Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Recent Posts

When It Comes to Password Hygiene, Users Say One Thing, But Do Another

With credentials being at the forefront of most cyberattacks, the need for strong, unique passwords is at an all-time high. But new data shows users know what to do, but don’t do it.
Continue Reading

U.K. Authorized Push Payment Scams Jump 71% in First Half of 2021, Taking in £355 Million

Surpassing credit card fraud in the U.K., scamming victims into sending money to a fraudulent bank account has taken the lead spot in fraud scams that could cost U.K. residents more than ...
Continue Reading

KnowBe4 Celebrates Winning a Tech Cares Award From TrustRadius

For the second consecutive year, we received a Tech Cares Award from TrustRadius! This second annual award celebrates companies that have gone above and beyond to provide strong Corporate ...
Continue Reading

Framing the Social Engineering Risk in Business Terms

C-suite employees need to understand the risk posed by social engineering attacks, according to CSO. Terry Thompson, adjunct instructor in cybersecurity at Johns Hopkins University, told ...
Continue Reading

Your KnowBe4 Fresh Content Updates from September

With 52 new pieces of training content added this month, check out the always fresh content update highlights and new features from the month of September.
Continue Reading

[On-Demand Webinar] 5 Things You Need To Know About Ransomware Before It's Too Late

Cybercriminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. And few organizations are prepared to ...
Continue Reading

Telecom Company Responsible for Routing Billions of Text Messages Annually Acknowledges Multi-Year Breach

Mentioned in passing as part of a Securities and Exchange Commission (SEC) filing, Syniverse admits to hackers having access for five years, potentially impacting millions of mobile phone ...
Continue Reading

Phishing: Low- Middle- and High-Level

Phishing attacks have varying levels of technical sophistication, according to Mark Nicholls from Redscan. In an article published by ITProPortal, Nicholls explains that the lowest level ...
Continue Reading

New James Bond Movie is Cybercriminals Shiniest Phishbait

Cybercriminals are using the new James Bond movie, No Time to Die, as phishbait, the National reports. Researchers at Kaspersky warn that malicious ads and phishing sites are claiming, ...
Continue Reading

Hackers rob thousands of Coinbase customers using phishing attacks and an MFA flaw

Bleepingcomputer was first to report: "Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company's ...
Continue Reading

Phishing Attacks Maintain “New Normal” Elevated Levels into the Middle of 2021

New data from the Anti-Phishing Working Group (AWPG) shows the Q2 of 2021 showed similar phishing activity to that of Q1, indicating no slowdown in attacks.
Continue Reading

90% of All Cyber Attacks on Organizations Involve Social Engineering

It’s official: threat actors and cybercriminal gangs alike are enlightened and have locked in on the use of social engineering as the primary means to trick recipients into becoming ...
Continue Reading

Phishing Campaign Impersonates Zix Messages

Researchers at Armorblox have spotted a credential phishing campaign that’s impersonating encrypted communications from Zix. The emails contain a link to download an HTML attachment.
Continue Reading

Europol: Italian Mafia Tied to Cybercriminals Responsible for €10 Million in Cyberattacks

The recent dismantling of a cybercriminal gang has uncovered ties to the Italian Mafia, demonstrating that even traditional organized crime is moving to cyber.
Continue Reading

5th Circuit Court Finds Cyber Insurer Must Pay for $1 Million Social Engineering Attack

A simple social engineered Business Email Compromise attack resulted in fraud that the cyber insurer contended was not covered under the policy.
Continue Reading

Phishing Kits and Phishing-as-a-Service Responsible for Over 300,000 URLs Used in Phishing Attacks

Lowering the barrier to market even more, this new Phishing as a Service (PhaaS) spotted by Microsoft puts quality phishing templates and sites into the hands of any would-be cyber ...
Continue Reading

Someone's Impersonating the California DMV in Texts

The California DMV has warned of an ongoing smishing campaign seeking customers’ personal and financial information, Pasadena Now reports.
Continue Reading

Google Ads Abused to Deliver Malware

Cybercriminals are using malicious Google Ads to deliver the ZLoader banking Trojan, ZDNet reports. Researchers at Microsoft stated on Twitter that attackers are purchasing Google Ads ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews