W-2 Phishing Scams Likely to Resurface After the New Year

Dec 15, 2017 4:57:33 PM By Stu Sjouwerman

W-2 phishing season is just a few weeks away. For the past several tax seasons, cyber criminals have used sophisticated social engineering tactics to dupe hundreds of payroll and HR ...

How One of Australia's Richest Men Lost $1 Million in Email Scam

Dec 15, 2017 4:28:02 PM By Stu Sjouwerman

The multi-millionaire founder of Twynam Agricultural Group Pty Ltd. lost $1 million in an email fraud, a London court heard Thursday. The British man who facilitated the theft says he’s a ...

Trojan Phishing Attacks By North Korean Hackers Are Attempting To Steal Bitcoin

Dec 15, 2017 12:00:48 PM By Stu Sjouwerman

Researchers at Secureworks report Trojan malware is being distributed in phishing emails using the lure of a fake job ad. A prolific cyber criminal gang with links to North Korea is ...

Email Security Gap Analysis Shows 10.5% Miss Rate

Dec 14, 2017 5:04:54 PM By Stu Sjouwerman

Aggregated results show 10.5% average rates at which enterprise email security systems miss spam, phishing and malware attachments. Here is a summary of findings of email security systems ...

[On-Demand Webinar] Counter the Careless Click: Tools to help you train your users

Dec 14, 2017 10:15:46 AM By Stu Sjouwerman

Cybercriminals are successfully and consistently exploiting human nature to accomplish their goals. Employee training is tied as the third-most-effective method (higher than antivirus) of ...

CyberheistNews Vol 7 #49 Which of Your Employees Are Most Likely to Expose Your Company to a Cyber Attack?

Dec 12, 2017 10:19:44 AM By Stu Sjouwerman

Cyberheists Linked to Russian Hackers Targets Banks From Moscow to Utah

Dec 11, 2017 6:56:19 AM By Stu Sjouwerman

A previously unknown ring of Russian-speaking hackers has stolen as much as $10 million from U.S. and Russian banks in the last 18 months, according to a Moscow-based cyber-security firm ...

KnowBe4 Content Update & New Features Summary

Dec 8, 2017 10:55:45 AM By Stu Sjouwerman

A lot of new modules have been added to the KnowBe4 ModStore: 2018 GDPR is available as a new course in 8 languages right now, and 15 more languages will be available by January 1st. 2018 ...

Basic training in avoiding phishing is no longer sufficient

Dec 8, 2017 9:53:34 AM By Stu Sjouwerman

Databreaches.net has forums and one of their posts really got our attention. It was an official notification from the legal department of Boise Cascade Company in Utah about a phishing ...

This ransomware asks victims to name their own price to get their files back

Dec 8, 2017 9:30:00 AM By Stu Sjouwerman

Attackers behind this form of file-encrypting malware - which has similarities with Locky - think that if the victim can set their own price, they're more likely to pay. A form of ...

48 Servers Of North Carolina County Held Hostage by LockCrypt Ransomware

Dec 7, 2017 6:33:03 AM By Stu Sjouwerman

A hacker’s 1 p.m. deadline to pay $23,000 passed Wednesday, and Mecklenburg County has not decided whether to pay the ransom for a cyber-attack that “paralyzed” the county. County manager ...

Cyber Warfare in 140 Characters: Social Media Weaponized

Dec 6, 2017 3:00:50 PM By Stu Sjouwerman

David Patriakos's new book about cyber warfare is a fascinating read. From the back cover: "Modern warfare is a war of narratives, where bullets are fired both physically and virtually. ...

KnowBe4 Prevents Customer From Becoming Social Engineering Victim Of Duke Energy Vendor’s Hack

Dec 6, 2017 1:39:03 PM By Stu Sjouwerman

A customer just sent us this: "Stu, the company who processes payments for Duke Energy’s walk in payments was hacked and as a result about 375,000 bank accounts may have been stolen. "We ...

Which of Your Employees Are Most Likely to Expose Your Company to a Cyber Attack?

Dec 6, 2017 7:02:01 AM By Stu Sjouwerman

Kon Leong at Harvard Business Review wrote an excellent article about the problem of employees exposing your organization to cyberthreats through human error. Here is a short qoute:

Phishing Schemes Are Using Encrypted Sites To Seem Legit

Dec 6, 2017 6:39:41 AM By Stu Sjouwerman

WIRED wrote: "A MASSIVE EFFORT to encrypt web traffic over the last few years has made green padlocks and "https" addresses increasingly common; more than half the web now uses internet ...

Mailsploit Bypasses DMARC And Lets Attackers Send Spoofed Phishing Emails on Over 33 Email Clients

Dec 5, 2017 10:56:55 AM By Stu Sjouwerman

Our friends at Bleepingcomputer reported on something that should cause anyone concern. German security researcher Sabri Haddouche has discovered a set of vulnerabilities that he ...

CyberheistNews Vol 7 #47 Your Cybercrime Insurance Policy May Not Cover You for Social Engineering Fraud

Dec 5, 2017 9:58:32 AM By Stu Sjouwerman

KnowBe4 Wins Frost & Sullivan Cyber Security Awareness Training Platform Customer Value Leadership Award

Dec 5, 2017 7:57:33 AM By Stu Sjouwerman

I'm extremely pleased to tell you we have won a prestigious award. Frost & Sullivan is a global research and consulting firm and they recently announced that we received their 2017 ...

Scam Of The Week: Phishers Target PayPal Users With Fake “Failed Transaction” Emails

Dec 4, 2017 2:59:18 PM By Stu Sjouwerman

Scammers are pushing out fake PayPal emails that use the premise of an unverified transaction to phish for customers’ personal and financial information. With the end-of-the-year holidays ...

Your Cybercrime Insurance Policy May Not Cover You For Social Engineering Fraud

Dec 3, 2017 8:44:18 AM By Stu Sjouwerman

I have talked about this potentially extremely expensive and very disappointing "CEO fraud" or "Business Email Compromise" problem many times before. Your cybercrime policy may not ...

Security Awareness Training Blog

View Topics