Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Report: 80% of Phishing Attacks Leverage Legitimate Web Infrastructure and Services

Threat actors are taking advantage of every free tool and service they can to improve their changes of successfully fooling security solutions, with compromised websites taking the lead.
Continue Reading

Gaming-Related Phishing Trends

Researchers at Kaspersky have found that the vast majority of gaming-related malware lures are targeted at Minecraft players. Roblox came in at a distant second, and the researchers note ...
Continue Reading

PwC: More Frequent Cyber Attacks Tops the List of Business Risk for Executives

New data from PwC provides insight into what aspects of the business are executives focused on, worried about, and seeing as future challenges as they look to manage business risk.
Continue Reading

Singapore: Top Ten Scams in the First Half of 2022 Cost Over $227 Million, Scam Frequency Rises by 94%

Queries of reported cases to Singapore Police reveal a rise in scam costs by 59% as phishing cases double and job-related scams increase 7x from the first half of 2021.
Continue Reading

Request a Demo of KnowBe4's PhishER Platform and Get Your Free Hat!

Phishing is still the No. 1 attack vector. Your users are exposed to malicious email daily. They can now report those to your Incident Response (IR) team. But how to best manage your ...
Continue Reading

[New Training] Give Your Employees the Know-How to Have the Tough Conversations with New Compliance Plus Training

We’re thrilled to announce a brand new microlearning, TV-like production quality series of compliance content now available in the Compliance Plus library.
Continue Reading

New Phishing-as-a-Service Platform

Researchers at Resecurity have discovered a new Phishing-as-a-Service (PhaaS) platform called “EvilProxy” that’s being offered on the dark web. EvilProxy is designed to target accounts on ...
Continue Reading

[On-Demand Webinar] Combatting Rogue URL Tricks: Quickly Identify and Investigate the Latest Phishing Attacks

Everyone knows you shouldn’t click phishy links. But are your end users prepared to quickly identify the trickiest tactics bad actors use before it’s too late? Probably not.
Continue Reading

Spear Phishing Campaign Targets Financial Institutions in African Countries

Researchers at Check Point have discovered a spear phishing campaign dubbed “DangerousSavanna” that's targeting financial entities in at least five African countries.
Continue Reading

CyberheistNews Vol 12 #36 [Eye Opener] So, Your MFA Is Phishable, What to Do Next?

1-Time Passcodes Are a Corporate Liability. Department of Homeland Security Fraud Warning. Email not displaying? | View Knowbe4 Blog CyberheistNews Vol 12 #36  |  September 7th, 2022 [Eye ...
Continue Reading

Building a Security Culture With Behavior Design

Anyone who has run security awareness programs for a while knows that changing human behaviour is not an easy task. And that sometimes the problem with awareness is that "awareness" alone ...
Continue Reading

Register for KB4-CON EMEA 2022 Now!

Once again we are hosting a special KB4-CON Virtual Summit for all of our customers and partners in Europe, the Middle East, and Africa with content tailored to your region! Last year’s ...
Continue Reading

REvil Springs Back to Life and Hits a Fortune 500 Company

The previously-thought defunct cybercriminal gang appears to not only reopened for business but has re-established themselves as a major threat by touting 400GBs of stolen data.
Continue Reading

The Number of Phishing Attack Cases in Japan Hit an All-Time High

The number of reported cases of phishing to Japan’s Council of Anti-Phishing reached over 100,000 in July, just as a notice of scams impersonating Japan’s National Tax Agency is released.
Continue Reading

Instagram Phishing: Scammers Exploit Instagram Verification Program

Researchers at Vade warn that an email phishing campaign is informing users that their Instagram account is eligible to receive a blue verification badge. If a user clicks the link, ...
Continue Reading

Fraud Warning from DHS OIG

The Department of Homeland Security’s Office of the Inspector General (DHS OIG) has issued an alert to warn that scammers are posing as DHS employees.
Continue Reading

Your KnowBe4 Fresh Content Updates from August 2022

Check out the 50 new pieces of training content added in August, alongside the always fresh content update highlights and new features.
Continue Reading

So, Your MFA is Phishable, What To Do Next

We’ve written a lot about multi-factor authentication (MFA) not being the Holy Grail to prevent phishing attacks, including here:
Continue Reading

Phishing Attacks Leveraging Legitimate SaaS Platforms Soars 1100%

As threat actors look for ways to evade detection by security solutions, the use of cloud applications has seen a material jump in the last 12 months, according to new data.
Continue Reading

Phishing and Malicious Emails Are Still the Primary Initial Attack Vector

As cybercriminals continue to evolve their techniques, they continue to rely on phishing as the most successful tried and true method of initial attack, according to new data from Acronis.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews