Hacking the Hacker: An Inside Look at the Karakurt Cyber Extortion Group

Apr 26, 2022 9:53:55 AM By Stu Sjouwerman

By breaking into an attack server, security researchers have uncovered new details that show the connection between the Karakurt group and Conti ransomware.

Nearly all Data Breaches in Q1 2022 Were the Result of a Cyber Attack

Apr 26, 2022 9:53:38 AM By Stu Sjouwerman

New data from the Identity Theft Resource Center shows rises in the number of data compromises following 2021’s record-setting year, all stemming from cyber attacks.

More_eggs Malware Distributed Via Spear Phishing

Apr 26, 2022 8:49:59 AM By Stu Sjouwerman

Threat actors are sending out the stealthy “more_eggs” malware in spear phishing emails that target hiring managers, according to researchers at eSentire’s Threat Response Unit (TRU).

If You Got a “Your Bill Is Paid For” Text, You’re Part of a Massive T-Mobile Texting Scam

Apr 21, 2022 12:26:04 PM By Stu Sjouwerman

The latest scam targeting T-Mobile customers impersonating T-Mobile and focused on collecting your personal data by tempting you with free “gifts”.

LinkedIn is the Most Impersonated Brand in Phishing Attacks

Apr 21, 2022 12:25:45 PM By Stu Sjouwerman

Social media companies, particularly LinkedIn, are now the most impersonated brands in phishing campaigns, researchers at Check Point have found.

New Phishing Attack Targets MetaMask Users for their Crypto Wallet Private Keys

Apr 21, 2022 11:46:04 AM By Stu Sjouwerman

A new phishing campaign impersonates MetaMask, informs victims their cryptocurrency wallets aren’t “verified” and threatens suspension.

UK Information Commissioner: Many Cybersecurity Incidents are “Preventable”

Apr 21, 2022 11:45:27 AM By Stu Sjouwerman

In a recent article about the largest cyberthreats currently facing the UK, John Edwards – the UK’s newly-appointed information commissioner- talks about the need for a security culture ...

FBI Warns of Bank Fraud Smishing Campaign

Apr 19, 2022 10:31:22 AM By Stu Sjouwerman

The FBI has warned of a smishing campaign that’s targeting people in the US with phony bank fraud notifications. The text messages inform users that someone has attempted to initiate a ...

Social Engineering Campaign against African Banks

Apr 18, 2022 9:40:04 AM By Stu Sjouwerman

A phishing campaign is targeting African banks with a technique called “HTML smuggling” to bypass security filters, according to threat researchers at HP.

Q1 2022 Report: Holiday-Themed Phishing Emails Entice Employees to Click [INFOGRAPHIC]

Apr 15, 2022 10:49:24 AM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze the top categories, general subjects (in both the United States and globally), and 'in the ...

Storytelling to Improve Your Organization's Security Culture [PODCAST]

Apr 15, 2022 10:00:00 AM By James McQuiggan

The latest podcast episode of Security Masterminds features our special guest Jim Shields, Creative Director at KnowBe4. He sat down with our hosts, Erich Kron and Jelle Wieringa to ...

Reduce Your Chances of Getting Scammed

Apr 14, 2022 11:38:26 AM By Javvad Malik

In today's connected world, nearly everyone has a story where they have been targeted by a scam and either that person or someone they know have lost money to scams.

Small and Medium Businesses Account for Nearly Half of all Ransomware Victim Organizations

Apr 13, 2022 4:44:27 PM By Stu Sjouwerman

As ransomware costs increase, along with the effectiveness and use of extortions, smaller businesses are paying the price, according to new data from Webroot.

One in Three U.K. Businesses Experience Cyber Attacks Weekly

Apr 13, 2022 4:43:29 PM By Stu Sjouwerman

New data from the U.K. Government’s Cyber Security Breaches Survey 2022 report shows that a material portion of businesses and charities are being attacked and feeling the repercussions.

Meta Stops Three Cyber Espionage Groups Targeting Critical Industries

Apr 13, 2022 4:43:06 PM By Stu Sjouwerman

Impersonating legitimate companies and using a complex mix of fake personas across Facebook, Telegram, and other platforms, these groups used social engineering to gain network access.

Smishing Scams Abuse Name of Legitimate Ukrainian Charity

Apr 13, 2022 9:54:14 AM By Stu Sjouwerman

Researchers at Trend Micro have spotted yet another scam taking advantage of the crisis in Ukraine by impersonating a legitimate charity. In this case, the scammers are posing as the ...

Business Email Compromise (BEC): the Costliest Cybercrime

Apr 12, 2022 8:52:35 AM By Stu Sjouwerman

Organizations in the US lost $2.4 billion to business email compromise (BEC) scams (also known as CEO fraud) last year, according to Alan Suderman at Fortune.

Microsoft Azure's Static Web Apps Service Becomes the New Home for Phishing Attacks

Apr 11, 2022 3:15:00 PM By Stu Sjouwerman

Taking advantage of the value of a legitimate web service, along with a valid SSL certificate, a new campaign of phishing attack targeting online Microsoft credentials is leveraging Azure.

Phishbait Invokes Russia's Ministry of Internal Affairs (Road Safety Division)

Apr 7, 2022 8:52:18 AM By Stu Sjouwerman

A phishing campaign impersonating WhatsApp has targeted more than 27,000 mailboxes, according to researchers at Armorblox. It’s not clear who the attackers were, but they used an old ...

Mailchimp Phishing Attack Results in Potential Hit on 100K Trezor Crypto Wallets

Apr 6, 2022 9:32:36 AM By Stu Sjouwerman

Stolen client data from Mailchimp put customers of the cryptocurrency hardware wallets on notice of potential social engineering attacks claiming to be Trezor.

Security Awareness Training Blog

Phishing Blog

View Topics