Only Half of All Organizations Have Refreshed Their Security Strategy Based on the Pandemic

Apr 19, 2022 10:31:40 AM By Stu Sjouwerman

A new study published by Ponemon Institute shows that a material portion of organizations are still using pre-pandemic security processes and policies, putting the org at risk.

FBI Warns of Bank Fraud Smishing Campaign

Apr 19, 2022 10:31:22 AM By Stu Sjouwerman

The FBI has warned of a smishing campaign that’s targeting people in the US with phony bank fraud notifications. The text messages inform users that someone has attempted to initiate a ...

CyberheistNews Vol 12 #16 [Eye Opener] The Costliest Cybercrime: Business Email Compromise (BEC)

Apr 19, 2022 9:57:22 AM By Stu Sjouwerman

Social Engineering Campaign against African Banks

Apr 18, 2022 9:40:04 AM By Stu Sjouwerman

A phishing campaign is targeting African banks with a technique called “HTML smuggling” to bypass security filters, according to threat researchers at HP.

“Being Annoying” as a Social Engineering Approach

Apr 18, 2022 8:42:15 AM By Stu Sjouwerman

Attackers are spamming multifactor authentication (MFA) prompts in an attempt to irritate users into approving the login, Ars Technica reports. Both criminal and nation-state actors are ...

Q1 2022 Report: Holiday-Themed Phishing Emails Entice Employees to Click [INFOGRAPHIC]

Apr 15, 2022 10:49:24 AM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze the top categories, general subjects (in both the United States and globally), and 'in the ...

Storytelling to Improve Your Organization's Security Culture [PODCAST]

Apr 15, 2022 10:00:00 AM By James McQuiggan

The latest podcast episode of Security Masterminds features our special guest Jim Shields, Creative Director at KnowBe4. He sat down with our hosts, Erich Kron and Jelle Wieringa to ...

Reduce Your Chances of Getting Scammed

Apr 14, 2022 11:38:26 AM By Javvad Malik

In today's connected world, nearly everyone has a story where they have been targeted by a scam and either that person or someone they know have lost money to scams.

Small and Medium Businesses Account for Nearly Half of all Ransomware Victim Organizations

Apr 13, 2022 4:44:27 PM By Stu Sjouwerman

As ransomware costs increase, along with the effectiveness and use of extortions, smaller businesses are paying the price, according to new data from Webroot.

One in Three U.K. Businesses Experience Cyber Attacks Weekly

Apr 13, 2022 4:43:29 PM By Stu Sjouwerman

New data from the U.K. Government’s Cyber Security Breaches Survey 2022 report shows that a material portion of businesses and charities are being attacked and feeling the repercussions.

Meta Stops Three Cyber Espionage Groups Targeting Critical Industries

Apr 13, 2022 4:43:06 PM By Stu Sjouwerman

Impersonating legitimate companies and using a complex mix of fake personas across Facebook, Telegram, and other platforms, these groups used social engineering to gain network access.

Smishing Scams Abuse Name of Legitimate Ukrainian Charity

Apr 13, 2022 9:54:14 AM By Stu Sjouwerman

Researchers at Trend Micro have spotted yet another scam taking advantage of the crisis in Ukraine by impersonating a legitimate charity. In this case, the scammers are posing as the ...

CyberheistNews Vol 12 #15 [Heads Up] Hard-boiled Social Engineering by a Fake "Emergency Data Request"

Apr 12, 2022 9:31:43 AM By Stu Sjouwerman

CyberheistNews Vol 12 #15 | Apr. 12th., 2022 [Heads Up] Hard-boiled Social Engineering by a Fake "Emergency Data Request" Bloomberg has reported that forged "Emergency Data Requests" last ...

Business Email Compromise (BEC): the Costliest Cybercrime

Apr 12, 2022 8:52:35 AM By Stu Sjouwerman

Organizations in the US lost $2.4 billion to business email compromise (BEC) scams (also known as CEO fraud) last year, according to Alan Suderman at Fortune.

Microsoft Azure's Static Web Apps Service Becomes the New Home for Phishing Attacks

Apr 11, 2022 3:15:00 PM By Stu Sjouwerman

Taking advantage of the value of a legitimate web service, along with a valid SSL certificate, a new campaign of phishing attack targeting online Microsoft credentials is leveraging Azure.

KnowBe4 Named a Leader in the Spring 2022 G2 Grid Report for Security Awareness Training

Apr 11, 2022 8:00:00 AM By Stu Sjouwerman

We are thrilled to announce that KnowBe4 has been named a leader in the latest G2 Grid Report that compares Security Awareness Training (SAT) vendors based on user reviews, customer ...

KnowBe4's PhishER Platform Named a Leader in the Spring 2022 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)

Apr 8, 2022 9:06:44 AM By Stu Sjouwerman

We are excited to announce that KnowBe4 has been named a leader in the Spring 2022 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the fourth consecutive ...

[On-Demand] The Ransomware Hostage Rescue Checklist: Your Step-by-Step Guide to Preventing and Surviving an Ransomware Attack

Apr 8, 2022 8:30:51 AM By Stu Sjouwerman

Skyrocketing attack rates, double and triple extortion, increasing ransom demands… cybercriminals are inflicting pain in every way imaginable when it comes to today’s ransomware attacks. ...

Phishbait Invokes Russia's Ministry of Internal Affairs (Road Safety Division)

Apr 7, 2022 8:52:18 AM By Stu Sjouwerman

A phishing campaign impersonating WhatsApp has targeted more than 27,000 mailboxes, according to researchers at Armorblox. It’s not clear who the attackers were, but they used an old ...

“Human Error” Ranked as the Top Cybersecurity Threat While Budgets Remain Misaligned

Apr 7, 2022 8:28:50 AM By Stu Sjouwerman

New insights into the state of data security show a clear focus on the weakest part of your security stance – your users – and organizations doing little to address it.

Security Awareness Training Blog

View Topics