Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

Using Genuine Business Domains and Legitimate Services to Harvest Credentials

A KnowBe4 Threat Lab Publication Authors: Jeewan Singh Jalal, Anand Bodke, and Martin Kraemer
Continue Reading

Tips for Detecting Real-time Deepfakes: A Guide to Staying One Step Ahead

Deepfakes are no longer just the stuff of sci-fi thrillers—they’re here, and they’re deceptively good. From celebrity endorsements to real-time impersonations, deepfake technology has ...
Continue Reading

Microsoft is Still the Most Commonly Impersonated Brand in Phishing Attacks

Microsoft, Apple, and Google were the most commonly impersonated brands in phishing attacks last quarter, according to researchers at Check Point.
Continue Reading

[Eye Opener] Is DeepSeek The Next Threat in Social Engineering?

AI is advancing at lightning speed, but it’s also raising some big questions, especially when it comes to security. The latest AI making headlines is DeepSeek, a Chinese startup that’s ...
Continue Reading

Beware of Toll Scam Texts: How Cybercriminals are Targeting U.S. Drivers

Drivers across the U.S. are being bombarded with fraudulent text messages claiming to come from toll operators like E-ZPass.
Continue Reading

Nearly Three-Quarters of UK Education Orgs Have Sustained Cyberattacks

73% of educational institutions in the UK have sustained at least one cyberattack or breach in the past five years, according to researchers at ESET.
Continue Reading

Phishing is the Top Security Threat For Smartphone Users

Phishing attacks are the most common security issue for smartphone users, according to a new study by Omdia.
Continue Reading

84% of Healthcare Organizations Sustained Cyberattacks Last Year

A new survey by cybersecurity vendor Netwrix found that 84% of healthcare organizations spotted a cyberattack in the past twelve months, with phishing attacks accounting for 63% of these ...
Continue Reading

4 Ways to Mature Your Human Risk Management Program

Human risk management (HRM) is now the primary approach to addressing the ongoing need for strong security cultures in organizations of all sizes. HRM focuses on more than just security ...
Continue Reading

Russian Spear-Phishing Campaign Targets WhatsApp Accounts

The Russian threat actor “Star Blizzard” has launched a spear-phishing campaign attempting to compromise WhatsApp accounts, according to researchers at Microsoft. The operation targets ...
Continue Reading

Malvertising Campaign Abuses Google Ads to Target Advertisers

Researchers at Malwarebytes are tracking a major malvertising campaign that’s abusing Google Ads to target individuals and businesses interested in advertising.
Continue Reading

Threat Actors Abuse Google Translate to Craft Phishing Links

Threat actors are abusing Google Translate’s redirect feature to craft phishing links that appear to belong to Google, according to researchers at Abnormal Security.
Continue Reading

Phishing Campaign Attempts to Bypass iOS Protections

An SMS phishing (smishing) campaign is attempting to trick Apple device users into disabling measures designed to protect them against malicious links, BleepingComputer reports.
Continue Reading

From Pig Butchering to People Talking

Interpol has recently recommended discontinuing the use of the term "Pig Butchering" in cybercrime discussions, expressing concern that such terminology may discourage victims from ...
Continue Reading

Effective Security Awareness Training Really Does Reduce Data Breaches

Social engineering and phishing are involved in 70% - 90% of data breaches. No other root cause of malicious hacking (e.g., unpatched software and firmware, eavesdropping, cryptography ...
Continue Reading

Your KnowBe4 Compliance Plus Fresh Content Updates from December 2024

Check out the December updates in Compliance Plus so you can stay on top of featured compliance training content.
Continue Reading

Ransomware Gangs Claimed More Than 5,000 Attacks in 2024

Ransomware groups claimed responsibility for 5,461 attacks in 2024, with 1,204 of these attacks being publicly confirmed by victim organizations, according to Comparitech’s latest ...
Continue Reading

Brad Pitt Romance Scams Pushed By AI-Enabled Deepfakes

I have helped people detect romance scams for decades. It is still very common for romance scammers to leverage both pictures of celebrities and pictures of innocent, everyday people as ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews