KnowBe4

Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Phishing Emails Will Always Get Through

Attackers have proven their ability to adapt to improved security measures, and organizations should never assume they’re safe from phishing emails, says Paul Gillin at SiliconANGLE.
Continue Reading

Executives are Out and Employees are In as Cybercriminals Change Their Primary Targets for Cyberattack

Phishing and Social Engineering scammers are shifting tactics, focusing efforts on low-level employees using a variety of methods as a means to cast a wider net within a targeted ...
Continue Reading

Phishing Attacks See Massive Increases and Improvements in Execution with Social Engineering at the Helm

With 98% of malicious emails that hit inboxes containing no malware, the evolution and future of the phish lies squarely in the hands of effective social engineering.
Continue Reading

Why Ransomware Continues to Be an Immensely Profitable Business for Bad Actors

Ransomware, arguably the most efficient malware used by cybercrooks in recent years, continues to wreak havoc on a global scale, affecting everyone and everything, from regular Internet ...
Continue Reading

Social Engineers Earn a First

A study by nonprofit research company Jisc and the UK’s Higher Education Policy Institute (HEPI) found that 100 percent of spear phishing tests against universities were able to gain ...
Continue Reading

Florida Spearphishing: Meddle Globally, Phish Locally

Russian intelligence services sent spearphishing emails to more than 120 email accounts used by Florida election officials in November 2016, according to Special Counsel Robert Mueller’s ...
Continue Reading

Ohio Becomes the Third U.S. State to Adopt the NAIC’s Insurance Data Security Model Law

Ohio joins South Carolina and Michigan to create cybersecurity legislation modeled after the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law.
Continue Reading

Here are few Game of Thrones phishing scams you should know about and how to avoid them

With the Game of Thrones (GoT) Season 8 finally airing, bad guys are using a variety of social engineering tactics to trick your end-users.
Continue Reading

[Heads-up] A GA County School System Only Just Escaped A 2 Million Dollar Cyber Attack

Armor, a leading global cloud security solutions provider, read the news about a recent cyberattack, where hackers targeted the payroll department of the city of Tallahassee, FL and ...
Continue Reading

Scammers Impersonate Big UK Law

The UK’s Solicitors Regulation Authority (SRA) warned that scammers are impersonating a London law firm, Linklaters LLP, using phony job offers. The documents purport to come from the ...
Continue Reading

Smishing Down Under

Banking malware is being installed on Android devices via malicious links in SMS messages, CRN reports. Cisco Talos discovered the malware being advertised on an exploit forum, and found ...
Continue Reading

[SCAM OF THE WEEK]: Notre Dame Disaster Causes FireStorm Of Social Engineering And Misinformation

The Notre Dame Cathedral in Paris caught fire and was barely saved from total destruction. Millions of people visit every year and hundreds of millions feel a powerful, and personal, ...
Continue Reading

Island Hopping Grows in Popularity as Attackers use One Victim to Create the Next

  Cybercriminals no longer see your organization as just their next target; they see the organization as a valuable source of intel and the launch point for their next attack. In business ...
Continue Reading

Insurers Discuss What to Expect from a Ransomware Attack, and How to Defend Yourself Against One

Ransomware tops the list of attacks for insurers of the food and beverage industry. Outdated software and lax user concern for security controls provide attacker with a way in.
Continue Reading

Staff and Students Put School Districts at the Greatest Risk of Cyber Attack

Inadvertent sharing, phishing attacks, and ransomware top the list of attack vectors, with teachers, students, and vendors all contributing to the risk of breach.
Continue Reading

Ottawa City Treasurer sends $128,000 to fraudsters in email phishing scam

The treasurer of the city of Ottawa, Marian Simulik, fell for a business email compromise (BEC) scam and sent $100,000 to a scammer, the city’s auditor general revealed this week. Simulik ...
Continue Reading

[Heads-up] Survey Finds 82% Of You Are Impacted By Payment Fraud

Payment fraud continues to soar, as a record 82 percent of organizations reported incidents in 2018, according to the 2019 AFP Payments Fraud & Control Survey, underwritten by J.P. Morgan.
Continue Reading

A Powerful Malware That Tried To Blow Up A Saudi Plant Strikes Again

A highly capable malware reportedly used in a failed plot to blow up a Saudi petrochemical plant has now been linked to a second compromised facility.
Continue Reading

Organizations Face a 63% Likelihood of Being the Victim of Successful Cyberattack in Next 12 Months

The latest data from 1,200 IT organizations shows organizations seeing attacks as inevitable and, for some industries, successful compromise as even more a given.
Continue Reading

Pro Tip: Social Security Numbers Can’t be “Suspended”

A popular robocall scam is telling people that their Social Security numbers have been “suspended,” and then asking them to call back to speak a government agent about the issue, ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews