CyberheistNews #3



CyberheistNews Vol 1, #27







Editor's Corner



KnowBe4


[caption id="attachment_1367" align="alignleft" width="150" caption="Stu"]cybercrime[/caption]

My New Book Is Out!



Hi All, I'm very excited to announce my new book: CYBERHEIST.



Why I wrote it? To increase executive level awareness that the bad guys

have moved from simple identity theft to full fledged robbery of corporate

bank accounts (non-profits are targets too), using phishing and scam

tactics that are called 'social engineering'.



Most business owners, C-level executives and people in HR functions simply

do not know this yet, but cyberheists are happening right now as we speak.

Organized cyber crime has developed into a very well funded, sophisticated and technically skilled operation, and their results are very damaging.

Unfortunately, management still has a false sense of security. With the

rapid proliferation of social media and mobile computing, -people- are

now the new security perimeter!



The threat is there, and getting worse. Just have a look at this Google

map overlaid with cases, and that is only the tip of the iceberg, there

are many hundreds more unreported cyberheist cases. You can zoom in and see

the cyberheists in your state and how much money was stolen:

http://www.knowbe4.com/resources/cyberheist-map/



So, do you need some ammo to get more budget for your IT security? You

need state-of-the-art endpoint protection, and I strongly recommend VIPRE

Antivirus for that, but you need to combine it with end-user Internet

Security Awareness Training (ISAT) to be as safe as possible.



Please either forward this link to management and tell them to buy a copy

of the Cyberheist book, or better yet, if you really want to make sure

they get the message, get a copy yourself and give it to them. It's

enlightening, and written for both IT and non-IT people. Everything is

explained in normal terms to make sure we don't put anyone to sleep.



Do me a big favor and tell all your friends? Thanks so much in advance!

Cyberheist is available in paperback and also in a Kindle version. Oh, and

check out the reviews at Amazon.com!

http://www.amazon.com/Cyberheist-financial-American-businesses-meltdown/dp/0983400008/



PS: It might say 'Out of Print', and that is when they run out of stock,

but another 500 have been sent to Amazon, so you can order and they will

ship it the moment they have this new stock.

Quotes of the Week





"A fool thinks himself to be wise, but a wise man knows himself to be a

fool."
-- William Shakespeare.



"Although a soldier by profession, I have never felt any sort of fondness for war, and I have never advocated it, except as a means of peace." -- Ulysses S. Grant.



Please tell your friends about CyberheistNews! They can subscribe here:

http://www.knowbe4.com/about-us/cyberheist-news/

Need more IT security budget? Give This Book To Your Boss



"The book is well crafted and an intoxicating read - I couldn't put it down." - Paul Wright



"Anyone who uses a computer connected to the Internet needs to know this information to protect themselves." - H. Heller



"As both an IT Pro and a businessman, I highly recommend this book for anyone concerned about online threats." - C. Contor



"Stu Sjouwerman informs in a way that managers can understand, and "techies" can relate to. He goes in detail about the oft-overlooked (and in my opinion THE most dangerous) part of online security: The Human Element." - Robert Folden



"If you fall victim to a cyberheist after reading Sjouwerman's book, shame on you." -- Dirk A. D. Smith



Buy and Read Cyberheist!

http://www.cyberheist.com/



KnowBe4

Cybercrime Statistics Expose Five Industries Most Susceptible to

Phishing Attacks



Reuters News Agency reported this week: "Internet Security Awareness Training

(ISAT) firm KnowBe4 has released new cybercrime statistics that identify

the nation's most Phish-prone™ industry sectors, which are those most

susceptible to cybercrime ploys. The top five industries vulnerable to

cybercrime include travel, education, financial services, government

services and IT services. These findings are based on a recent phishing

experiment KnowBe4 conducted among small and medium enterprises (SMEs)

featured in the latest Inc. 500 and Inc. 5000 listings.



"Any business that provides access to email or access to its networks via

the Internet is only as safe from cybercrime to the degree that its

employees are trained to avoid phishing emails and other cyberheist schemes.

The more employees within an organization that use email or go online,

the greater the risk of exposure to cybercrime," said KnowBe4 founder

and CEO Stu Sjouwerman (pronounced "shower-man").



"KnowBe4 conducted a comprehensive data analysis of its FAIL500 study results,

which included categorizing the companies into 25 industry sectors. The

findings revealed that some industries are particularly vulnerable to

cybercrime." Industries with the highest Phish-prone percentages are:



Travel - 25%

Education - 22.92%

Financial Services - 22.69%

Government Services - 21.23%

IT Services - 20.44%



More at:



http://www.reuters.com/article/2011/05/23/idUS112731+23-May-2011+PRN20110523




KnowBe4

How To Stop Your Executives From Being Harpooned



Last year, a senior executive in charge of customer satisfaction at his

company opened an email with the subject "customer complaint" that appeared

to be sent from the Better Business Bureau. He followed a link to see details

of the complaint. "If he had stopped to examine the URL carefully, he would

have seen that it was a trap" -- known as a whaling attack and based on

spear-phishing techniques -- intended to gather information about the

company, says Jonathan Gossels, president of SystemExperts, a security

consulting firm. "But during a busy work day, that hardly happens." The

story is at NetworkWorld:

http://www.networkworld.com/news/2011/052311-how-to-stop-your-executives.html?



KnowBe4

Phishing Your Own Employees is a Must



Following is an excerpt from SC Magazine: For IT Security Professionals. It

highlights the importance of educating organizational employees against the

tactics Cybercriminals will use to hack your company network to access

valuable company information and your bank accounts.



“If you are going to effectively fight this prevalent form of cybercrime

(phishing), you are going to have to have an educated workforce. Since

most colleges don't teach social engineering defense skills, it falls on

the savvy employer to provide education for their employees. I have long

advocated phishing your own employees… “



While it is not that easy to set up an in-house simulated phishing attack

on your employees as the author of the article suggests, you can use an

existing resource set up exactly for that purpose. KnowBe4 provides a

free and safe online way to simulate a phishing attack on as many of

your employees as you want. Go to this link to check it out:

http://www.knowbe4.com/phishing-security-test/



KnowBe4

Average Cost Of Cyberattack: $188,242



In 2010, 74% of small and medium businesses reported they were targeted

for cybercrimes, according to Symantec's 2010 Global SMB Information

survey. The average cost of such attacks was $188,242. Of the more than

2,000 small businesses surveyed around the country, 42% lost confidential

or private data and 40% experienced direct financial costs as a result.

Read more:

http://smallbusiness.foxbusiness.com/technology-web/2011/05/18/cyber-security-roundtable/#ixzz1NJ2gTsP7



KnowBe4

Cyberheist 'FAVE' LINKS:



* This Week's Links We Like. Tips, Hints And Fun Stuff.



SUPER FAVE It's a bird... It's a plane... It's a -- remote controlled flying

superhero. Want to build your own? Detailed plans and instructions available:

http://www.flixxy.com/remote-controlled-flying-superhero.htm



The world's largest and most powerful helicopter can even carry a large

passenger plane:

http://www.flixxy.com/helicopter-carries-a-plane.htm



This is just fun. Airport shenanigans: Riding a bicycle in an airport:

http://www.flixxy.com/airport-bicycle.htm





Video Classic: IBM PC inventor explains how Control + Alt + Delete was born:

http://www.geek.com/articles/geek-cetera/ibm-pc-inventor-explains-how-control-alt-delete-was-born-20110416/



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews