Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Stu Sjouwerman

Chief Executive Officer & President

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.


Recent Posts

New York State Warns of Credential Stuffing

New York Attorney General Letitia James has released a guide to help businesses defend themselves against credential stuffing attacks. Credential stuffing is a type of brute-force attack ...
Continue Reading

Cryptocurrency Scam Profits Jump 81% in 2021 to $7.7 Billion

Despite a drop in crypto scams in 2020 due to the pandemic, a new report highlights the massive growth in crypto scams… and the profitable results they’re yielding.
Continue Reading

Reducing Stress with CBD Is the Latest Theming for Phishing Attacks

Spanning three languages and at least 15,000 unique phishing emails, this latest phishing campaign targets stressed out workers in the U.S. and France, avoiding detection and promising to ...
Continue Reading

Copyright Infringement Notice to Instagram Users Serves as Newest Phishbait

Scammers are sending phony accusations of copyright infringement to Instagram users in a new phishing attack, Paul Ducklin writes at Naked Security. The scammers are taking advantage of ...
Continue Reading

Shoulder Surfing is Still a Thing for Successful Social Engineering Attacks

Social engineering isn’t concerned with either novelty or elegance. All that matters is whether it works. ESET’s Jake Moore described a case in point for We Live Security: all someone ...
Continue Reading

2023 Resolution: "I'll Be A Certified Security Awareness and Culture Professional (SACP)™"

Your organization's cyber threat landscape is changing lightning fast. So, your security awareness skills need to stay razor sharp, and are increasingly viewed as critical to protect your ...
Continue Reading

Amazon Token Crypto “Presale” Scam Takes Advantage of News Hype and Steals Your Real Cryptocurrency

The growing interest in new cryptocurrencies and the potential to get in early on Amazon’s supposedly forthcoming crypto has scammers taking victims for thousands of dollars.
Continue Reading

New “Karakurt” Threat Group is Gaining Attention Through Multiple and Frequent Extortion Attacks

A new warning from Accenture Security highlights this new cybercriminal group making waves that focuses on a "data breach and extortion” MO rather than relying on ransomware.
Continue Reading

Omicron-Themed Phishing Campaign is Running Rampant

A mean-spirited phishing campaign is mocking victims after infecting their devices with Dridex malware, according to Lawrence Abrams at BleepingComputer.
Continue Reading

Organizations Worldwide Experience Over 722 Million Attacks in the Last 30 Days!

Analysis of data collected by Internet and security services vendor Akamai shows an unimaginable number of cyberattacks, demonstrating how frequently these attacks are happening.
Continue Reading

Conti Ransomware Affiliate Attacks Australian Utilities Giant's Corporate Network

While news reports indicate no impact to the utilities company’s ability to deliver electricity to its’ customers, this could be the start of attacks on critical infrastructure in ...
Continue Reading

Google Takes a Step Towards Reducing the Use of Calendar Invitations as Phishing Tools

Doing their part, Google adds new functionality that defaults to automatically adding Google-based calendar invites to a victim’s calendar to lower the malicious value of an invite.
Continue Reading

West Virginia Healthcare Breach Traced to Phishing

Monongalia Health System in West Virginia has disclosed a data breach that exposed sensitive patient and employee information.
Continue Reading

[Eye Opener] New Phishing Research Shows 37% of Sites Had More Than a Day Downtime

More than half (55%) of phishing attacks target IT departments, according to research commissioned by OpenText. Additionally, nearly half of survey respondents said they had fallen for a ...
Continue Reading

New Nigerian Phishing Scams Target U.S. Military Families with Needed “Services”

With loved ones potentially a half a world away, scammers prey on families with scams that offer to assist with communication, care packages, leave, and more.
Continue Reading

Office 365 “Spam Notification” Phishing Emails Seek to Capture Credentials

A new campaign spotted in the wild uses a tried-and-true method of convincing victims to provide their Office 365 logon credentials to be used in future attacks.
Continue Reading

U.K. Workers Aren’t Concerned about Company Cybersecurity Despite 60% Having Been Victims of a Cyberattack

New data shows a huge disparity between the likelihood of cyberattack against U.K. organizations and their employee’s cybersecurity awareness and vigilance.
Continue Reading

One-Third of Phishing Pages Are Inactive After Just One Day

We’ve always known phishing scammers work very quickly, moving from campaign to campaign, but new data indicates some scammers are moving on in terms of literally hours.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews