Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

View Topics

New Phishing-As-A-Service Kit with Ability to Bypass MFA Targets Microsoft 365 Accounts

Feb 5, 2024 4:57:58 PM By Stu Sjouwerman
A phishing-as-a-service platform called “Greatness” is facilitating phishing attacks against Microsoft 365 accounts, according to researchers at Sucuri.
Continue Reading

Social Engineering Masterstroke: How Deepfake CFO Duped a Firm out of $25 Million

Feb 5, 2024 8:47:01 AM By Stu Sjouwerman
Check out this one line for a moment...“duped into attending a video call with what he thought were several other members of staff, but all of whom were in fact deepfake recreations.”
Continue Reading

Vendor Email Compromise Attacks Against Financial Services Surge 137% Last Year

Feb 2, 2024 1:27:13 PM By Stu Sjouwerman
Analysis of 2023 attacks shows how the financial services industry had a very bad year, with increases in both vendor email compromise (VEC) and business email compromise (BEC) attacks, ...
Continue Reading

Microsoft Teams: The New Phishing Battlefront - How Attackers Are Exploiting Trusted Platforms

Feb 1, 2024 1:43:34 PM By Stu Sjouwerman
Attackers are abusing Microsoft Teams to send phishing messages, according to researchers at AT&T Cybersecurity.
Continue Reading

81% of Underwriters Expect Cyber Insurance Premiums to Increase as Risk is Expected to Soar

Feb 1, 2024 1:43:29 PM By Stu Sjouwerman
New data from cyber insurance underwriters shows what they think the biggest threats will be in 2024 and what organizations should do about it.
Continue Reading

Associated Press: "Grave peril of digital conspiracy theories."

Feb 1, 2024 12:30:27 PM By Stu Sjouwerman
The AP published a great article. This is your executive summary: Conspiracy theories have always been part of American culture, but advanced technology is making them more persuasive and ...
Continue Reading

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Feb 1, 2024 8:00:00 AM By Stu Sjouwerman
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Continue Reading

Ransomware Payments On The Decline As Cyber Attackers Focus on The Smallest, And Largest, Organizations

Jan 31, 2024 1:52:23 PM By Stu Sjouwerman
New data for Q4 of 2023 reveals a sizable shift in the cyber threat landscape, with serious implications regarding ransomware and social engineering attacks targeting both the largest and ...
Continue Reading

FBI Cyber Alert: Tech Support Scams Steal Cash or Precious Metals

Jan 31, 2024 1:52:13 PM By Stu Sjouwerman
The US Federal Bureau of Investigation (FBI) has issued an alert that scammers are tricking victims into converting their savings into cash or precious metals, then sending couriers to ...
Continue Reading

[Live Demo] Customizing Your Compliance Training to Increase Effectiveness

Jan 31, 2024 8:00:00 AM By Stu Sjouwerman
Linking compliance training to specific outcomes is hard. Compliance training has a reputation for being challenging for organizations to offer, difficult to do right and employees are ...
Continue Reading

The Percentage of Organizations Globally Struck by Ransomware Hits an All-Time High

Jan 30, 2024 1:52:43 PM By Stu Sjouwerman
Check Point’s review of ransomware shows that the percent of organizations worldwide hit by this greatest of cyberthreats rose by a whopping 33% in 2023.
Continue Reading

Open Redirects Used to Disguise Phishing Links

Jan 30, 2024 1:52:38 PM By Stu Sjouwerman
Phishing attacks are increasingly using open redirects to evade detection by security filters, according to researchers at Trustwave.
Continue Reading

CyberheistNews Vol 14 #05 Myth of Massive Data Breach Busted: Big Headlines Mask a Minor Threat

Jan 30, 2024 9:00:00 AM By Stu Sjouwerman
Continue Reading

Forget Deepfake Audio and Video. Now There’s AI-Based Handwriting!

Jan 29, 2024 2:47:56 PM By Stu Sjouwerman
Researchers have developed AI technology that can mimic someone’s handwriting with only a few paragraphs of written content. Experts worry about the possibility of misuse.
Continue Reading

Malvertising Targets Chinese-Speaking Users

Jan 29, 2024 2:47:47 PM By Stu Sjouwerman
Researchers at Malwarebytes warn that a malvertising campaign is targeting Chinese-speaking users with phony ads for encrypted messaging apps. The ads impersonate apps that are restricted ...
Continue Reading

Identify Weak User Passwords With KnowBe4’s Enhanced Weak Password Test

Jan 29, 2024 2:45:47 PM By Stu Sjouwerman
Passwords are part of every organization’s security risk profile. Just one weak password with access to an organization’s critical systems can cause a breach, take down a network or ...
Continue Reading

Scammers Use Airdrops to Lure Users With Phony NFTs

Jan 29, 2024 8:42:17 AM By Stu Sjouwerman
Researchers at Check Point warn that scammers are using airdrops to distribute phony non-fungible tokens (NFTs) that direct users to malicious sites.
Continue Reading

Bravo Host Andy Cohen Scammed Out of a “Sizable” Amount of Money by Fraudsters Posing as the Bank

Jan 29, 2024 8:41:52 AM By Stu Sjouwerman
Bravo host Andy Cohen tells how he became the victim of an impersonation scam that gave scammers access to control his bank account.
Continue Reading

Your KnowBe4 Compliance Plus Fresh Content Updates from January 2024

Jan 29, 2024 8:00:00 AM By Stu Sjouwerman
Check out the January updates in Compliance Plus so you can stay on top of featured compliance training content.
Continue Reading

Your KnowBe4 Fresh Content Updates from January 2024

Jan 26, 2024 8:00:00 AM By Stu Sjouwerman
Check out the 37 new pieces of training content added in January, alongside the always fresh content update highlights, events and new features.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews