New Multi-Stage Word Phishing Attack Infects Users Without Using Macros

Feb 15, 2018 11:06:24 AM By Stu Sjouwerman

Spam distributors are using a new technique to infect users with malware, and while this phishing attack relies on having users open Word documents, it does not involve social engineering ...

Lazarus Hacking Group back with new phishing campaign targeting banks and bitcoin users

Feb 15, 2018 10:50:24 AM By Stu Sjouwerman

The North Korean Lazarus Hacking Group, suspected to be behind the WannaCry ransomware attack last year, has returned with a new crime spree, this time targeting financial institutions ...

KnowBe4 Attains SOC 2 Type I Compliance For The Hosted Phishing And Training Product Offerings

Feb 11, 2018 1:59:38 PM By Stu Sjouwerman

KnowBe4, Inc, the world's largest security awareness training and simulated phishing platform, this week announced it has successfully completed a Service Organization Controls (SOC) 2 ...

New Trend In Phishing: Conversation Hijacking

Feb 10, 2018 9:44:47 AM By Stu Sjouwerman

Researchers see a new trend in phishing. Hackers are inserting themselves into email conversations between parties known to and trusted by one another. Once in, they exploit that trust to ...

2018 Winter Olympics Phishing Campaign Hides Evil PowerShell Script In Image

Feb 9, 2018 7:22:05 AM By Stu Sjouwerman

Jonathan, at our friends at Barkly wrote: "Hi all, according to researchers at McAfee, a new malware campaign is targeting organizations associated with the upcoming 2018 Winter Olympics ...

The Simulated Phishing Market Enters Early Adolescence

Feb 7, 2018 7:57:15 AM By Stu Sjouwerman

By Perry Carpenter, KnowBe4 Chief Evangelist and Strategy Officer We certainly live in fun times: Barracuda acquiring PhishLine Microsoft adding limited phishing simulation to Office 365 ...

Microsoft Confirms: "Sending Simulated Phishing Attacks to Your Employees Is a Must"

Feb 5, 2018 10:00:00 AM By Stu Sjouwerman

Well, Microsoft just legitimized the whole new-school security awareness training market. I'm pleased to note that Microsoft has finally acknowledged that organizations need to send ...

Who's Behind This Massive Wave of DDoS and Phishing Attacks Targeting Dutch Banks?

Feb 4, 2018 12:28:25 PM By Stu Sjouwerman

Shortly after the Dutch Volkskrant newspaper story about Netherlands Intelligence agencies compromising the prominent Russsian Cozy Bear hacking group and providing the US with ...

Phishing Messages from the Dark: When the Bad Guys Write Back

Feb 2, 2018 11:42:09 AM By Stu Sjouwerman

By Eric Howes, KnowBe4 Principal Lab Researcher. For most users the experience of dealing with phishing emails is a solitary experience, whether they recognize that they are under attack ...

Scam of The Week: Wave Of Payroll Direct Deposit Phishing Attacks

Feb 1, 2018 3:34:57 PM By Stu Sjouwerman

Lexology had an excellent post from Ogletree Deakins by Rebecca J. Bennett and Danielle Vanderzanden, related to a crafty new phishing scam they warned for and that you should be aware ...

[PHISHING ALERT] "Hey Did You See That Fake AI Porn Movie Of Yourself?"

Jan 27, 2018 10:58:45 AM By Stu Sjouwerman

Heads-up. I am sorry to have to bring up a very distasteful topic, but in the very near future your users will get phishing emails with something close to the ultimate click-bait, luring ...

Look out for More SMiShing This Year

Jan 22, 2018 3:07:04 PM By Stu Sjouwerman

Our friends at Social-Engineer wrote a great post that we are cross-posting here, because we see the same problem happening more and more! "With the new year come new social engineering ...

Scam Of The Week: The Most Sophisticated Netflix Phishing Yet

Jan 20, 2018 10:31:16 AM By Stu Sjouwerman

This Netflix phishing campaign goes after your login, credit card, mugshot and ID! Paul Ducklin at Sophos wrote: "Think of the big security stories of recent months. Security holes like ...

KnowBe4 2017 Top Clicked Phishing Test Analysis

Jan 19, 2018 6:29:39 PM By Stu Sjouwerman

Click on the Picture to download the full infographic in PDF format Looking at the whole of 2017, there were some interesting shifts on what phishing emails were clicked from quarter to ...

Forget Viruses or Ransomware—Is Your Biggest Cyberthreat Greedy Cryptocurrency Miners?

Jan 19, 2018 5:53:48 PM By Stu Sjouwerman

This week, cybersecurity firm Check Point published its regular Global Threat Index. Malware that hijacks workstations to mine cryptocoins has apparently become the most popular infection ...

Business Email Compromise Phishing Attacks Will Exceed $9 Billion This Year

Jan 19, 2018 1:19:51 PM By Stu Sjouwerman

Trend Micro reported that Business Email Compromise (BEC) is projected to skyrocket as attackers use more and more sophisticated social engineering tactics to trick their targets. The ...

Three-Quarters of Businesses Saw Phishing Attacks in 2017

Jan 18, 2018 7:09:45 AM By Stu Sjouwerman

Tara Seals at InfoSecurity Magazine had a good summary of Wombat Security Technologies' annual State of the Phish research report. "The war against phishing is still on, with 76% of ...

Google’s Confusing Gmail Security Alert Looks Exactly Like a Phishing Attempt

Jan 17, 2018 10:26:52 AM By Stu Sjouwerman

Note: I got this too and had a similar reaction last week. Security researchers say the legitimate email is training people to have bad email hygiene. Richard De Vere, a security ...

Spend One Minute And Look At These Phishing Graphs

Jan 16, 2018 10:30:00 AM By Stu Sjouwerman

In the first quarter of 2018, after 7 years of helping our customers to enable their employees to make smarter security decisions and having reached the milestone of 15,000 customers, we ...

[On-Demand Webinar] Phishing Attack Landscape and Benchmarking

Jan 10, 2018 3:54:31 PM By Stu Sjouwerman

The most persistent security challenge you face today is bad guys social engineering your users. Phishing campaigns continue to be hacker’s No.1 preferred attack vector to get your ...

Security Awareness Training Blog

Phishing Blog

View Topics