Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

FBI: US Defense Industry Organizations Targeted with USB-Based Ransomware Attacks

Using mailed out “BadUSB” drives as the initial attack vector, cybercriminals are attempting to infiltrate sensitive networks and infect them with BlackMatter or REvil ransomware strains.
Continue Reading

New U.K. Vishing Scam Offers Significant Phone Plan Discounts in Exchange for your Phone Provider's One-Time Security Code

Scammers targeting customers of mobile carrier O2 are enticing victim engagement by offering discounts on their mobile plan as much as 40%.
Continue Reading

In Order to Have Good Security Culture, Behaviour Comes First

In our efforts to raise awareness among users of the importance of cybersecurity and the part they have to play in it, we sometimes go about things in a long-winded manner.
Continue Reading

DHL is Now the Most Spoofed Brand in Phishing

International shipping company DHL was the most impersonated brand in phishing attacks during the fourth quarter of 2022, researchers at Check Point have found.
Continue Reading

Ransomware Attacks are Growing in Number, But Not in Sophistication

As organizations work to protect against the relentless series of ransomware attacks that have plagued businesses large and small, the methods of attack seem to be leveling out.
Continue Reading

Google Docs Comment Feature is the Key to a New Wave of Phishing Campaigns

Hackers take advantage of legitimate comment functionality as a way to look legitimate, reach the Inbox, and avoid detection, despite using malicious links for phishing attacks.
Continue Reading

Half of All Organizations Hit by Ransomware Experience Productivity Loss

According to new data, ransomware is expected to be a larger and more likely threat in the next year, making the impacts felt today very relevant as the impetus for improved cybersecurity.
Continue Reading

KnowBe4's Top-Clicked Phishing Email Results for Q4 2021 Compare the U.S. and EMEA [INFOGRAPHIC]

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze the top categories, general subjects (in both the United States and Europe, Middle East and ...
Continue Reading

A Cyberespionage Group Uses Social Engineering

A sophisticated China-aligned threat actor is using social engineering to carry out cyberespionage and financially motivated attacks, according to researchers at Trend Micro.
Continue Reading

North Korean Cryptocurrency Theft Relies on Social Engineering

A North Korean threat actor being called “BlueNoroff,” a subunit of Pyongyang’s Lazarus Group, has been targeting cryptocurrency startups with financially motivated attacks, researchers ...
Continue Reading

KnowBe4 Named a 2021 Gartner Peer Insights™ Customers’ Choice for Security Awareness Computer-Based Training

KnowBe4 is excited to announce that we have been recognized as an overall Customers’ Choice in the December 2021 Gartner Peer Insights ‘Voice of the Customer’: Security Awareness ...
Continue Reading

Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse

We thought it was bad enough when traditional ransomware started to steal data in its second generation of evolution, now dubbed "double extortion". The third stage of ransomware is ...
Continue Reading

Fifty FIFA eSports Accounts Were Hacked Via Social Engineering

Video game maker Electronic Arts (EA) has stated that around fifty high-profile accounts for the soccer game FIFA 22 were hacked after attackers manipulated the company’s customer service ...
Continue Reading

FBI: Beware of a New Google Voice Authentication Scam – Even if You Don’t Use Google Voice!

A new advisory warns of a scam that can affect literally anyone designed as a precursor to additional vishing scams and/or to perform Gmail account takeovers.
Continue Reading

Payment Fraud Moves to the Real World with Fake QR Codes on Parking Meters

Scammers are using the professional-looking stickers to point those parking to an alternate pay site to collect credit card details in the perfect situation where victims would be none ...
Continue Reading

U.S. Government Warns of More Cyberattacks Targeting Critical Infrastructure

A new joint cybersecurity advisory from CISA, the FBI, and the NSA cautions organizations against Russian-based attacks and provides mitigations to be implemented.
Continue Reading

It’s a Fact: Cyberattacks Continue Because Your Users Forget

The weakest part of your cybersecurity can be identified by looking at how cyberattacks take place, and how well your defenses stand up. But did you know the answer comes from the year ...
Continue Reading

“Information Disorder”: Giving a Name to One of the Most Impactful Parts of Phishing Scams

At the core of every phishing scam is a combination of a bunch of lies and (sometimes) a few truths. A new focus on better defining the misuse of information provides insight into why ...
Continue Reading

Over 200 Ransomware Strains Detected in Last Part of 2021

With the news focused on just a few key ransomware strains, it’s understandable to think you’ll never be a target. But newly-released data shows who’s doing the attacking and who’s being ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews