Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

Wanting to Stream the Italian Grand Prix This Weekend? It Might Be a Scam.

Sep 10, 2021 8:46:11 AM By Stu Sjouwerman
With so many fans worldwide wanting to watch the race online, cybercriminals have stepped up to meet the demand with fraudulent websites intent on stealing credit card details.
Continue Reading

5 Ways to Recognize Social Engineering

Sep 9, 2021 4:58:21 PM By Roger Grimes
Social engineering can come in many different forms: via email, websites, voice calls, SMS messages, social media and even fax. If it is a communication method, scammers and criminals are ...
Continue Reading

A Look at Phishing Keywords

Sep 9, 2021 10:37:52 AM By Stu Sjouwerman
Researchers at Expel offer a useful list of the top keywords used in phishing emails. First on the list is the word “invoice,” which is a general term that will be relevant to most ...
Continue Reading

The Number of Daily Ransomware Attacks Increase Nearly 1000% in 2021

Sep 8, 2021 4:06:28 PM By Stu Sjouwerman
New analysis of cyberattack data by security vendor Fortinet sheds light on not only how much ransomware is really being experienced, but who’s being attacked the most.
Continue Reading

The Amount of Weekly New Phishing URLs Has Grown Nearly 2.5x Since 2020

Sep 8, 2021 4:06:10 PM By Stu Sjouwerman
The increase in remote users mixed with a lack of adjusting to cloud-based security services likely created the perfect opportunity for cybercriminals.
Continue Reading

BEC, Fraud, and Ransomware Attacks Are All on the Rise and Costing More Than Ever

Sep 8, 2021 4:05:54 PM By Stu Sjouwerman
New data from cyber insurer Coalition puts the spotlight on not only how much worse attacks are getting, but claim data paints the picture that organizations just aren’t ready.
Continue Reading

Phishing for the German Bundestag

Sep 8, 2021 8:45:15 AM By Stu Sjouwerman
The German government has called out Russia for carrying out phishing attacks against German politicians ahead of the country’s upcoming parliamentary elections, the Associated Press ...
Continue Reading

CyberheistNews Vol 11 #35 [Heads Up] When the URL Domain Is Not Enough To Avoid That Phish

Sep 7, 2021 9:26:10 AM By Stu Sjouwerman
Continue Reading

Windows 11 Phishbait by Active Threat Group Now Delivers Malware

Sep 7, 2021 8:53:55 AM By Stu Sjouwerman
Researchers at Anomali warn that the financially motivated threat group FIN7 is using Windows 11-themed phishing documents to deliver malware. The documents claim to have been created on ...
Continue Reading

Conti's Ransomware Playbook Includes Recon for Users with Privileged Access

Sep 7, 2021 8:53:48 AM By Stu Sjouwerman
Researchers at Cisco Talos have translated a playbook used by the ransomware-as-a-service group Conti. The playbook contains detailed instructions for how to gain administrator access, ...
Continue Reading

Be Wary of Unrequested Disc Images

Sep 3, 2021 9:16:15 AM By Roger Grimes
Microsoft’s recent announcement that the new version of Microsoft Windows, Microsoft Windows 11, will be released soon is capturing headlines around the world. Microsoft will allow ...
Continue Reading

Email-Based Cyberattacks Double Between January and June

Sep 3, 2021 8:19:41 AM By Stu Sjouwerman
Over 2.9 Billion email-based threats were detected in the first half of 2021. Business Email Compromise, obfuscation, and living off the land reigned, according to new data from Zix.
Continue Reading

CISA: Ransomware Attacks Favor Holidays and Weekends

Sep 3, 2021 8:19:33 AM By Stu Sjouwerman
In preparation for Labor Day, a new alert from the U.S. Government’s Cybersecurity & Infrastructure Security Agency (CISA) warns of an increase in ransomware attacks.
Continue Reading

Ransomware Attacks in 2021 Have Increased Nearly Three-fold in the First Half of the Year

Sep 3, 2021 8:19:23 AM By Stu Sjouwerman
New data analyzed by NCC Group’s Research Intelligence and Fusion Team highlights a massive uptick in the number of ransomware attacks, further establishing it as the number one security ...
Continue Reading

Your KnowBe4 Fresh Content Updates from August

Sep 3, 2021 8:00:00 AM By Stu Sjouwerman
With 18 new pieces of training content added this month, check out the always fresh content update highlights and new features from the month of August.
Continue Reading

BEC and the Underworld's Resources

Sep 2, 2021 8:47:27 AM By Stu Sjouwerman
Researchers at Intel 471 have observed cybercriminals outsourcing talent for business email compromise (BEC) attacks. This tactic lowers the bar of entry for BEC attacks, which are ...
Continue Reading

Large Phishing Campaign Abuses Open Redirects

Sep 1, 2021 9:56:19 AM By Stu Sjouwerman
Researchers at Microsoft have observed a widespread phishing campaign that’s abusing open redirectors to fool users into visiting credential-harvesting pages. Open redirects are often ...
Continue Reading

When the URL Domain Is Not Enough To Avoid a Phish

Aug 31, 2021 2:44:06 PM By Roger Grimes
One of the most common mantras in security awareness training is “Examine the URL to determine if it points to the legitimate vendor or not!”
Continue Reading

CyberheistNews Vol 11 #34 [Heads Up] A Tricky New COVID-19 Phishing Caper

Aug 31, 2021 9:16:30 AM By Stu Sjouwerman
Continue Reading

U.K. Organizations See Double the Number of Ransomware Attacks in the First Half of 2021

Aug 26, 2021 1:02:15 PM By Stu Sjouwerman
New analysis of ransomware incidents reported to the UK's Information Commissioner's Office (ICO) in the first half of 2021 show a massive rise when compared to 2020.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews