Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Newest iPhone Launch is Now a Scammer's Advantage

Scammers are taking advantage of the launch of iPhone 13, according to researchers at Zscaler. The launch event was streamed live last week on Apple’s official YouTube channel, and ...
Continue Reading

KnowBe4 Named a Leader in the Fall 2021 G2 Grid Report for Security Awareness Training

The latest G2 Grid Report compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence.
Continue Reading

[HEADS UP] Millions of malicious emails will slip past security filters in Q4

Researchers at Tessian have published a report looking at recent trends in spear phishing attacks. The researchers found that 45% of employees said that they clicked on a phishing email ...
Continue Reading

Executives: Ransomware is the Greatest Threat Concern, But Few are Actually Prepared

A new poll from Deloitte shows organizations are all too aware of the problem of ransomware, but aren’t ready to respond to the specific ransomware scenario given that the attackers have ...
Continue Reading

Travel-Related Phishing Scams and Websites Surge More Than 400%

Pent-up demand for traveling – both domestically and internationally – has driven an interest by cybercriminals to take advantage of those traveling to become phishing victims.
Continue Reading

$1 Trillion Infrastructure Bill is the Catalyst for DOT-Impersonated Phishing Attacks Targeting Contractors

Offering targeted victim organizations an opportunity to bid on infrastructure projects, this scam seeks to harvest credentials using a new mix of tactics to evade detection.
Continue Reading

Social Media Quizzes May Be Data Scrapers Building Victim Profiles

The seemingly benign quizzes asking personal details take advantage of individuals’ willingness to share and could be used to establish passwords, password hints, and more.
Continue Reading

Kaspersky: Use of New QakBot Banking Trojan that Steals Emails Up 65%

Representing a new evolution of banking trojan, QakBot proves to be a formidable adversary against security defenses with its’ ability to steal emails – your users.
Continue Reading

FBI Warns of Continued Ransomware Attacks Targeting the Food and Agriculture Sectors

Working to disrupt organizations involved with the United State’s food supply chain, ransomware gangs and their affiliates are the focus of the FBI’s latest warning to be vigilant.
Continue Reading

Recent Cryptocurrency Scam Posed as “The Elon Musk Mutual Aid Fund”

A phishing campaign is pushing cryptocurrency scams posing as the “Elon Musk Mutual Aid Fund,” according to BleepingComputer. The emails have odd subject lines and content, but contain an ...
Continue Reading

[INFOGRAPHIC] How to Run a Successful Security Awareness Training Program

As you're preparing for Cybersecurity Awareness Month, thinking about how to strengthen your security awareness training program is probably top of mind.
Continue Reading

Over $100,000,000 Lost to Romance Scams in Seven Months

People in the US lost $133,400,000 to romance scams between January 1st and July 31st of 2021, according to the FBI. The average amount lost was in the tens of thousands of dollars. The ...
Continue Reading

[NEW FEATURE] Admins Can Save and Schedule KnowBe4 Reports to Automatically Send on a Recurring Basis

We are excited to announce the availability of KnowBe4’s new ‘Save and Send’ Reporting feature. The 60+ predefined reports available in the KnowBe4 platform already give you a variety of ...
Continue Reading

Enterprise Organizations Have as Much as an 85% Chance of Receiving a BEC Attack Every Week

Business Email Compromise is a multi-billion dollar business, representing 43% of all cybercrime last year. Despite it being dwarfed in the news by ransomware, it represents a growing ...
Continue Reading

Probability of Experiencing a Vendor Email Compromise Attack Increases 96%

Vendor Email Compromise requires first taking control of a strategic email account within the victim organizations. According to new data, cybercriminals are getting really good at this.
Continue Reading

New Phishing Attack on Microsoft 365 Users Leverages Open Redirects to Avoid Detection

The use of open redirects from legitimate domains makes phishing emails that much more believable and credible, obfuscating the dangerous nature of these attacks.
Continue Reading

That's Not the US Department of Transportation, It's a Phishing Attack

A phishing campaign is impersonating the US Department of Transportation (USDOT), according to Roger Kay at INKY. The campaign is targeting infrastructure contractors who are eager to bid ...
Continue Reading

Brute Force Attacks are on the Rise as June sees a 671% increase

With nearly one-third of all organizations targeted in a single week and just above one-quarter on the average, attempts to access externally facing resources is growing in popularity and ...
Continue Reading

Researchers Discover Vulnerability Used for Deception and SSID Stripping

Researchers at AirEye have discovered a vulnerability in the way in which devices connect to wireless networks that could allow an attacker to trick a user into connecting to a malicious ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews