KnowBe4

Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks..

DNS Hijacking Almost Always Starts With A Successful Spear Phishing Attack

On Jan. 22, 2019, the Cybersecurity and Infrastructure Security Agency (CISA), which is a part of the U.S. Department of Homeland Security (DHS), issued Emergency Directive 19-01. The ...
Continue Reading

Social Engineering Testing: Why Getting Hacked Is a Security Advantage

Stephanie Carruthers, People Hacker for IBM- X-Force Red wrote an excellent post about the need for red-teaming and pentesting your own organization. I'll quote the first paragraph or so, ...
Continue Reading

Report: Phishing Attacks in 2018 Resulted in Massive Jumps in Credential Compromise and Loss of Data

The latest State of the Phish report from Proofpoint highlights the effectiveness of phishing, making it the threat vector to focus on as you begin 2019.
Continue Reading

Experts Warn to Expect More Targeted and Effective Ransomware and Phishing Attacks in 2019

While attack types do not appear to be changing in the coming year, experts see cybercriminals getting better at their craft, making it easier to separate you from your money and ...
Continue Reading

Online Job Offer Turns Would-Be Applicant into Unwitting Conspirator in Malware Attack

The context of contacting the victim via a credible website may be all that was needed to trick one job seeker into installing malware on the network of a bank.
Continue Reading

Grand Jury Duty Vishing Fraud: A New Twist on an Old Scam

Vishing - phone-based “voice phishing” – attacks are alive and well, taking victims of their time, emotions, and money. This new scam can scare you into becoming a victim.
Continue Reading

NEW! KnowBe4 Offers No-Cost Children’s Interactive Cybersecurity Activity Kit

Workbook, poster and video module available to help families teach children how to protect themselves from online dangers
Continue Reading

[Heads-up!] New 'Anatova' Ransomware Disguised As A Game. Warn Your Users

The ransomware strain was discovered in a private peer-to-peer (p2p) network and targets consumers by using the icon of a game or application to trick the user into downloading it.
Continue Reading

[Krebs on Security] How the U.S. Govt. Shutdown Harms Security

Krebs on Security has posted a new item. The ongoing partial U.S. federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews ...
Continue Reading

Criminals Make Off With USD $150,000 in Business Email Compromise Real Estate Scam

Scammers stole $150,000 from a woman during a real estate transaction last year, according to Lisa Vaas at Naked Security. Mireille Appert, a Swiss woman who lives in the United States, ...
Continue Reading

Social Oversharing, Online Quizzes, and Prizes are the Makings of a New Form of Phishing

Phishing is moving beyond the Inbox to your online experience in an effort to collect personal details and share out the attack on social networks, according to a new report from Akamai ...
Continue Reading

Chinese Hackers Take Phishing and CEO Fraud to Another Level Raking in $18.6 Million

A talented group of Fraudsters used phishing, social engineering, and pure chutzpah to convince the India arm of Italian engineering company Tecnimont to part with millions of dollars.
Continue Reading

[INFOGRAPHIC] Q4 2018 Top-Clicked Phishing Email Subjects from KnowBe4

KnowBe4 reports every quarter on the top-clicked phishing emails. Here we have the results for Q4 2018. We track three different categories: general email subjects, those related to ...
Continue Reading

EY UK: "We've seen a huge proliferation of very successful phishing attacks"

Bethan Moorcraft at InsuranceBusiness Mag UK wrote an excellent article about the current state of cyber insurance in Europe. Here is an extract with the link to the full article at the ...
Continue Reading

Firm in $1.7-million dispute with insurer because of social engineering fraud

Global law firm Dentons Canada LLP is locked in a $1.7-millon dispute with its insurer after staff at the firm’s Vancouver office fell victim to an alleged social engineering attack.
Continue Reading

Cybercrime could cost companies trillions over the next five years

A new report (PDF) by Accenture indicates that over the next 5 years, cyberattacks could result in global costs totaling $5.2 trillion.
Continue Reading

The internet's 'father' says it was born with two big flaws

BusinessInsider just posted an article that confirms something I have been saying for years. There is some contrary data though. We may be looking at a light version of rewriting history. ...
Continue Reading

"Ransomware Humor" Two Words You Thought You Would Never See Together

Someone's got a warped sense of humor. See the spoofed ransomware email below:
Continue Reading

[VIDEO] KnowBe4 Quarterly Platform Update

Every quarter, the KnowBe4 Technical Content team creates an update of all the new content and features that have been added the last three months. Here is the Jan 2019 issue, which ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews