Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Phishing: Further Ruminations on Whaling Attacks

In phishing terms, whaling means applying phishing attacks to "big fish"--namely, corporate executives, public figures, celebrities, and, of course, very wealthy persons. We've been ...
Continue Reading

Cyberheist Snippet 4: More on Trusteer Rapport

As we mentioned in Cyberheist Snippet 1, 2, and 3, we're working on a book here at KnowBe4.com, and it features Cyberheist as the first word in its title. Here's a fourth snippet from the ...
Continue Reading

Cyberheist Snippet 3: Spear-Phishing Definition

As we mentioned in Cyberheist Snippet 1 and Cyberheist Snippet 2, we're working on a book here at KnowBe4.com, and it features Cyberheist as the first word in its title. Here's a third ...
Continue Reading

Cyberheist: The Real Bite in Company Suits Against Banks for Negligence

As we've mentioned repeatedly in this blog, the FDIC does not insure SMBs against losses to fraudulent account access the same way that it covers individual bank accounts. This has left ...
Continue Reading

Cyberheist Theft of Carbon Credits Shows Just How Far Cyberthieves Will Go!

We read with great interest in a recent edition of The Economist about the theft of carbon emission credits through the Emissions Trading Scheme (ETS), a market overseen by the European ...
Continue Reading

Phishing's "Golden Hour"

We stumbled across a fascinating story on the Trusteer Web site recently ( Trusteer is an Internet security firm whose principal products focus on fraud detection and prevention for the ...
Continue Reading

Cyberheist Snippet 2: The Field Has Changed, But the Game Remains the Same

[caption id="attachment_262" align="aligncenter" width="250" caption="Cyberheist book cover"] [/caption] As we mentioned in Cyberheist Snippet 1, we're working on a book here at ...
Continue Reading

Cybercrime: Google Plans to Give Two-Factor Authentication a Huge Boost

The biggest fundamental problem with online financial activity is that for most of us, an account name and a password is all that's needed to gain access to accounts and account controls. ...
Continue Reading

Beware Cross-Channel Cybercrime Threats!

Shoot! Anybody with a smidgen of Web security history under his or her belt winces as soon as the word "cross" comes up as a modifier, thanks to the legions of exploits based on ...
Continue Reading

Cybercrime: The Bigger They Are, The More They Get Attacked

The Wall Street Journal reported on Saturday (2/5/2011) that it learned that the computer network for the Nasdaq OMX Group has been repeatedly (and at least somewhat successfully) ...
Continue Reading

IC3 Cybercrime Poster Says It All: Are You a Safe Internet User?

We can hardly do a better job than the Internet Crime Complaint Center's (IC3's) Safety Poster when it comes to alerting businesses and individuals about the dangers of unsafe Internet ...
Continue Reading

Cyberheist Snippet 1: Drive-By Downloads

We're working on our own book here at KnowBe4.com. It's going to be called Cyberheist: The biggest financial threat facing American business since the meltdown of 2008. The book will be a ...
Continue Reading

Preventing Cyberheist, A New Internet Creed: 'Think Before You Click!'

Here at KnowBe4 we focus on Internet Security Awareness, and provide a battery of information, services, and training to help raise awareness of potential threats and loss that uninformed ...
Continue Reading

Internet Security Awareness Training: Getting Social With KnowBe4

If you want to keep up with the latest news and information about Internet Security, then you can not only follow KnowBe4 right here on our blog, but you can also check us out on our ...
Continue Reading

ISAT: Looking For The One-minute Elevator Pitch? Look No Further.

It's easy to understand why Internet Security Awareness Training now is an essential part of your defense-in-depth. KnowBe4 is the market leading on-demand Internet Security Awareness ...
Continue Reading

Cybercrime: Banks Are Under Intensive Assault From Cybercriminals

As I promised last week, I'm going to be blogging periodically about various information and articles from the commercial advocacy site with the very apt URL of ...
Continue Reading

Cybercrime: FFIEC Plans To Boost Online Transaction Authentication Guidelines for US Banks

We picked this news item up from the SANS Newsbites Newsletter, Volume XIII, Issue: 8, dated January 25, 2011, entitled “U.S. Banks to Get Updated Online Authentication Guidelines.” ...
Continue Reading

Symantec Covers Top Social Networking Cyberheist Scams, Including Phishing

The Norton/Symantec “Your Security Resource” newsletter recently featured a story entitled “ Top 5 Social Media Scams” that’s worth a read-through. It talks about the kinds of scams and ...
Continue Reading

Anatomy of a Blantant Phishing Message

In earlier blogs about Phishing (especially Phishing Primer Part 1 and Part 2) we described phishing as an artful attempt to get readers to click links in e-mail, thereby opening ...
Continue Reading

Fabulous Anti-Phishing/Cybercrime News Resource

[caption id="attachment_130" align="aligncenter" width="488" caption="The banner at YourMoneyIsNotSafeInTheBank.org says it all!"] [/caption] The name of the site that provides the ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews