Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    CyberheistNews Vol 10 #17 3 Eye Opening Reasons Why Security Awareness Training Is Even More Critical Now That You Have a Remote Workforce

    CyberheistNews Vol 10 #17
    3 Eye Opening Reasons Why Security Awareness Training Is Even More Critical Now That You Have a Remote Workforce

    In the history of IT and cyberthreats, there has never been a more critical time for organizations to employ security awareness training than now. With employees working from home, the opportunity for cyberattacks to succeed are greatly improved.

    It may appear that, because you have the same security measures in place, you should be equally protected, but there’s one major factor that tips the scales in the favor of the cybercriminal – your users working from home.

    While the shift to have employees work remotely largely focuses on empowering employees to remain productive, despite being away from the office, organizations also need to shore up their security by taking a proactive stance in leveraging security awareness training for three reasons:
    • WFH Employee’s aren’t thinking about organizational security – Think about it; your average remote worker is sitting at a make-shift desk, trying to balance helping their kids with distance learning assignments and attending online meetings. They’re learning new digital workplace platforms, applications, and processes before they even shower for the day. Security is the last thing on an employee’s mind.
    • Cyberattacks focus on employees as targets more than ever – Phishing attacks remain the single-most used attack vector to allow the bad guys direct access to your organization’s endpoints, credentials, applications, and data. If a phishing email is presented to one of your employees, it means your security solutions haven’t detected it as malicious, leaving the employee to be your last line of defense.
    • Attacks and scams are increasingly aligning with remote working – Cybercriminals conjure up scams that seem familiar to users. The use of shipping, billing, and banking stories, as well as the use of impersonated domains, business, and people, all have traditionally worked in favor of the bad guy. But, new scams are being molded around the current work circumstances. For example, we’ve recently seen the massive growth in Zoom-related attacks simply because of Zoom’s increase in popularity for business use. Organizations should expect this to trend.
    Security awareness training does two things very well. First it educates the user on the importance of their participation in the organization’s security. These recent times provide great perspective about how quickly a job can disappear. So, teaching the user that their security efforts make a difference in keeping the organization’s proverbial doors open is an important part of Security Awareness Training.

    In this alternate universe of work scenarios, organizations need to embrace that they need to not just work differently from the in-office ways used just a month ago, but also need to secure differently by putting some of the responsibility onto the user and use them as your last line of defense of your organization’s defensive strategy against cybercriminals.

    Please forward this blog post to your friends:
    https://blog.knowbe4.com/3-reasons-why-security-awareness-training-is-even-more-critical-now-that-you-have-a-remote-workforce
    [NEW PhishER Feature] Remove, Inoculate, and Protect Against Email Threats Faster With PhishRIP

    Your users are likely already reporting potentially dangerous emails in some fashion within your organization. The increase of this email traffic can present a new problem!

    We are excited to announce the availability of PhishRIP™ as part of the PhishER platform. PhishRIP is a new email quarantine feature that integrates with Microsoft Office 365 to help you remove, inoculate, and protect your organization against email threats so you can shut down active phishing attacks fast.

    Since user-reported messages require some level of analysis to prioritize, you need a simple and effective way to not only respond to and mitigate these reported messages, but also find and remove those suspicious messages still sitting in your users’ mailboxes.

    Now you can with PhishER, a product which allows your Incident Response team to quickly identify and respond to email threats faster. This will save them so much time!

    See how you can best manage your user-reported messages.

    Join us TOMORROW, Wednesday, April 22 @ 2:00 PM (ET) for a live 30-minute demonstration of the PhishER platform. With PhishER you can:
    • NEW! Easily search, find, and remove email threats with PhishRIP, PhishER’s email quarantine feature for Microsoft Office 365
    • Cut through your Incident Response inbox noise and respond to the most dangerous threats more quickly
    • Automate message prioritization by rules you set into one of three categories: Clean, Spam or Threat
    • Augment your analysis and prioritization of user-reported messages with PhishML, PhishER’s machine-learning module
    • Meet critical SLAs within your organization to process and prioritize threats and legitimate emails
    • Easy integration with KnowBe4’s email add-in button, Phish Alert, or forwarding to a mailbox works too!
    Find out how adding PhishER can be a huge time-saver for your Incident Response team!

    Date/Time: TOMORROW, Wednesday, April 22 @ 2:00 PM (ET)

    Save My Spot!
    https://event.on24.com/wcc/r/2221022/FCA33FE347D7CCDE3E112C1141036464?partnerref=CHN1
    [Heads-Up] Hacking Attacks Double Against Users Worldwide Who Now Suddenly Work From Home

    Reuters just reported that hacking activity against organizations worldwide more than doubled by some measures last month as cyber criminals took advantage of security weakened by pandemic work-from-home policies.

    Corporate security teams have a harder time protecting data when it is dispersed on home computers with widely varying setups and on company machines connecting remotely, experts said.

    Even those remote workers using virtual private networks (VPNs), which establish secure tunnels for digital traffic, are adding to the problem, officials and researchers said.

    Software and security company VMWare Carbon Black said this week that ransomware attacks it monitored jumped 148% in March from the previous month, as governments worldwide curbed movement to slow the novel coronavirus.

    “There is a digitally historic event occurring in the background of this pandemic, and that is there is a cybercrime pandemic that is occurring,” said VMWare cybersecurity strategist Tom Kellerman.

    “It’s just easier, frankly, to hack a remote user than it is someone sitting inside their corporate environment. VPNs are not bullet-proof, they’re not the be-all, end-all.”

    Using data from U.S.-based Team Cymru, which has sensors with access to millions of networks, researchers at Finland’s Arctic Security found that the number of networks experiencing malicious activity was more than double in March in the United States and many European countries compared with January, soon after the virus was first reported in China.

    The biggest jump in volume came as computers responded to scans when they should not have. Such scans often look for vulnerable software that would enable deeper attacks. Step those users through new-school security awareness training!

    Here is a link to this blog post with a brand-new free Coronavirus resource kit:
    https://blog.knowbe4.com/heads-up-hacking-attacks-double-against-users-who-now-suddenly-work-from-home
    Can You Be Spoofed? Find out for a Chance to Win a 500 Dollar Amazon Gift Card

    Are you aware that one of the first things hackers try is to see if they can spoof the email address of someone in your own domain?

    Now they can launch a "CEO fraud" spear phishing attack on your organization, and that type of attack is very hard to defend against unless your users are highly ‘security awareness’ trained.

    KnowBe4 can help you find out if this is the case with our free Domain Spoof Test. Plus, if you’re in the US or Canada, you'll be entered for a chance to win a 500 Dollar Amazon Gift Card!*

    Find out now if your email server is configured correctly, many are not!

    Try To Spoof Me!
    https://info.knowbe4.com/dst-sweepstakes-mar-apr-2020

    *Terms and Conditions apply.

    Re-Opening the American Economy? Malicious Actors Have a Plan...

    If you've been following the news over the past week or so then you know that a robust debate has opened at federal, state, and local levels in the United States over when and how to "re-open" the U.S. economy. Indeed, some European nations are already cautiously lifting some of the social restrictions imposed to control and suppress the spread of COVID-19.

    Similarly, if you've been following the growth and development of Coronavirus-themed phishing emails over the past few months, you should also not be terribly surprised to learn that malicious actors have their own plan for re-opening businesses across the country.

    Not only do they have a plan, they're starting to share it with your employees, most of whom will be keenly interested to know when they can resume something approaching a normal life after weeks of lockdown and finally return to the office.

    As phishing emails go, the prose here is absolutely pitch-perfect -- something even the most talented of malicious groups often struggle with when crafting social engineering schemes such as this one. The tone and language are familiar and hopeful, yet appropriately cautious and measured.

    Nowhere will you find the hyperbolic excesses of so many of the virus-themed emails we've seen over the past few months. There are a few red flags here, to be sure -- the link, for starters, to say nothing of the From: email address. But your users need to be trained to look for them.

    The payload is that familiar go-to for bad actors pushing dodgy HR announcements: Ye Olde Credentials Phish. Here are some example screenshots from attacks out there in the wild right now. We also have a wide variety of COVID-19 Phishing templates that you can use to inoculate your users against attacks like this:
    https://blog.knowbe4.com/re-opening-the-american-economy-malicious-actors-have-a-plan

    Here is a blog post that shows how you can phish *better* than the bad guys during this pandemic:
    https://blog.knowbe4.com/phishing-better-than-the-bad-guys-during-the-pandemic
    Do Your Users Know What to Do When They Receive a Suspicious Email?

    Should they call the help desk, or forward it? Should they forward to IT including all headers? Delete and not report it, forfeiting a possible early warning?

    KnowBe4’s Phish Alert button gives your users a safe way to forward email threats to the security team for analysis and deletes the email from the user's inbox to prevent future exposure. All with just one click. And now, supports Outlook Mobile.

    Phish Alert Benefits:
    • Reinforces your organization's security culture
    • Users can report suspicious emails with just one click
    • Incident Response gets early phishing alerts from users, creating a network of “sensors”
    • Email is deleted from the user's inbox to prevent future exposure
    • Easy deployment via MSI file for Outlook, G Suite deployment for Gmail (Chrome)
    Give your employees a safe way to report phishing attacks with one click at no-charge!

    Get Your Phish Alert Button Now:
    https://info.knowbe4.com/phish-alert-chn

    Let's stay safe out there.

    Warm Regards,

    Stu Sjouwerman
    Founder and CEO
    KnowBe4, Inc


    PS: See me at the Wall Street Journal Pro Webinar - Wednesday 22nd April: 1pm ET / 10am PT.
    https://blog.knowbe4.com/see-me-at-the-wsj-pro-webinar-wednesday-22nd-april.-1pm-et-/-10am-pt
    Quotes of the Week
    "A small team, committed to a cause bigger than themselves, can achieve absolutely anything." - Simon Sinek, author, speaker (1973 - )

    "They succeed, because they think they can." - Virgil, Poet (70 - 19 BC)


    Thanks for reading CyberheistNews
    Security News
    What the Crooks are Saying About the Pandemic

    Cybercriminals are adapting to the COVID-19 pandemic in a variety of ways, according to Dustin Warren from SpyCloud. On the CyberWire’s Hacking Humans podcast, Warren shared what his company has been seeing as they monitor criminal forums.

    Much of the criminal activity uses the same blueprints as before, but the criminals have revamped their old scams with COVID-19-related themes. Some criminals are selling phishing kits complete with a COVID-19 tracking map as a lure.

    “We actually found on a criminal forum that we track – we found an actor that was offering up sort of a service for people to buy that,” he said. “Essentially, they could buy that service, and he would work with them to help them create their own phishing pretext related to COVID-19 and even would let them use the fake COVID-19 map to deploy their malware.

    That was using Java to basically drop out malware onto the infected machine. And because it was using Java, that specific hit was considered multiplatform. So it would work on OSX, MacBooks, and Windows machines.”

    Criminals are also finding new ways to profit from the crisis by exploiting services whose popularity has grown with the prevalence of social distancing. Warren said online food delivery services are among their targets.

    “So more and more people are using these services to order food online,” Warren said. “And then what we're seeing are criminals are starting to sort of take advantage of...the surge of these people signing up for these services. What'll happen is someone will sign up for some sort of grocery service, and they will reuse a previously compromised credential whenever they sign up for that service.

    And so what will happen is these criminals will check previously compromised credentials from past known breaches against that service and basically will find ways into those accounts. And what they'll do is they'll order food from those accounts for themselves and things like that.”

    Warren added that the nature of the global crisis means that people all over the world are interested in what’s happening, and they’re turning to the Internet for information.

    “A lot of folks out there are really concerned about this, and they're searching for information constantly,” he explained. “It's kind of hard not to, right? Because you want to know what's going on. What are the latest statistics?

    And because people are doing that, they're clicking all this new content. And if you look at the amount of new content that showed up online related to COVID-19, it's absolutely staggering, right? And so it's really hard to determine how much of that is legitimate versus how much of that is, you know, scams or criminals taking advantage of people seeking information.”

    Warren recommends that people use vigilance and education to fight against these tactics. “Well, really just to stay vigilant,” Warren said. “And one of the things you can do to stay vigilant is to educate your employees about what's going on. You really need to say, like, hey, be very careful about the emails that you're getting, especially if they're COVID-19-themed.

    We should always be careful about the emails that we're getting, but, you know, we should have it in the back of our minds that attackers are using this crisis to their advantage right now.”

    New-school security awareness training can instill in your employees a healthy sense of skepticism so they can protect themselves against social engineering, regardless of whether they’re in the midst of a global pandemic.

    The CyberWire has the story:
    https://www.thecyberwire.com/podcasts/hacking-humans/94/transcript
    New Wiper Malware Impersonates Security Researchers as Prank

    A new wiper malware operator has launched a campaign that locks victim’s computers before they can start Windows and then blames the malware infection on two well-known and respected security researchers, Vitali Kremez and MalwareHunterTeam. The campaign has emerged over the past 24 hours.

    Victims have been targeted after downloading and installing software from malicious free software sites. When the victim is locked out of their device, the PC displays a message fraudulently claiming that they were infected by Kremez and MalwareHunterTeam, who have nothing to do with the malware.

    Another variant only names Kremez, as well as disclosing his email addresses and phone numbers.

    Read More at:
    https://www.bleepingcomputer.com/news/security/new-wiper-malware-impersonates-security-researchers-as-prank/
    What KnowBe4 Customers Say

    "Stu, I want to let you know that Jennifer Berrios is an outstanding employee. Very professional, knowledgeable and patient. I’ve worked with her on several occasions and she always does a fabulous job. You have a valuable person representing your company. Btw… your product is great. Thank you." - T.F., CFO


    "Thank you for reaching out to me last week and prompting me to schedule the work from home training video and COVID-19 themed phishing assessment. I cannot believe what a great job KnowBe4 did in creating believable phishing emails for COVID-19 in such a short time! I have received many responses from employees, a minority of which were a little put out that I did a phishing assessment at this time.
    Today will begin the third and final day of the delivery of the assessment emails, right now we have had 5 clickers. I should have setup a landing page for the clickers so they would have been informed that they fell for a phishing attack. Great job KnowBe4 team, if you ever need a reference for a potential customer count me in!" - G.A., Chief Information Officer


    "Stu, I know all of us are very busy in the current circumstances, but I wanted to write and let you know how much I appreciate and value the support that I receive from Brittany Campos. We have been working together for the past several years and she is smart, helpful and passionate about your company, its program and its value.
    In addition, she is especially pro-active about reaching out and helping me make the most out of my company’s subscription and patient in walking me through new releases and new campaigns. She is a pleasure to work with, a pleasure to know and (I am assuming) a great reflection of your company’s culture." - H.L., Chief Compliance Officer


    "We just got ADIsync working and have imported our users and taken it off test mode. Here is a very special thank you and praise to Merlin Durand’s manager. He is one of the best support people I have worked with. Thanks!" - P.M., System Administrator

    The 10 11 Interesting News Items This Week
      1. Deepfaking a Celebrity on a Zoom Call is Now Possible:
        https://www.pcmag.com/news/deepfaking-a-celebrity-on-a-zoom-call-is-now-possible

      2. Top 10 Cybersecurity companies in North America. Check out #3!:
        https://canada.businesschief.com/top10/3564/Top-10-Cybersecurity-companies-in-North-America

      3. NASA, Boeing, and Lockheed Martin docs leaked by nuclear ransomware gang:
        https://www.secureworldexpo.com/industry-news/boeing-lockheed-martin-spacex-ransomware-victims

      4. Russian hackers tried to steal San Francisco airport Windows accounts:
        https://www.bleepingcomputer.com/news/security/russian-hackers-tried-to-steal-san-francisco-airport-windows-accounts/

      5. US military sees surge in phishing scams as the Pentagon transitions to telework:
        https://americanmilitarynews.com/2020/04/us-military-sees-surge-in-phishing-scams-as-the-pentagon-transitions-to-telework/?

      6. How Advanced Persistent Threats Are Exploiting Covid-19 Fears:
        https://resources.malwarebytes.com/resource/apts-and-covid-19-how-advanced-persistent-threats-use-the-coronavirus-as-a-lure/

      7. Ragnar Locker Ransomware Demands Whopping 11 Million from EDP:
        https://www.tripwire.com/state-of-security/security-data-protection/ragnar-locker-ransomware-demands-1580-btc-from-edp/

      8. German government might have lost tens of millions of euros in COVID-19 phishing attack:
        https://www.zdnet.com/article/german-government-loses-tens-of-millions-of-euros-in-covid-19-phishing-attack/

      9. US Offers 5 Million-Dollar Reward for N. Korea Hacker Information:
        https://www.bankinfosecurity.com/us-offers-5-million-reward-for-n-korea-hacker-information-a-14134?

      10. The key to the nation’s cyber defense? Behavioral analysis:
        https://www.fifthdomain.com/opinion/2020/04/15/the-key-to-the-nations-cyber-defense-behavioral-analysis/

      11. BONUS: "How to manage remote working during a global crisis":
        https://www.computing.co.uk/news/4014007/manage-remote-global-crisis
    Cyberheist 'Fave' Links
    This Week's Links We Like, Tips, Hints and Fun Stuff
    FOLLOW US ON: Twitter | LinkedIn | YouTube
    Copyright © 2014-2020 KnowBe4, Inc. All rights reserved.

     

    Return To KnowBe4 Security Blog
    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews