Beware the Long Con Phish

Jan 28, 2021 8:00:00 AM By Roger Grimes

Social engineering and phishing happen when a con artist communicates a fraudulent message pretending to be a person or organization which a potential victim might trust in order to get ...

Data Privacy and Fingerprints

Jan 28, 2021 7:55:00 AM By James McQuiggan

Most people know, primarily criminals, that you don't want to leave the oils from your fingers at a crime scene because it creates a fingerprint. Everyone has them (unless they don't have ...

2021 Begins a New Decade of Privacy

Jan 28, 2021 7:45:00 AM By Lecio DePaula

Privacy issues came about all across the board in 2020, and 2021 will be no different. From WhatsApp updating their terms of service and losing millions of users to countless proposals by ...

NSA Warns Against Using Third-Party DNS and Encourages DNS Over HTTPS

Jan 28, 2021 7:12:13 AM By Stu Sjouwerman

As cybercriminals look for new ways to attack organizations, the National Security Agency takes a hard look at how DNS can be manipulated and makes recommendations on how to secure it.

Australians Experienced over 200K Scams in 2020 Costing Over A$176 Million

Jan 28, 2021 7:09:17 AM By Stu Sjouwerman

New data from the Australian government’s Scamwatch site shows that phishing and vishing topped the list of scam types used to trick Australians into becoming a scam’s next victim.

UK Insurer Defends the Coverage of Ransomware Payments

Jan 28, 2021 7:07:02 AM By Stu Sjouwerman

Despite the U.K. government’s position that organizations should not make ransomware payments, the Association of British Insurers (ABI) includes payments in first-party cyber-insurance ...

A UK Case Study: Recognizing COVID-19 Phishing

Jan 28, 2021 7:01:12 AM By Stu Sjouwerman

A phishing campaign is using convincingly spoofed offers for COVID-19 vaccination sign-ups, according to Tom Allen at Computing. As vaccines are now being distributed around the world, ...

Microsoft: "Congrats KnowBe4 On being One Of The Top Apps In 2020"

Jan 27, 2021 4:49:17 PM By Stu Sjouwerman

Natee Pretikul, Senior Program Manager in Microsoft's Identity Engineering Strategic Alliances team just send us the following:

CyberheistNews Vol 11 #04 [NEW] The 10 Phases of Organizational Security Awareness

Jan 26, 2021 9:30:57 AM By Stu Sjouwerman

Confident About Detecting Spoofed, Scam Emails?

Jan 26, 2021 8:25:54 AM By Stu Sjouwerman

A survey by ESET found that most people think they’d be able to identify scam emails while shopping online. 87% of respondents said they felt secure while shopping online, while 73% ...

CISA's New Anti-Ransomware Campaign

Jan 25, 2021 8:23:20 AM By Stu Sjouwerman

The US Cybersecurity and Infrastructure Security Agency is launching a campaign to raise awareness of the ways organizations can defend themselves against ransomware attacks.

KnowBe4 Unveils Official Trailer for ‘The Inside Man’ Season 3

Jan 22, 2021 3:16:21 PM By Stu Sjouwerman

We’re excited to announce the official trailer for Season 3 of the award-winning KnowBe4 Original Series - ‘The Inside Man’ is now available! KnowBe4’s network-quality video training ...

Thousands of Stolen Credentials Accessible via Google Search as Cybercriminals Accidentally Make Them Public

Jan 22, 2021 11:39:25 AM By Stu Sjouwerman

A publishing goof by cybercriminals on a WordPress site made files containing stolen passwords indexable by Google and were subsequently publicly available via search.

Microsoft Continues to Dominate as the Leading Brand Impersonated in Phishing Attacks

Jan 22, 2021 11:39:15 AM By Stu Sjouwerman

New data from Check Point Research highlights the latest details on which brands are impersonated, giving insight into where the bad guys are most successful.

Motivations of Phishing Criminals

Jan 22, 2021 8:44:00 AM By Roger Grimes

Phishers, people who are phishing other people (i.e., victims), have reasons for doing so. They are all criminals…cons…each pretending to be something they are not in order to trick ...

The Many Ways You Can Be Phished

Jan 22, 2021 8:38:17 AM By Roger Grimes

Social engineering and deception are as old as humanity itself. Phishing is social engineering and deception via digital means and has been with us since the beginning of computers. After ...

World Economic Forum: COVID Makes Cybersecurity Problem No. 1

Jan 21, 2021 9:51:29 AM By Stu Sjouwerman

The WEF just published their recent survey over worldwide corporate leaders. When asked about technology objectives that have become a greater priority due to COVID, they elevated ...

Interpol Warns of Romance Scams

Jan 21, 2021 8:29:30 AM By Stu Sjouwerman

Interpol has issued a notice describing a scam tactic popular on dating applications. The scheme is a mixture of a romance scam and an investment fraud, taking advantage of victims’ ...

[INFOGRAPHIC] Q4 2020 Work From Home Phishing Emails on the Rise

Jan 21, 2021 8:00:00 AM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...

Charming Kitten Phishing and Smishing Attacks Use Legitimate Google Links and a Tricky Redirection Strategy to Fool Security Solutions

Jan 19, 2021 1:32:49 PM By Stu Sjouwerman

This breakdown of the latest attack from the Charming Kitten cybercriminal gang shows just how much thought goes into obfuscating their tactics and evading detection.