Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

KnowBe4 Introduces New “Social Engineering Indicators” Training Method

Today, we are introducing a new training method that IT managers can use to better manage the continually increasing social engineering threats.

Social Engineering Indicators (SEI) turns every simulated phishing email into a tool you can use to dynamically train your employees how to spot red flags within any email. If your users overlook these red flags, it can lead to a security breach or ransomware infection.

Fake Netflix App Is Actually Ransomware

Kaspersky warned on their blog: "People are downloading a new app, looking to get free access to Netflix accounts. What they’re actually getting is a malware strain called Netix that encrypts users’ data and demands $100 in bitcoins to unlock their files." 

Netflix has a 93 million-strong subscriber base in more than 190 countries, so it’s unsurprising that cybercriminals want a piece of the pie.

Careless Licking Gets A Nasty Ransomware Phishing Infection: 1,000+ Machines Down

More than 1,000 government computer systems shut down. A county in Ohio, US, has had to shut down its entire IT infrastructure due to a ransomware infection. County Auditor Mike Smith found a bright side on an otherwise gloomy day.  "Apparently, our clock still works."

Scam Of The Week Blends CEO Fraud And W-2 Phishing

I have talked about CEO fraud here many times — e-mail attacks spoofing the boss and social engineering a high-risk employee into wiring funds to a bank account controlled by the bad guys.

And I probably also warned you against W-2 phishing, where scammers impersonate the boss and ask a PDF with all employee tax forms. Per a new “urgent alert” issued by the U.S. Internal Revenue Service, internet criminals have now combined both schemes and at the same time are targeting a much wider range of organizations than ever before.

Cisco: "Spam makes major comeback. Users are your last line of defense".

Whoa Nellie. Just when you thought that spam was on its way out, Cisco’s 2017 Annual Cybersecurity Report shows the opposite. Spam is making a surprising comeback as a threat to your network, and has become an important carrier of attacks like spear phishing, ransomware and bots.

This is Cisco's 10th annual report, they use their own routers to measure the spam volume and it shows that now 65% of all corporate email is spam. The new numbers show a tsunami in 2016.  In 2010, Cisco recorded around 5K spam messages being sent per second. Over the next 5 years that number was roughly 1.5K, spiking to about 2K for a short while in 2014, but in 2016 it moves up to more than 3K per second. 

Campbell County Health Falls Victim To W-2 CEO Fraud

And another one.  You have to watch it, the tax scam season is back in full swing. 

Full W-2 information including SSN# for more than 1,400 employees who worked over the past year at Campbell County Health were mistakenly released sometime Wednesday to someone using CEO Fraud. 

“It appears that an unauthorized individual, impersonating a CCH executive, contacted an employee requesting W-2 information for all of our employees who had taxable earnings in calendar year 2016,” said Andy Fitzgerald, CEO of Campbell County Health.

Sedgwick County Loses $566,000 Due To CEO Fraud

WICHITA, Kansas - A Georgia man has been arrested on federal charges he carried out an e-mail spoofing scheme that cost Sedgwick County $566,000. 

George S. James, 48, Brookhaven, Ga., is charged with one count of wire fraud. An FBI agent’s affidavit shows investigators following an electronic trail that led them to James after Sedgwick reported the theft of funds that were intended to pay Cornejo & Sons, LLC, for work done on a road project.

CyberheistNews Vol 7 #5 Ransomware Infection Causes Loss of 8 Years of Police Department Evidence

CyberheistNews | KnowBe4

Why You Should Be Afraid of CEO Fraud [INFOGRAPHIC]

Subscribe To Our Blog

Phish Your Users

Get the latest about social engineering

Subscribe to CyberheistNews