“Europol Calling” (Not Necessarily)

Apr 6, 2022 8:55:09 AM By Stu Sjouwerman

Scammers are impersonating Europol with fraudulent phone calls in an attempt to steal personal and financial information, according to Kristina Ohr at Avast. The German Federal Criminal ...

Info Stealer Malware Vidar Uses Microsoft Help Files to Launch Attacks

Apr 5, 2022 2:37:54 PM By Stu Sjouwerman

It appears that the use of Microsoft CHM files is gaining popularity, and from the way this latest attack works, it’s a rather ingenious and flexible method that could become more ...

Simple Facebook Phishing Scam Takes an Unexpected Turn to Throw Potential Victims Off the Scent

Mar 31, 2022 1:04:37 PM By Stu Sjouwerman

Rather than take the usual path of sending an email and linking to a spoofed logon page, this attack takes a different set of actions that at first make no sense but may actually be ...

Cisco: Web 3.0 Will be the Next Frontier for Social Engineering and Phishing Attacks

Mar 31, 2022 11:52:59 AM By Stu Sjouwerman

A look at what makes up Web 3.0 and how it may be used includes insight into what kinds of cyberattacks may plague it, as cybercriminals look for new profitable opportunities.

Cost of Internet Crimes in 2021 Increase 64% Exceeding $6.9 Billion

Mar 31, 2022 11:52:17 AM By Stu Sjouwerman

New data from the FBI’s Internet Crime Complaint Center (IC3) shows a massive increase in the cost of internet crimes, with phishing and BEC topping the list.

Obvious Phishbait, But Someone Will Bite

Mar 31, 2022 10:13:29 AM By Stu Sjouwerman

A widespread phishing scam is circulating in Facebook Messenger, according to Jeff Parsons at Metro. The phishing messages simply contain the words, “Look what I found,” along with a ...

FBI Warns of Phishing Attacks Targeting Election Officials

Mar 31, 2022 8:57:59 AM By Stu Sjouwerman

The FBI has issued a Private Industry Notification warning of phishing emails designed to steal login credentials from election officials. The Bureau believes these attacks will increase ...

Mobile Device Usage Have Led to Security Incidents in Nearly Half of Organizations

Mar 30, 2022 8:15:33 AM By Stu Sjouwerman

The shift in devices used by today’s workforce has resulted in increases in cybersecurity concerns and incidents, despite a majority of orgs with defined BYOD programs in place.

Email Conversation Hacking to Distribute Malware

Mar 29, 2022 9:03:08 AM By Stu Sjouwerman

Researchers at Intezer warn that attackers are hijacking email conversations to distribute the IcedID banking Trojan. This technique makes the phishing emails appear more legitimate and ...

Repertoire of Ukraine Charity Phishing Scams

Mar 24, 2022 10:21:32 AM By Stu Sjouwerman

Scammers continue to exploit the crisis in Ukraine, according to researchers at Bitdefender. Over the past week, the researchers believe the fraudsters have adjusted their tactics in ...

Initial Access Broker Group Relies on Social Engineering

Mar 24, 2022 10:20:53 AM By Stu Sjouwerman

Google’s Threat Analysis Group (TAG) describes a cybercriminal group it calls “EXOTIC LILY” that acts as an initial access broker for numerous financially motivated threat actors, ...

Number of Phishing Attacks Hits an All-Time High in 2021, Tripling That of Early 2020

Mar 23, 2022 2:00:34 PM By Stu Sjouwerman

New data from the Anti-Phishing Working Group shows cybercriminals are stepping on the gas, focusing phishing attacks on credential theft and response-based scams.

Phishing Attack-Turned-Wire Fraud Case Sees a Win for the Policyholder

Mar 23, 2022 2:00:26 PM By Stu Sjouwerman

In an unusual turn of events, a recent court decision sided with the policyholder, despite specific policy language that probably should have favored the insurer.

QakBot Banking Trojan Evolves and Now Takes Over Email Conversations to Spread Malware

Mar 23, 2022 2:00:06 PM By Stu Sjouwerman

As if stealing all your credentials, cookies, and email wasn’t bad enough, this new version of QakBot inserts itself into your emails, impersonating you to gain access to more victims.

Phishing Scam with Fraudulent Invoice Costs City of Fresno Over $600,000

Mar 23, 2022 1:59:56 PM By Stu Sjouwerman

This simple invoice scam appears to be a part of a much broader campaign targeting municipalities, posing as existing subcontractors.

Exploiting Trust in reCAPTCHA

Mar 23, 2022 8:46:14 AM By Stu Sjouwerman

Researchers at Avanan warn that attackers are using reCAPTCHAs on their phishing sites to avoid detection by security scanners.

SMBs Are 350% More Likely to Experience Social Engineering Attacks Via Phishing

Mar 22, 2022 4:08:43 PM By Stu Sjouwerman

New data shows phishing, social engineering, and impersonation dominate as cybercriminals are becoming more frequent and successful with their attacks.

Chameleons Phish, Too

Mar 21, 2022 10:40:34 AM By Stu Sjouwerman

One of the challenges cyber criminals face is that their scams often have a relatively short shelf-life. Once they’ve been used, the gaff is quickly blown, and the scammers hope to ...

KnowBe4 Named a Leader in The Forrester Wave for Security Awareness and Training Solutions

Mar 17, 2022 8:00:00 AM By Stu Sjouwerman

We’re thrilled to announce that KnowBe4 has been named a Leader in The Forrester WaveTM : Security Awareness and Training Solutions, Q1 2022 report based on our current offering, strategy ...

New Phishing Method Uses VNC to Bypass MFA Measures and Gives Cybercriminals Needed Access

Mar 16, 2022 10:20:57 AM By Stu Sjouwerman

Despite cloud vendors like Google detecting reverse proxies or man-in-the-middle (MiTM) attacks and halting logons to thwart malicious actions, a new method easily gains access.

Security Awareness Training Blog

Phishing Blog

View Topics