Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

1 in 3 IT Organizations Have no Cyberattack Incident Response Plan

Despite increases in ransomware attacks, ransom amounts and how often payments are made, new data shows organizations aren’t responding in kind and putting response plans in place.
Continue Reading

Ex-Bank of America Employee Charged with Business Email Compromise Money Laundering

A three-person team – including a personal banker at Bank of America – have been indicted for reportedly being behind a BEC scam that took 5 companies for over $1.1 Million.
Continue Reading

We Are Official Guinness World Records Holders!

It gives us great pleasure to announce that Eskenzi PR, KnowBe4 and OneLogin now hold the Guinness World Records® title for the Most views of a cybersecurity lesson video on YouTube in 24 ...
Continue Reading

Iranian Phishing Campaigns Are Running Rampant

Researchers at Google’s Threat Analysis Group (TAG) are tracking phishing campaigns by the Iranian threat actor APT35 (also known as Charming Kitten). The attackers used compromised ...
Continue Reading

Two-Thirds of Organizations Have Been a Target of Ransomware

The latest data reveals ransomware’s pervasiveness throughout every industry, size, and type of organization, confirming its’ place as the number one cyberthreat today - and a glaring ...
Continue Reading

U.S. Treasury Puts Out New Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments

An update to the October 2020 advisory, the U.S. Treasury warns companies to mitigate ransomware attacks rather than paying ransoms to threat actors that pose a threat to national ...
Continue Reading

Hospitals Respond to Influx of Ransomware Attacks by Increasing Budgets

The ransomware onslaught on hospitals and healthcare organizations is being seen as the catalyst for boards to shift operational priorities and put more focus on cybersecurity initiatives.
Continue Reading

A Novel Form of Homographic Attack

A phishing campaign is using mathematical symbols to impersonate Verizon’s logo, according to researchers at Verizon. The emails use either a red square root symbol or a logical NOR ...
Continue Reading

U.K. Residents Experience a 116% Increase in Nuisance Calls, Texts, and Emails in 2021

New data from the U.K.’s Information Commissioner’s Office (ICO) shows a massive rise in the first six months of this year – and the belief that cyberattacks are to blame.
Continue Reading

Warning: Cybercriminals Target Organizations Going Through M&A Activity

The changing of hands of significant amounts of money is enough reason to get the attention of cybercriminals. So, how can organizations prepare for what should be an expected series of ...
Continue Reading

NIST on Phishing Awareness

People need to be conscious of the fact that anyone can fall for social engineering tactics, according to Shaneé Dawkins at NIST, the US National Institute of Standards and Technology. ...
Continue Reading

Man Spends Thousands and is Exposed for Typosquatting with Cryptocurrency

A man in Brazil spent more than $200,000 on typosquatting domains between November 2020 and February 2021, the Washington Post reports. Typosquatting is a phishing technique in which ...
Continue Reading

IBM: ”Phishing Is A Popular Cybercrime Attack Vector”

Researchers at IBM describe how criminals use phishing kits to launch widespread phishing campaigns with minimal effort. Phishing kits are software products that automate the process of ...
Continue Reading

Dutch Government Can Respond to Ransomware Attacks with Armed Forces if Needed

According to a recent article from The Record, Dutch government officials stated that intelligence or military services can be used to counter cyber-attacks. This includes ransomware, ...
Continue Reading

What’s Next for the 3.8 Billion Entries in the Clubhouse-Facebook Database? Plenty of Social Engineering Attacks

What do you get when you add a totally free 1.3 Billion set of phone numbers and data from millions of Facebook profiles? A massive dox database of users now up for sale for $100,000.
Continue Reading

When It Comes to Password Hygiene, Users Say One Thing, But Do Another

With credentials being at the forefront of most cyberattacks, the need for strong, unique passwords is at an all-time high. But new data shows users know what to do, but don’t do it.
Continue Reading

U.K. Authorized Push Payment Scams Jump 71% in First Half of 2021, Taking in £355 Million

Surpassing credit card fraud in the U.K., scamming victims into sending money to a fraudulent bank account has taken the lead spot in fraud scams that could cost U.K. residents more than ...
Continue Reading

KnowBe4 Celebrates Winning a Tech Cares Award From TrustRadius

For the second consecutive year, we received a Tech Cares Award from TrustRadius! This second annual award celebrates companies that have gone above and beyond to provide strong Corporate ...
Continue Reading

Framing the Social Engineering Risk in Business Terms

C-suite employees need to understand the risk posed by social engineering attacks, according to CSO. Terry Thompson, adjunct instructor in cybersecurity at Johns Hopkins University, told ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews