1 in 4 Business Email Compromise Attacks Use Lookalike Domains to Trick Victims

Mar 5, 2021 4:02:18 PM By Stu Sjouwerman

The latest Data on BEC scams shows how the bad guys are using a mix of gmail accounts, increases in stolen wire transfers, and a shift to payroll diversions to trick you out of your money.

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Mar 5, 2021 4:00:12 PM By Stu Sjouwerman

The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage.

Vendor Email Compromise is Officially A Big (Seven-Figure) Problem

Mar 5, 2021 3:57:51 PM By Stu Sjouwerman

While the Solarwinds “sunburst” attack brought to light the compromising of a vendor, VEC has been around for some time and now seems to be going mainstream.

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Mar 5, 2021 3:55:42 PM By Stu Sjouwerman

A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals.

Someone Hacked The Four Top Russian Cybercrime Forums In One Month

Mar 5, 2021 10:52:44 AM By Stu Sjouwerman

Intrepid investigative cyber security reporter Brian Krebs has some interesting news. He said: "Over the past few weeks, three of the longest running and most venerated Russian-language ...

KnowBe4 Fresh Content Updates from February: Including New Season 3 of 'The Inside Man' Now Available

Mar 5, 2021 9:31:10 AM By Stu Sjouwerman

Here are important fresh content updates and new features to share with you that happened in the month of February.

Stanford Research: 88% Of Data Breaches Are Caused By Human Error

Mar 4, 2021 6:43:06 PM By Stu Sjouwerman

A recent 2020 report we just discovered confirms what we have been saying for many years now. About 9 out 10 data breaches are caused by your users. We are pleased that the somewhat older ...

Most Phishing Emails Are After Credentials

Mar 4, 2021 8:22:48 AM By Stu Sjouwerman

57% of phishing emails in 2020 were designed for stealing credentials, according to Cofense’s most recent Annual State of Phishing Report. Meanwhile, just 12% of phishing attacks last ...

POTRAZ Warns of Phishing Scams

Mar 3, 2021 9:42:20 AM By Stu Sjouwerman

The Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) has issued a warning regarding an increase in email and SMS phishing attacks, the Chronicle reports. Dr. Gift ...

CyberheistNews Vol 11 #09 [Heads Up] New Ryuk Ransomware Strain Now Worms Itself To All Your Windows LAN Devices

Mar 2, 2021 9:45:14 AM By Stu Sjouwerman

Universal Health Services Becomes Next Victim of Ryuk Ransomware, Costing $67 Million

Mar 2, 2021 8:54:36 AM By Stu Sjouwerman

Fortune 500 hospital and health care service provider Universal Health Services (UHS) recently became victim to Ryuk ransomware in September 2020.

By Their Poor Idiomatic Control Shall Ye Know Them

Mar 2, 2021 8:24:52 AM By Stu Sjouwerman

A new phishing campaign is impersonating Zoom in order to steal users’ Outlook credentials, according to researchers at GreatHorn. The attackers are using phishing URLs that spoof Zoom’s ...

[On-Demand Webinar] Hacking Multifactor Authentication: An IT Pro’s Lessons Learned After Testing 150 MFA Products

Mar 2, 2021 8:00:00 AM By Stu Sjouwerman

Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than ...

[HEADS UP] New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

Mar 1, 2021 10:39:15 AM By Stu Sjouwerman

The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no ...

New York State Education Department Warns of Phishing Campaign

Mar 1, 2021 9:55:30 AM By Stu Sjouwerman

The New York State Education Department (NYSED) released an advisory warning that scammers are impersonating its employees in an attempt to steal social security numbers and money. The ...

Phishing Attacks Double in 2020 While Carrying the Highest Month of Attacks on Record

Mar 1, 2021 9:32:45 AM By Stu Sjouwerman

The latest data from the Anti-Phishing Working Group (AWPG) shows massive gains in phishing attacks in Q4 of last year, quantifying the growth and setting the expectation of what’s to ...

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency

Mar 1, 2021 9:32:30 AM By Stu Sjouwerman

This month the UK’s National Crime Agency (NCA) arrested eight suspects who targeted famous sports stars and musicians in the US and stole from victim’s bank accounts and crypto wallets.

Microsoft Dominates as the Most Impersonated Brand in Phishing Attacks

Mar 1, 2021 9:32:10 AM By Stu Sjouwerman

New data from phishing detection vendor Inky highlights which brands are most often used by cybercriminals in phishing attacks that will give them the edge needed for a successful phish.

[Heads Up] New Ryuk Ransomware Strain Now Worms Itself To All Your Windows LAN Devices

Mar 1, 2021 7:00:00 AM By Stu Sjouwerman

A new Ryuk strain has a worm-like feature that allows it to spread to all other devices on victims' local networks. It was discovered by the French CERT, their national cyber-security ...

New scary good deepfake videos of Tom Cruise show the threat to society is very real

Feb 27, 2021 9:55:36 AM By Stu Sjouwerman

InputMag wrote: "We are entering scary times. New deepfake videos of actor Tom Cruise have made their way onto TikTok under the handle @deeptomcruise, and boy do they look real.

Security Awareness Training Blog

View Topics