Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

We just received the ultimate in weird nested malware

May 20, 2016 11:05:37 AM By Stu Sjouwerman
Last night a customer sent us a phish via the KnowBe4 Phish Alert Button ( free download here) that must win some kind of award for the longest chain of required user interactions -- all ...
Continue Reading

How To Stop Your Ex-Girlfriend Sending Nude Photos To A Fake Facebook Profile

May 20, 2016 8:14:37 AM By Stu Sjouwerman
In a case of sophisticated social engineering, a fraudster created a fake profile of actor Vincent Gallo. He then proceeded to engage in a 2-month long scam, flirting online and sending ...
Continue Reading

TeslaCrypt Gives Up and Releases Master Decryption Key

May 19, 2016 4:52:39 PM By Stu Sjouwerman
Larry Abrams from the Bleepingcomputer site noted: "In a surprising end to TeslaCrypt, the developers shut down their ransomware and released the master decryption key. Over the past few ...
Continue Reading

Tech Support Scammers start locking Windows PCs

May 19, 2016 10:27:06 AM By Stu Sjouwerman
Tech support scammers have come up with a new way to trick users into sharing their payment card information: screen lockers showing fake Windows alerts telling users that their Windows ...
Continue Reading

[ALERT] Fraudsters Steal Tax, Salary Data From ADP. Are Employees At Risk?

May 18, 2016 10:33:03 AM By Stu Sjouwerman
It turns out that HR giant ADP, which provides payroll, tax and benefits administration for more than 640,000 companies, was vulnerable to an ID theft scam. The criminal hackers made off ...
Continue Reading

CyberheistNews Vol 6 #20 [ALERT] New Evil Android Phishing Trojans Empty Your Bank Account

May 16, 2016 8:53:58 AM By Stu Sjouwerman
Continue Reading

Scam Of The Week: Bogus IT Security Company Websites

May 15, 2016 3:46:50 PM By Stu Sjouwerman
Tech Support Scams are nothing new, but the bad guys are furiously innovating and there is a new variation you need to warn your users about. A few years ago this started out with bogus ...
Continue Reading

This Has Been A Crazy Week In Ransomware

May 14, 2016 3:04:08 PM By Stu Sjouwerman
That's what Larry Abrams from Bleepingcomputer started out with yesterday, and he was right! We have had six new ransomware strains, one new RaaS (Ransomware-as-a-Service) and one major ...
Continue Reading

What Is The #1 Cause Of Healthcare Data Breaches?

May 14, 2016 10:00:51 AM By Stu Sjouwerman
As a new story about hospital ransomware or a stolen laptop containing PHI seemingly emerges every day, it comes as no surprise that healthcare data breaches have steadily increased in ...
Continue Reading

Poll Results: "Should Someone Who Falls For A W-2 Phishing Attack Be Fired?"

May 14, 2016 9:15:38 AM By Stu Sjouwerman
It's an interesting question, because the specific circumstances were explained in an article about this particular incident. There were 186 answers to this poll, and here are the results ...
Continue Reading

Ransomware and CEO Fraud Dominate 2016

May 13, 2016 11:31:13 AM By Stu Sjouwerman
An interesting Q1-16 threat report from the folks at Proofpoint. Every day, they analyze more than 1 billion email messages, hundreds of millions of social media posts, and more than 150 ...
Continue Reading

New Petya Comes Loaded with Double-Barrel Ransomware Attack

May 13, 2016 10:04:42 AM By Stu Sjouwerman
A new twist on the Petya ransomware and how it now uses a backup ransomware attack. Remember, Petya is a new type of ransomware that doesn’t encrypt specific files but makes the entire ...
Continue Reading

New evil android phishing trojans empty your bank account

May 12, 2016 7:29:31 AM By Stu Sjouwerman
Infragard warned that the FBI has identified two Android malware families, SlemBunk and Marcher, actively phishing for specified US financial institutions’ customer credentials. The ...
Continue Reading

Congress warned about cybersecurity after attempted ransomware attack on House

May 11, 2016 1:20:13 PM By Stu Sjouwerman
In an email provided to TechCrunch, the House technology service desk warned representatives of increased ransomware attacks on the House network. The email warns that attackers are ...
Continue Reading

CyberheistNews Vol 6 #19 Scam Of The Week: Hidden Dangers Of HTML Attachments

May 10, 2016 9:18:20 AM By Stu Sjouwerman
Continue Reading

InfoSec Analyst: "We Make People Suck At IT Security"

May 7, 2016 2:02:37 PM By Stu Sjouwerman
IT Security analyst Ben Tomhave calls himself an infosec obsessive and I admire his insightful analyses when they appear. This time he commented on the recent attacks that followed the ...
Continue Reading

Prince Death Overdose Caught On Video! Stolen out of a spear phishing attack?

May 7, 2016 11:07:32 AM By Stu Sjouwerman
Our CTO was picking up some groceries and saw this at the check-out, stolen straight out of a spear phishing email... or was it? LOL.
Continue Reading

The Hidden Dangers of .HTML Attachments

May 7, 2016 4:00:00 AM By Stu Sjouwerman
By Eric Howes, KnowBe4's Principal Lab Researcher Over the past six to nine months .DOC and .JS file attachments have dominated the news surrounding the rise in phishing attacks. The ...
Continue Reading

Troy, Mich Investment Firm Loses $500,000 in CEO Fraud

May 6, 2016 11:37:18 AM By Stu Sjouwerman
An employee at a Troy, Mich., investment firm fell for a CEO Fraud attack and was social engineered into transferring almost $500,000 to a Hong Kong bank. The error was noticed eight days ...
Continue Reading

New KnowBe4 Feature: Vulnerable Browser Plugin Detection

May 5, 2016 4:08:39 PM By Stu Sjouwerman
How Can I See If My Users Have Vulnerable Browser Plugins Installed? Within your console, you can automatically detect what vulnerable plugins any clickers on your phishing tests have ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews