Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.
Stay on top of the latest in security including social engineering, ransomware and phishing attacks.

KnowBe4 June 2022 Perspective

Information Security is mission-critical today. The global risk situation is higher than ever. Your employees are still your largest attack vector. New-school security awareness training ...
Continue Reading

Smishing Text Scams Have Doubled in the Last Three Years

New data shows a rise in the use of text messages as an effective vehicle to connect with potential victims for social engineering scams as Americans increase their preference of the ...
Continue Reading

New PDF-Based Phishing Attack Demonstrates that Office Docs Aren’t Passé – They are Just Obfuscated!

Security researchers have discovered a cunning PDF-based phishing attack that leverages social engineering and PDF prompt specifics to trick users into opening malicious Office docs.
Continue Reading

Over 2000 Social Engineering Scammers Arrested in Multi-Country Crackdown on Fraud, BEC, and Money Laundering

Thousands of members of cybercriminal groups were arrested in a sting that lasted 2 months and involved coordinated efforts of the law enforcement departments of 76 countries.
Continue Reading

Vishing Attacks Increase 550% Over Last Year as the Financial Sector Continues to be a Primary Target

Cybercriminals are continuing to bypass the use of malware in favor of response-based and credential-centric social engineering attacks, according to new data from Agari and PhishLabs.
Continue Reading

142 Million Customer Records From MGM Resorts Leaked for Free Download

The availability of such a massive number of records at no cost to any cybercriminal interested is a recipe for countless phishing campaigns using the data itself as a means of ...
Continue Reading

New Phishing Campaign Uses ChatBot Functionality to Build Trust and Steal Credit Card Details

Rather than go for the phishing jugular and point the victim immediately to a webpage to steal credentials or personal details, a new phishing campaign uses a chatbot to lower victim ...
Continue Reading

The Next Evolution in Cyberattacks You Need to Worry About: AI

New testimony to U.S. Senate Armed Services Committee Subcommittee on Cybersecurity by Microsoft’s Chief Scientific Officer sheds light on AI-powered cyberattacks.
Continue Reading

Less Than 40% of Asia-Pacific Organizations Are Confident to Stop Cyber Threats as 83% Experience At Least One Ransomware Attack a Year

With exactly half of cybersecurity incidents caused by organizations having an outdated security posture, the ability to stop breaches involves some re-investment in measures that really ...
Continue Reading

Anna Collard, SVP Content Strategy & Evangelist, KnowBe4 Africa Has Been Acknowledged as a Global Influencer in Cyber

IFSEC Global recently acknowledged our very own Anna Collard as a IFSEC Global Influencer in Security for 2022! She was one of the few nominated by a panel of highly respected judges, and ...
Continue Reading

A Closer Look at HR Scams: Does Niceness Have a Downside?

Threat actors are targeting HR employees who are looking to hire new people, according to Lisa Vaas at Contrast Security. As part of their job, HR employees frequently interact with ...
Continue Reading

Spear Phishing Campaign Targets Former Israeli Officials

An Iranian threat actor is conducting a spear phishing operation against Israeli officials, according to researchers at Check Point. The targets have included the former Foreign Minister ...
Continue Reading

Monkeypox Scams Continue to Increase

Attackers are taking advantage of the current news about monkeypox to trick people into clicking on malicious links, Pickr reports. Researchers at Mimecast have spotted a phishing ...
Continue Reading

Facebook Phishing Scam Steals Millions of Credentials

Researchers at PIXM have uncovered a major Facebook Messenger phishing scam that’s “potentially impacted hundreds of millions of Facebook users.” More than eight million people have ...
Continue Reading

Approaching Ransomware Victims Privately

Researchers at KELA warn that ransomware gangs are increasingly refraining from mentioning their victims’ names after the initial attack, giving the victims a chance to pay up before the ...
Continue Reading

What About Password Manager Risks?

In KnowBe4’s new Password Policy ebook, What Your Password Policy Should Be, we recommend that all users use a password manager to create and use perfectly random passwords. A perfectly ...
Continue Reading

Karakurt Adds Irritating Phone Calls to its Crimes

The US Cybersecurity and Infrastructure Security Agency (CISA) and its partners have issued a joint alert on Karakurt, a data theft extortion group that harasses victims’ employees, ...
Continue Reading

40% of CSOs say Their Organization is Not Prepared for Cyberattacks as Phishing is the Top Likely Cause of Breaches

A new survey of executives sheds light on how well organizations fared with cyberattacks in the last 12 month as well as what attack vectors are going to increase future breaches.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews