Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.


Recent Posts

IBM: Phishing is the Most Common Way to Gain Access to Victim Networks

New research from IBM shows four reasons why phishing attacks are still effective and remains the primary attack vector in 41% of cyberattacks.
Continue Reading

KnowBe4 Top-Clicked Phishing Email Subjects for Q2 2022 [INFOGRAPHIC]

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally clicked on in ...
Continue Reading

Nearly Half of Organizations Have Experienced Vishing

Forty-seven percent of organizations have experienced voice phishing (vishing) attacks over the past year, according to researchers at Mutare. Additionally, the researchers found that ...
Continue Reading

New Report Reveals that Ransomware and Business Email Compromise Attacks Cause Nearly 70% of Cyber Incidents

Do you know your organizations true security risk and where to prioritize your resources? A new report from Palo Alto Networks sheds some light on these questions and shows multiple ...
Continue Reading

[BEWARE] Microsoft and Facebook are the Most Abused Brands for Phishing Attempts

We all know that big brands can be exploited by bad actors in order to execute successful phishing attacks. Now a new study is showing phishing attacks leveraging big brands Microsoft and ...
Continue Reading

Malvertising With Google Ads

Researchers at Malwarebytes warn that a large malvertising campaign is exploiting Google ads to redirect users to phishing sites.
Continue Reading

Microsoft USB Scam Shows the Importance of Security Awareness Training

Just when you thought scammers couldn't get more tricky in their attacks, this example will prove you wrong. One of our KnowBe4 colleagues shared this LinkedIn post on a recent very ...
Continue Reading

Ransomware Groups Get Smaller and More Social

The Colonial Pipeline ransomware attack of 2021 put infrastructure operators on notice that they were directly in the crosshairs of big ransomware gangs. The reaction of law enforcement ...
Continue Reading

[Heads Up] Huge Losses Caused By Epidemic of ‘Pig Butchering’ Scams

Investigative reporter Brian Krebs reported today that U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of ...
Continue Reading

FBI Warns of Phony Cryptocurrency Investment Apps

Cryptocurrency investors have lost nearly $43 million to fraudulent cryptocurrency investment apps, according to the US Federal Bureau of Investigation (FBI).
Continue Reading

Cybersecurity Should be an Issue for Every Board of Directors

With so many Boards focused on operations, revenue, strategy, and execution, they completely are forgetting the simple fact that a single cyberattack can bring all that to a screeching ...
Continue Reading

New Multi-Factor Authentication Prompt “Bombing” Attacks Give Access to Laptops, VPNs, and More

While multi-factor authentication (MFA) significantly reduces an organization’s threat surface by making the stealing of credentials much harder, a new attack takes advantage of phone ...
Continue Reading

Copyright Claim Email is a LockBit Ransomware Phishing Attack in Disguise

The latest iteration in Copyright Claim scams is an evolution of this repeated attack method that has proven to get the attention – and response – of victims over the last few years.
Continue Reading

Phishing Kit Imitates PayPal

Researchers at Akamai have discovered a PayPal phishing kit that attempts to steal victims’ identities as well as their financial information. The phishing page looks identical to ...
Continue Reading

New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials

A new wave of social media phishing attacks are now using scare tactics to lure victims into sending their logins.
Continue Reading

Ransomware Group Conti Reaches 40 Successful Attacks in a Single Month

In less than 2 years, the most successful ransomware group to date has reached new levels of campaign and individual attack effectiveness, targeting over 160 industries worldwide.
Continue Reading

Phishing Attacks are the Most Prevalent Source of Identity-Related Breaches

Cybercriminals almost always need to leverage credentials as part of just about any kind of cyberattack. To no surprise, phishing and social engineering play a dominant role.
Continue Reading

Facebook-Themed Scam Aims to Steal Your Credentials

A creative mix of phishing emails, solid social engineering, use of Facebook Messenger, brand and site impersonation, and a sense of urgency all add up to a believable attack.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews