Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

[Heads-Up] Feeding Frenzy: COVID-19 Phishing Attacks Surge as U.S. Reels from Pandemic

Mar 23, 2020 7:00:00 AM By Eric Howes
By Eric Howes,  KnowBe4 Principal Lab Researcher. Having already published three blog pieces on the epidemic of Coronavirus-themed phishing emails and spam/scam offerings online (see ...
Continue Reading

Reinforcing Security Norms During the Coronavirus Crisis

Mar 20, 2020 8:43:08 AM By Joanna Huisman
This blog was co-written by Joanna Huisman and Aimee Laycock. We have all seen an increase in the amount of advice and guidance from the healthcare sector and others since the start of ...
Continue Reading

Organizations Need To Be Wary Of Home Worker Phishing Risks

Mar 19, 2020 5:31:33 PM By Stu Sjouwerman
Security experts warn that phishing attacks against home workers will rise.
Continue Reading

Critical Considerations to Improve Your Remote Employee Security During the COVID-19 Pandemic

Mar 19, 2020 8:34:19 AM By Stu Sjouwerman
Quickly evolving travel and social requirements in response to COVID-19 mean that, like it or not, many organizations like yours are asking traditional office-based employees to work from ...
Continue Reading

Human Behavior is What Makes Phishing Attacks So Successful

Mar 19, 2020 8:28:37 AM By Stu Sjouwerman
The problem isn’t the lack of software designed to detect, prevent, and protect – it’s that human response is a required part of every phishing attack that users seem to be happy to ...
Continue Reading

Healthcare Providers Suffer 350 Percent Increase in Ransomware Attacks

Mar 19, 2020 8:25:03 AM By Stu Sjouwerman
The lack of proper security technologies in place is largely to blame for the massive increase in ransomware attacks in Q4 of 2019 as compared to the same time the previous year.
Continue Reading

Domains Use Homographic Characters to Create Hard to Spot Phishing URL's

Mar 18, 2020 8:35:31 AM By Stu Sjouwerman
Website domains can use homographic characters to create very hard-to-spot phishing URLs, Threatpost reports. Cybersecurity researcher Avi Lumelsky demonstrated how easy it is to create ...
Continue Reading

The Effectiveness of Educating End Users With a Test-Out Quiz

Mar 17, 2020 12:54:14 PM By Roger Grimes
Use a “test-out” quiz as a way to get people who are normally resistant to training to proactively take the training. They think they are taking a quiz to avoid the training, but in ...
Continue Reading

CyberheistNews Vol 10 #12 Secret Service Warning: Exploiting the Coronavirus for Fraud and Profit

Mar 17, 2020 9:42:42 AM By Stu Sjouwerman
 
Continue Reading

FBI Sends Private Industry Notification Warning of BEC Techniques

Mar 17, 2020 8:32:03 AM By Stu Sjouwerman
The FBI sent out a Private Industry Notification (PIN) warning companies that attackers are abusing Microsoft Office 365 and Google’s G Suite to launch business email compromise (BEC) ...
Continue Reading

U.K. Revenue Collector Data Shows Email Scams Are on the Decline in Favor of Vishing and SMiShing Attacks

Mar 16, 2020 6:05:03 PM By Stu Sjouwerman
Scams aimed at conning U.K. taxpayers out of money and credentials are reportedly experiencing shifts in mediums from email to phone and text.
Continue Reading

It is in times of crisis you will be tested

Mar 16, 2020 1:43:21 PM By Stu Sjouwerman
Many organizations are dusting off their crisis management documents this week. Many a contingency plan will see its first-ever run. As the C-19 is spreading fast around the world, more ...
Continue Reading

Coronavirus-Themed Simulated Phishing Templates

Mar 16, 2020 9:48:41 AM By Stu Sjouwerman
The following templates were added to the console this morning:
Continue Reading

The Most Important Thing When Working From Home

Mar 16, 2020 9:31:50 AM By Javvad Malik
With social distancing being the new norm, introverts are joking about how they’ve been preparing for this moment their entire lives. While working from home has many benefits, doing it ...
Continue Reading

Malicious IQY Files Found in Spam Campaign

Mar 16, 2020 8:26:37 AM By Stu Sjouwerman
Researchers at Lastline have come across a phishing campaign that’s using Internet Query (IQY) files to bypass security filters and deliver a new version of the Paradise ransomware. The ...
Continue Reading

Extreme Measures: The Epidemic of COVID-19 Phishing Emails Rages On

Mar 16, 2020 7:02:25 AM By Stu Sjouwerman
Since the publication of our first two blog pieces documenting the flood of Coronavirus-themed emails (see HERE and HERE), customers using the Phish Alert Button (PAB) have continued to ...
Continue Reading

Hackers Use Interactive Malicious COVID-19 Map to Spread Malware

Mar 14, 2020 10:44:24 AM By Stu Sjouwerman
Cybercriminals constantly latch on to news items that captivate the public’s attention, but usually they do so by sensationalizing the topic or spreading misinformation about it. ...
Continue Reading

U.S. Homeland Security: "Malicious Actors Expected To Focus Attacks On Teleworkers. Secure Your VPN"

Mar 14, 2020 9:55:44 AM By Stu Sjouwerman
The Department of Homeland Security's cybersecurity agency this week shared tips on how to properly secure enterprise virtual private networks (VPNs) seeing that a lot of organizations ...
Continue Reading

Keeping our employees and partners safe during #coronavirus

Mar 13, 2020 4:20:16 PM By Stu Sjouwerman
Our top priority remains the health and safety of our Knowsters, and we also have a responsibility to support partners and the local community in all the countries we operate.
Continue Reading

FBI: Ransomware Attacks Have Cost Victims over $140 Million With Ryuk Leading the Way

Mar 13, 2020 3:12:17 PM By Stu Sjouwerman
New details presented at RSA 2020 outline which ransomware variants are the highest paid over the last 6 years and what was their share of the millions paid in ransom.
Continue Reading
Subscribe

Search Our Blog


Your Coronavirus and Work From Home Resource Center

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews