Beware of Sophisticated Malicious USB Keys

Jul 28, 2022 12:33:33 PM By Roger Grimes

Malicious USB keys have always been a problem. There is almost no professional penetration testing team that does not drop a handful of USB keys outside of any targeted organization and ...

Microsoft 365 Users are Once Again the Target of Phishing Scams using Fake Voice Mail Messages

Jul 28, 2022 9:04:04 AM By Stu Sjouwerman

Using a simple email containing a voice mail attachment, an ingenious phishing attack captures credentials while keeping track of the domains being attacked.

Hackers Use Free Email Accounts from QuickBooks to Launch Spoofed Phishing Attacks

Jul 28, 2022 9:04:00 AM By Stu Sjouwerman

A new attack uses one brand email domain to increase the chances of reaching an Inbox, while spoofing another brand to trick users into transitioning to a vishing attack.

Spear Phishing Campaign Targets Facebook Business Accounts

Jul 28, 2022 9:03:57 AM By Stu Sjouwerman

Researchers at WithSecure have discovered a spear phishing campaign targeting employees who have access to Facebook Business accounts. The attackers are targeting specific employees, and ...

IBM: Phishing is the Most Common Way to Gain Access to Victim Networks

Jul 28, 2022 8:55:52 AM By Stu Sjouwerman

New research from IBM shows four reasons why phishing attacks are still effective and remains the primary attack vector in 41% of cyberattacks.

KnowBe4 Top-Clicked Phishing Email Subjects for Q2 2022 [INFOGRAPHIC]

Jul 27, 2022 12:16:19 PM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally clicked on in ...

Nearly Half of Organizations Have Experienced Vishing

Jul 27, 2022 8:50:32 AM By Stu Sjouwerman

Forty-seven percent of organizations have experienced voice phishing (vishing) attacks over the past year, according to researchers at Mutare. Additionally, the researchers found that ...

New Report Reveals that Ransomware and Business Email Compromise Attacks Cause Nearly 70% of Cyber Incidents

Jul 27, 2022 8:49:48 AM By Stu Sjouwerman

Do you know your organizations true security risk and where to prioritize your resources? A new report from Palo Alto Networks sheds some light on these questions and shows multiple ...

[BEWARE] Microsoft and Facebook are the Most Abused Brands for Phishing Attempts

Jul 26, 2022 11:39:59 AM By Stu Sjouwerman

We all know that big brands can be exploited by bad actors in order to execute successful phishing attacks. Now a new study is showing phishing attacks leveraging big brands Microsoft and ...

Malvertising With Google Ads

Jul 26, 2022 11:39:56 AM By Stu Sjouwerman

Researchers at Malwarebytes warn that a large malvertising campaign is exploiting Google ads to redirect users to phishing sites.

CyberheistNews Vol 12 #30 [Heads Up] New MFA 'Prompt Bombing' Attacks Give Access to Laptops, VPNs, and More

Jul 26, 2022 9:07:34 AM By Stu Sjouwerman

Microsoft USB Scam Shows the Importance of Security Awareness Training

Jul 25, 2022 10:47:48 AM By Stu Sjouwerman

Just when you thought scammers couldn't get more tricky in their attacks, this example will prove you wrong. One of our KnowBe4 colleagues shared this LinkedIn post on a recent very ...

Ransomware Groups Get Smaller and More Social

Jul 25, 2022 9:12:21 AM By Stu Sjouwerman

The Colonial Pipeline ransomware attack of 2021 put infrastructure operators on notice that they were directly in the crosshairs of big ransomware gangs. The reaction of law enforcement ...

Striving for 100% Completion: Getting Compliance on Your Compliance Training

Jul 22, 2022 8:25:16 AM By John Just

At the last few conferences I have attended and spoken at, including our own KB4-CON 2022, I noticed a question that many people have struggled with for years rearing its ugly head again.

[Heads Up] Huge Losses Caused By Epidemic of ‘Pig Butchering’ Scams

Jul 21, 2022 1:43:18 PM By Stu Sjouwerman

Investigative reporter Brian Krebs reported today that U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of ...

[Eye Opener] Both Job Seekers and Employers Should Be Aware Of New Sophisticated Scams

Jul 21, 2022 1:39:43 PM By Roger Grimes

With record low unemployment, a tight labor market, and increasing customer demand, everyone says it is an employee’s job market out there. But it is getting tougher to get a real job and ...

FBI Warns of Phony Cryptocurrency Investment Apps

Jul 20, 2022 10:32:58 AM By Stu Sjouwerman

Cryptocurrency investors have lost nearly $43 million to fraudulent cryptocurrency investment apps, according to the US Federal Bureau of Investigation (FBI).

Cybersecurity Should be an Issue for Every Board of Directors

Jul 19, 2022 4:48:17 PM By Stu Sjouwerman

With so many Boards focused on operations, revenue, strategy, and execution, they completely are forgetting the simple fact that a single cyberattack can bring all that to a screeching ...

CyberheistNews Vol 12 #29 [Heads Up] New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials

Jul 19, 2022 9:15:17 AM By Stu Sjouwerman

New Multi-Factor Authentication Prompt “Bombing” Attacks Give Access to Laptops, VPNs, and More

Jul 19, 2022 8:16:07 AM By Stu Sjouwerman

While multi-factor authentication (MFA) significantly reduces an organization’s threat surface by making the stealing of credentials much harder, a new attack takes advantage of phone ...

Security Awareness Training Blog

View Topics