Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

By the Way, There's No Draft - Smishing Campaign Alert

Scammers are sending phony text messages (aka Smishing or SMS Phishing) informing people in the US that they’ve been drafted by the US Army, according to Army Times.
Continue Reading

Log4j - Kevin Mitnick Explains One of the Most Serious Vulnerabilities in the Last Decade

The Log4j vulnerability caused widespread panic for IT professionals when it was uncovered.  Sleepless nights followed for many. But a shortage of time and manpower has left this ...
Continue Reading

Phishing Attacks Impersonating LinkedIn are up 232% in the Last Month Alone!

During the period the world has dubbed “the great resignation”, phishing scammers are shifting tactics to take advantage of those looking for a new career or place of employment.
Continue Reading

FBI: Scammers Take Business Email Compromise Attacks to Virtual Meeting Platforms

In a new twist on an old scam, BEC attacks switch from email to a virtual meeting where social engineering tactics are used to further establish credibility and increase the likelihood of ...
Continue Reading

CISA: 2021 Cyberattack Trends Indicate Increases in Global Ransomware Attacks

New advisory sees critical infrastructure once again in the crosshairs and makes critical recommendations to both protect against ransomware and to reduce its’ impact.
Continue Reading

Your KnowBe4 Fresh Content Updates from February 2022

Check out the 28 new pieces of training content added in February, alongside the always fresh content update highlights and new features.
Continue Reading

What It's Like to Be the Face of Romance (Scams)

A real US Army colonel named Daniel Blackmon is being impersonated in hundreds or even thousands of romance scams, according to Haley Britzky at Task & Purpose. The scammers took ...
Continue Reading

Gain Insight into Where Your Organization Stands with the Security Culture Maturity Model

We’re thrilled to introduce the Security Culture Maturity Model, the industry’s first maturity model specifically geared to measure security culture!
Continue Reading

Data Breach Volumes in the U.S. Grow by 10% in 2021

New data shows despite decreases in global data breach levels (-5%) in 2021, the U.S. experienced proportionally more data breaches than in the previous year.
Continue Reading

Timely “Help Ukraine” Online Crypto Scams Take in Millions

A new series of "help Ukraine" donation posts have sprouted up across the Internet, but are really a cryptocurrency scam enticing users send crypto donations to counterfeit addresses.
Continue Reading

FBI: SIM Swapping Attacks See More Than 500% Increases in The Number of Attacks and Monetary Losses

With mobile devices used as secondary authentication, threat actors have been stepping up activity, looking for ways to transfer phone numbers to cybercriminal-controlled devices.
Continue Reading

UK ICO Sees a Massive Increase in Targeted Email Attacks

New data obtained from the UK’s Information Commissioner’s Office by think tank Parliament Street shows an unprecedented rise in attacks against the UK’s information rights organization.
Continue Reading

Phishing Emails Warn of a Suspicious Login From Russia

Researchers at Malwarebytes warn that a phishing campaign is informing users that someone logged into their account from an IP address in Moscow. The email contains a button to report the ...
Continue Reading

CyberheistNews Vol 12 #09 [Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk

[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk   Email not displaying? | View Knowbe4 Blog   CyberheistNews Vol 12 #09  |   Mar. 1st., 2022 [Heads Up] The Ukraine ...
Continue Reading

Scammers Will Take Advantage of New IRS Rules

New IRS requirements will soon be used as phishbait, according to Gene Marks, owner of Marks Group PC and a columnist for the Guardian.
Continue Reading

Russia Could “Absolutely” Lash Out at US Through Cyber, Lawmaker Warns

NextGov reports: "Chairman Sen. Mark Warner, D-Va, gives an opening statement as FireEye CEO Kevin Mandia, SolarWinds CEO Sudhakar Ramakrishna and Microsoft President Brad Smith testify ...
Continue Reading

Wartime Suffering as Phishbait

It’s easy to forget, when a hybrid war like the one currently raging in Ukraine is occupying so much attention, that ordinary criminal lowlifes continue to seek victims, and the war only ...
Continue Reading

[EYES OPEN] The Kremlin Propaganda Machine Now Works Overtime. INFOGRAPHIC

With an ongoing land war in Ukraine, everyone needs to be alert for the Kremlin's parallel disinformation campaigns. Many people simply are not aware of the massive amount of false data ...
Continue Reading

[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk

The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec ...
Continue Reading

When the Phishers Want a Reply, not a Click

A sextortion phishing campaign is targeting French speakers accusing them of viewing child abuse content, according to Paul Ducklin at Naked Security. The emails purport to come from the ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews