Some Phishers Who Know Their Trade

May 7, 2020 8:19:31 AM By Stu Sjouwerman

Researchers at Votiro have come across well-crafted phishing emails that purport to come from UPS, FedEx, and DHL. All of the emails contain malicious Excel attachments that will install ...

What is the Right Password Policy?

May 7, 2020 8:15:00 AM By Roger Grimes

What is the right password policy? Conventional password policies say you must have a password at least 8-12 characters long…16 characters or longer if it belongs to an elevated ...

Implausible Phishbait, But Someone May Bite

May 6, 2020 8:24:27 AM By Stu Sjouwerman

Scammers are impersonating FINRA, the Financial Industry Regulatory Authority, in an attempt to deliver malware or steal SharePoint credentials, Help Net Security reports. FINRA issued an ...

Reuters: 'State-backed hackers targeting coronavirus responders'

May 5, 2020 11:25:35 AM By Stu Sjouwerman

LONDON/WASHINGTON (Reuters) - Government-backed hackers are attacking healthcare and research institutions in an effort to steal valuable information about efforts to contain the new ...

[HEADS UP] Coronavirus in Australia: Government Warns Phishing Email Target

May 5, 2020 10:19:35 AM By Stu Sjouwerman

A phishing email has been circulating during the pandemic in Australia. Australians are being warned to look out for phishing scams during the coronavirus pandemic, with a new dodgy email ...

1,000+ SEC Filings Show Ransomware an On-Going Risk for Public Companies

May 5, 2020 9:56:02 AM By Stu Sjouwerman

As public companies seek to improve their cybersecurity posture, they also work to comply with SEC formal guidance to disclose cybersecurity risk, highlighting ransomware as a key factor.

We're All Third-Party Management Organizations

May 5, 2020 8:15:00 AM By Javvad Malik

In 2014, Jeff Immelt, CEO of GE famously said, “if you went to bed last night as an industrial company, you’re going to wake up today as a software and analytics company.”

PerSwaysion: Convincing Executives to Act Against Their Own Interest

May 4, 2020 8:26:14 AM By Stu Sjouwerman

Researchers at Group-IB have discovered a sophisticated spear phishing campaign that’s targeted executives at more than 150 companies around the world since mid-2019. The researchers have ...

GitHub is the Latest Target of Social Engineering Phishing Attacks

May 4, 2020 7:15:00 AM By Stu Sjouwerman

Using simple alert-style email notices, scammers look to steal credentials to gain access to development code, intellectual property, and project details.

Zelle Users Continue to be the Target of Scams Intent on Fraud

May 4, 2020 7:05:00 AM By Stu Sjouwerman

The wildly popular payment app is a cybercriminals playground where users are easy prey for money laundering, scams, mules, and just plain old fraud.

Half of all Breaches Start with Phishing and Social Engineering

May 4, 2020 7:03:00 AM By Stu Sjouwerman

New data shows successful attacks on internal networks, cloud environments, and POS systems all are very susceptible to this common attack vector.

Is That COVID-19 Email Legitimate or a Phish?

May 1, 2020 8:39:23 AM By Roger Grimes

It’s no surprise that phishers and scammers are using the avalanche of new information and events involving the global coronavirus pandemic as a way to successfully phish more victims. ...

April Content Update: Including New Work from Home Training Module from Twist & Shout

Apr 30, 2020 11:14:22 AM By Stu Sjouwerman

Here are a few important updates and news to share with you from the past month.

Scammers Can Use Recent Transactions to Trick You

Apr 30, 2020 8:53:09 AM By Stu Sjouwerman

KrebsOnSecurity reports that scammers are using caller ID spoofing to impersonate their victims, and then socially engineering victims’ banks into divulging information about recent ...

[NEW FEATURE] Brandable Content Now Available

Apr 30, 2020 8:00:00 AM By Stu Sjouwerman

You asked, we listened! We’re excited to introduce the new Brandable Content feature within your KnowBe4 platform! You now have the option to add branded custom content to the beginning ...

Two-thirds of Remote Workers Received No Security Awareness Training in the Last Year

Apr 27, 2020 2:11:30 PM By Stu Sjouwerman

This alarming bit of news about U.K. remote workers comes at the worst time when attacks are on the rise, insecure personal devices are being used, and workers are more susceptible to ...

'Florentine Baker Group' Use Microsoft 365 Functionality to Scam Private Equity Firm Out of $1.2 Million

Apr 24, 2020 11:31:26 AM By Stu Sjouwerman

A new investigation by Check Point’s Incident Response Team (CPIRT) demonstrates how brazen cybercriminals are and the lengths they will go to in order to see their scam succeed.

The Best and First Defenses You Should Implement

Apr 24, 2020 8:43:14 AM By Roger Grimes

Every good defense has three pillars of controls: policy, technical, and education. People are always asking what they should do for each to minimize cybersecurity events the most and ...

How Sharing Personal Information Helps Scam Artists

Apr 23, 2020 8:25:29 AM By Stu Sjouwerman

The FBI's Charlotte office released an alert describing how scammers can use personal information on social media to break into online accounts, BleepingComputer reports. As people are ...

Third-Party Risk Management Questionnaire for Extended Emergencies

Apr 21, 2020 8:39:05 AM By Roger Grimes

Here’s a questionnaire you can send to suppliers during extended work from home (WFH) periods.

Security Awareness Training Blog

KnowBe4 Blog

View Topics