Scam Of The Week: CEO Fraud bad guys are now bribing your users

Jan 29, 2019 7:27:00 AM By Stu Sjouwerman

Today saw the arrival of yet another interesting variant of the gift card phishing campaigns that have grown into a deluge over the past few months (see below). Today's email demonstrates ...

DNS Hijacking Almost Always Starts With A Successful Spear Phishing Attack

Jan 28, 2019 4:23:59 PM By Stu Sjouwerman

On Jan. 22, 2019, the Cybersecurity and Infrastructure Security Agency (CISA), which is a part of the U.S. Department of Homeland Security (DHS), issued Emergency Directive 19-01. The ...

Social Engineering Testing: Why Getting Hacked Is a Security Advantage

Jan 28, 2019 3:42:55 PM By Stu Sjouwerman

Stephanie Carruthers, People Hacker for IBM- X-Force Red wrote an excellent post about the need for red-teaming and pentesting your own organization. I'll quote the first paragraph or so, ...

Experts Warn to Expect More Targeted and Effective Ransomware and Phishing Attacks in 2019

Jan 25, 2019 2:23:42 PM By Stu Sjouwerman

While attack types do not appear to be changing in the coming year, experts see cybercriminals getting better at their craft, making it easier to separate you from your money and ...

Online Job Offer Turns Would-Be Applicant into Unwitting Conspirator in Malware Attack

Jan 25, 2019 7:17:51 AM By Stu Sjouwerman

The context of contacting the victim via a credible website may be all that was needed to trick one job seeker into installing malware on the network of a bank.

Grand Jury Duty Vishing Fraud: A New Twist on an Old Scam

Jan 25, 2019 6:30:27 AM By Stu Sjouwerman

Vishing - phone-based “voice phishing” – attacks are alive and well, taking victims of their time, emotions, and money. This new scam can scare you into becoming a victim.

NEW! KnowBe4 Offers No-Cost Children’s Interactive Cybersecurity Activity Kit

Jan 23, 2019 3:51:15 PM By Stu Sjouwerman

Workbook, poster and video module available to help families teach children how to protect themselves from online dangers

[Heads-up!] New 'Anatova' Ransomware Disguised As A Game. Warn Your Users

Jan 23, 2019 3:30:25 PM By Stu Sjouwerman

The ransomware strain was discovered in a private peer-to-peer (p2p) network and targets consumers by using the icon of a game or application to trick the user into downloading it.

[Krebs on Security] How the U.S. Govt. Shutdown Harms Security

Jan 23, 2019 2:15:31 PM By Stu Sjouwerman

Krebs on Security has posted a new item. The ongoing partial U.S. federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews ...

Criminals Make Off With USD $150,000 in Business Email Compromise Real Estate Scam

Jan 22, 2019 5:20:21 PM By Stu Sjouwerman

Scammers stole $150,000 from a woman during a real estate transaction last year, according to Lisa Vaas at Naked Security. Mireille Appert, a Swiss woman who lives in the United States, ...

Social Oversharing, Online Quizzes, and Prizes are the Makings of a New Form of Phishing

Jan 22, 2019 3:52:08 PM By Stu Sjouwerman

Phishing is moving beyond the Inbox to your online experience in an effort to collect personal details and share out the attack on social networks, according to a new report from Akamai ...

Chinese Hackers Take Phishing and CEO Fraud to Another Level Raking in $18.6 Million

Jan 22, 2019 3:49:38 PM By Stu Sjouwerman

A talented group of Fraudsters used phishing, social engineering, and pure chutzpah to convince the India arm of Italian engineering company Tecnimont to part with millions of dollars.

[INFOGRAPHIC] Q4 2018 Top-Clicked Phishing Email Subjects from KnowBe4

Jan 22, 2019 9:35:52 AM By Stu Sjouwerman

KnowBe4 reports every quarter on the top-clicked phishing emails. Here we have the results for Q4 2018. We track three different categories: general email subjects, those related to ...

EY UK: "We've seen a huge proliferation of very successful phishing attacks"

Jan 21, 2019 5:13:04 PM By Stu Sjouwerman

Bethan Moorcraft at InsuranceBusiness Mag UK wrote an excellent article about the current state of cyber insurance in Europe. Here is an extract with the link to the full article at the ...

Firm in $1.7-million dispute with insurer because of social engineering fraud

Jan 21, 2019 1:58:05 PM By Stu Sjouwerman

Global law firm Dentons Canada LLP is locked in a $1.7-millon dispute with its insurer after staff at the firm’s Vancouver office fell victim to an alleged social engineering attack.

Cybercrime could cost companies trillions over the next five years

Jan 21, 2019 10:26:59 AM By Stu Sjouwerman

A new report (PDF) by Accenture indicates that over the next 5 years, cyberattacks could result in global costs totaling $5.2 trillion.

CyberheistNews Vol 9 #4 It Only Takes 1 Phish: Wichita State University Employees Get Fooled Into Losing Their Paychecks

Jan 21, 2019 9:48:28 AM By Stu Sjouwerman

The internet's 'father' says it was born with two big flaws

Jan 20, 2019 5:37:23 PM By Stu Sjouwerman

BusinessInsider just posted an article that confirms something I have been saying for years. There is some contrary data though. We may be looking at a light version of rewriting history. ...

"Ransomware Humor" Two Words You Thought You Would Never See Together

Jan 18, 2019 4:41:24 PM By Stu Sjouwerman

Someone's got a warped sense of humor. See the spoofed ransomware email below:

[VIDEO] KnowBe4 Quarterly Platform Update

Jan 18, 2019 4:28:40 PM By Stu Sjouwerman

Every quarter, the KnowBe4 Technical Content team creates an update of all the new content and features that have been added the last three months. Here is the Jan 2019 issue, which ...

Security Awareness Training Blog

View Topics