New Phishing Attack Targets MetaMask Users for their Crypto Wallet Private Keys

Apr 21, 2022 11:46:04 AM By Stu Sjouwerman

A new phishing campaign impersonates MetaMask, informs victims their cryptocurrency wallets aren’t “verified” and threatens suspension.

UK Information Commissioner: Many Cybersecurity Incidents are “Preventable”

Apr 21, 2022 11:45:27 AM By Stu Sjouwerman

In a recent article about the largest cyberthreats currently facing the UK, John Edwards – the UK’s newly-appointed information commissioner- talks about the need for a security culture ...

FBI Warns of Bank Fraud Smishing Campaign

Apr 19, 2022 10:31:22 AM By Stu Sjouwerman

The FBI has warned of a smishing campaign that’s targeting people in the US with phony bank fraud notifications. The text messages inform users that someone has attempted to initiate a ...

Social Engineering Campaign against African Banks

Apr 18, 2022 9:40:04 AM By Stu Sjouwerman

A phishing campaign is targeting African banks with a technique called “HTML smuggling” to bypass security filters, according to threat researchers at HP.

Q1 2022 Report: Holiday-Themed Phishing Emails Entice Employees to Click [INFOGRAPHIC]

Apr 15, 2022 10:49:24 AM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze the top categories, general subjects (in both the United States and globally), and 'in the ...

Storytelling to Improve Your Organization's Security Culture [PODCAST]

Apr 15, 2022 10:00:00 AM By James McQuiggan

The latest podcast episode of Security Masterminds features our special guest Jim Shields, Creative Director at KnowBe4. He sat down with our hosts, Erich Kron and Jelle Wieringa to ...

Reduce Your Chances of Getting Scammed

Apr 14, 2022 11:38:26 AM By Javvad Malik

In today's connected world, nearly everyone has a story where they have been targeted by a scam and either that person or someone they know have lost money to scams.

Small and Medium Businesses Account for Nearly Half of all Ransomware Victim Organizations

Apr 13, 2022 4:44:27 PM By Stu Sjouwerman

As ransomware costs increase, along with the effectiveness and use of extortions, smaller businesses are paying the price, according to new data from Webroot.

One in Three U.K. Businesses Experience Cyber Attacks Weekly

Apr 13, 2022 4:43:29 PM By Stu Sjouwerman

New data from the U.K. Government’s Cyber Security Breaches Survey 2022 report shows that a material portion of businesses and charities are being attacked and feeling the repercussions.

Meta Stops Three Cyber Espionage Groups Targeting Critical Industries

Apr 13, 2022 4:43:06 PM By Stu Sjouwerman

Impersonating legitimate companies and using a complex mix of fake personas across Facebook, Telegram, and other platforms, these groups used social engineering to gain network access.

Smishing Scams Abuse Name of Legitimate Ukrainian Charity

Apr 13, 2022 9:54:14 AM By Stu Sjouwerman

Researchers at Trend Micro have spotted yet another scam taking advantage of the crisis in Ukraine by impersonating a legitimate charity. In this case, the scammers are posing as the ...

Business Email Compromise (BEC): the Costliest Cybercrime

Apr 12, 2022 8:52:35 AM By Stu Sjouwerman

Organizations in the US lost $2.4 billion to business email compromise (BEC) scams (also known as CEO fraud) last year, according to Alan Suderman at Fortune.

Microsoft Azure's Static Web Apps Service Becomes the New Home for Phishing Attacks

Apr 11, 2022 3:15:00 PM By Stu Sjouwerman

Taking advantage of the value of a legitimate web service, along with a valid SSL certificate, a new campaign of phishing attack targeting online Microsoft credentials is leveraging Azure.

Phishbait Invokes Russia's Ministry of Internal Affairs (Road Safety Division)

Apr 7, 2022 8:52:18 AM By Stu Sjouwerman

A phishing campaign impersonating WhatsApp has targeted more than 27,000 mailboxes, according to researchers at Armorblox. It’s not clear who the attackers were, but they used an old ...

Mailchimp Phishing Attack Results in Potential Hit on 100K Trezor Crypto Wallets

Apr 6, 2022 9:32:36 AM By Stu Sjouwerman

Stolen client data from Mailchimp put customers of the cryptocurrency hardware wallets on notice of potential social engineering attacks claiming to be Trezor.

“Europol Calling” (Not Necessarily)

Apr 6, 2022 8:55:09 AM By Stu Sjouwerman

Scammers are impersonating Europol with fraudulent phone calls in an attempt to steal personal and financial information, according to Kristina Ohr at Avast. The German Federal Criminal ...

Info Stealer Malware Vidar Uses Microsoft Help Files to Launch Attacks

Apr 5, 2022 2:37:54 PM By Stu Sjouwerman

It appears that the use of Microsoft CHM files is gaining popularity, and from the way this latest attack works, it’s a rather ingenious and flexible method that could become more ...

Simple Facebook Phishing Scam Takes an Unexpected Turn to Throw Potential Victims Off the Scent

Mar 31, 2022 1:04:37 PM By Stu Sjouwerman

Rather than take the usual path of sending an email and linking to a spoofed logon page, this attack takes a different set of actions that at first make no sense but may actually be ...

Cisco: Web 3.0 Will be the Next Frontier for Social Engineering and Phishing Attacks

Mar 31, 2022 11:52:59 AM By Stu Sjouwerman

A look at what makes up Web 3.0 and how it may be used includes insight into what kinds of cyberattacks may plague it, as cybercriminals look for new profitable opportunities.

Cost of Internet Crimes in 2021 Increase 64% Exceeding $6.9 Billion

Mar 31, 2022 11:52:17 AM By Stu Sjouwerman

New data from the FBI’s Internet Crime Complaint Center (IC3) shows a massive increase in the cost of internet crimes, with phishing and BEC topping the list.

Security Awareness Training Blog

Phishing Blog

View Topics