, 2022 11:45:43 AM By Stu Sjouwerman

[The following article is at it appears at Krebs on Security here.] Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes ...

The Extent of Social Engineering

Aug 30, 2022 10:25:14 AM By Stu Sjouwerman

Researchers at NordVPN have published the results of a survey that found that 84% of Americans have experienced some form of social engineering, although only 54% have heard of the term ...

CyberheistNews Vol 12 #35 [Heads Up] Check This Highly Sophisticated LinkedIn Job Offer Scam

Aug 30, 2022 9:18:32 AM By Stu Sjouwerman

Researchers warn of darkverse emerging from the metaverse

Aug 26, 2022 8:03:03 AM By Stu Sjouwerman

ARN just reported: "The metaverse is seen by many companies as a great business opportunity and for new ways of working. Security provider Trend Micro, however, warns in a recent research ...

State-Based Cyberattacks to be Excluded from Lloyd’s of London Cyber Insurance Policies

Aug 25, 2022 9:14:31 AM By Stu Sjouwerman

As cyber insurers evolve their understanding of the cyber attack landscape, who’s responsible, and what’s at stake, a logical next step is taken by Lloyd’s to better isolate what is ...

The Crypto Collapse Will Only Add Fuel to the Cyberattack Fire

Aug 25, 2022 9:14:22 AM By Stu Sjouwerman

Despite the crypto market’s loss of over $1 trillion in value since the beginning of the year, the value of the digital currency isn’t what makes it a popular choice for cybercriminals.

BlackByte Ransomware Gang Comes Back to Life with a New Extortion Strategy

Aug 25, 2022 9:14:14 AM By Stu Sjouwerman

First debuted in July 2021, this ransomware gang that engages in their own attacks and offers a RWaaS model, has come back into the limelight offering victims several extortion payment ...

Phishing Remains the Initial Infection Vector in 78% of Attacks Against OT-Heavy Industries

Aug 25, 2022 9:14:05 AM By Stu Sjouwerman

Companies heavily reliant on operational technology (OT) to function are just as much a target as businesses relying in traditional IT and are facing some of the same challenges to stop ...

Report: Deepfakes Used in Scams

Aug 25, 2022 9:13:56 AM By Stu Sjouwerman

Scammers created a deepfake video of Patrick Hillmann, Chief Communications Officer at cryptocurrency exchange Binance, in order to scam people. Hillmann explained in a blog post that he ...

[HEADS UP] Highly Sophisticated Job Offer Scam

Aug 25, 2022 8:55:44 AM By Stu Sjouwerman

If you've been approached by recruiters on LinkedIn for a potential job opportunity, you may want to pay attention to this recent scam.

Dueling Clauses, or, not all Fraud is the Same

Aug 24, 2022 10:47:04 AM By Stu Sjouwerman

There are, famously, three things you can do with risk: accept it, mitigate it, or transfer it. And you transfer risk by buying insurance against it.

Security Awareness Training Blog

View Topics