Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

[Heads-Up] Feeding Frenzy: COVID-19 Phishing Attacks Surge as U.S. Reels from Pandemic

By Eric Howes,  KnowBe4 Principal Lab Researcher. Having already published three blog pieces on the epidemic of Coronavirus-themed phishing emails and spam/scam offerings online (see ...
Continue Reading

Reinforcing Security Norms During the Coronavirus Crisis

This blog was co-written by Joanna Huisman and Aimee Laycock. We have all seen an increase in the amount of advice and guidance from the healthcare sector and others since the start of ...
Continue Reading

Organizations Need To Be Wary Of Home Worker Phishing Risks

Security experts warn that phishing attacks against home workers will rise.
Continue Reading

Critical Considerations to Improve Your Remote Employee Security During the COVID-19 Pandemic

Quickly evolving travel and social requirements in response to COVID-19 mean that, like it or not, many organizations like yours are asking traditional office-based employees to work from ...
Continue Reading

Human Behavior is What Makes Phishing Attacks So Successful

The problem isn’t the lack of software designed to detect, prevent, and protect – it’s that human response is a required part of every phishing attack that users seem to be happy to ...
Continue Reading

Healthcare Providers Suffer 350 Percent Increase in Ransomware Attacks

The lack of proper security technologies in place is largely to blame for the massive increase in ransomware attacks in Q4 of 2019 as compared to the same time the previous year.
Continue Reading

Domains Use Homographic Characters to Create Hard to Spot Phishing URL's

Website domains can use homographic characters to create very hard-to-spot phishing URLs, Threatpost reports. Cybersecurity researcher Avi Lumelsky demonstrated how easy it is to create ...
Continue Reading

The Effectiveness of Educating End Users With a Test-Out Quiz

Use a “test-out” quiz as a way to get people who are normally resistant to training to proactively take the training. They think they are taking a quiz to avoid the training, but in ...
Continue Reading

FBI Sends Private Industry Notification Warning of BEC Techniques

The FBI sent out a Private Industry Notification (PIN) warning companies that attackers are abusing Microsoft Office 365 and Google’s G Suite to launch business email compromise (BEC) ...
Continue Reading

U.K. Revenue Collector Data Shows Email Scams Are on the Decline in Favor of Vishing and SMiShing Attacks

Scams aimed at conning U.K. taxpayers out of money and credentials are reportedly experiencing shifts in mediums from email to phone and text.
Continue Reading

It is in times of crisis you will be tested

Many organizations are dusting off their crisis management documents this week. Many a contingency plan will see its first-ever run. As the C-19 is spreading fast around the world, more ...
Continue Reading

Coronavirus-Themed Simulated Phishing Templates

The following templates were added to the console this morning:
Continue Reading

The Most Important Thing When Working From Home

With social distancing being the new norm, introverts are joking about how they’ve been preparing for this moment their entire lives. While working from home has many benefits, doing it ...
Continue Reading

Malicious IQY Files Found in Spam Campaign

Researchers at Lastline have come across a phishing campaign that’s using Internet Query (IQY) files to bypass security filters and deliver a new version of the Paradise ransomware. The ...
Continue Reading

Extreme Measures: The Epidemic of COVID-19 Phishing Emails Rages On

Since the publication of our first two blog pieces documenting the flood of Coronavirus-themed emails (see HERE and HERE), customers using the Phish Alert Button (PAB) have continued to ...
Continue Reading

Hackers Use Interactive Malicious COVID-19 Map to Spread Malware

Cybercriminals constantly latch on to news items that captivate the public’s attention, but usually they do so by sensationalizing the topic or spreading misinformation about it. ...
Continue Reading

U.S. Homeland Security: "Malicious Actors Expected To Focus Attacks On Teleworkers. Secure Your VPN"

The Department of Homeland Security's cybersecurity agency this week shared tips on how to properly secure enterprise virtual private networks (VPNs) seeing that a lot of organizations ...
Continue Reading

Keeping our employees and partners safe during #coronavirus

Our top priority remains the health and safety of our Knowsters, and we also have a responsibility to support partners and the local community in all the countries we operate.
Continue Reading

FBI: Ransomware Attacks Have Cost Victims over $140 Million With Ryuk Leading the Way

New details presented at RSA 2020 outline which ransomware variants are the highest paid over the last 6 years and what was their share of the millions paid in ransom.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews