Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Phishing Campaign Attempts to Bypass iOS Protections

An SMS phishing (smishing) campaign is attempting to trick Apple device users into disabling measures designed to protect them against malicious links, BleepingComputer reports.
Continue Reading

Effective Security Awareness Training Really Does Reduce Data Breaches

Social engineering and phishing are involved in 70% - 90% of data breaches. No other root cause of malicious hacking (e.g., unpatched software and firmware, eavesdropping, cryptography ...
Continue Reading

Your KnowBe4 Compliance Plus Fresh Content Updates from December 2024

Check out the December updates in Compliance Plus so you can stay on top of featured compliance training content.
Continue Reading

Ransomware Gangs Claimed More Than 5,000 Attacks in 2024

Ransomware groups claimed responsibility for 5,461 attacks in 2024, with 1,204 of these attacks being publicly confirmed by victim organizations, according to Comparitech’s latest ...
Continue Reading

Your KnowBe4 Fresh Content Updates from December 2024

Check out the 52 new pieces of training content added in December, alongside the always fresh content update highlights, new features and events.
Continue Reading

Japan Attributes More Than 200 Cyberattacks to China Threat Actor "MirrorFace"

Japan’s National Police Agency (NPA) has attributed more than 200 cyber incidents over the past five years to the China-aligned threat actor “MirrorFace,” Infosecurity Magazine reports.
Continue Reading

FTC Warns Immigrants About Rising Social Media Immigration Scams

The Federal Trade Commission (FTC) has issued an urgent warning about a surge in immigration scams targeting immigrants and their families on social media platforms like Facebook.
Continue Reading

"Get Beyond Security Awareness Training" Does Not Mean Forgetting About It

KnowBe4 is a big believer in focusing on decreasing human risk as the best way to decrease cybersecurity risk in most environments.
Continue Reading

James Bond-Style Scamming Profits Explode

There is a type of scam where victims are contacted by someone fraudulently posing as a popular trusted entity (e.g., Amazon, U.S. Post Office, etc.), law enforcement, or an intelligence ...
Continue Reading

Phishing Campaign Targets YouTube Creators

An email phishing campaign is targeting popular YouTube creators with phony collaboration offers, according to researchers at CloudSEK. The emails contain OneDrive links designed to trick ...
Continue Reading

94% of U.K. Businesses Aren’t Adequately Prepared for AI-Driven Phishing Scams

A new report makes it clear that U.K. organizations need to do more security awareness training to ensure their employees don’t fall victim to the evolving use of AI.
Continue Reading

Sophisticated Phishing Campaign Attempts to Bypass SEGs

A widespread phishing campaign is attempting to steal credentials from employees working at dozens of organizations around the world, according to researchers at Group-IB.
Continue Reading

Mobile Phishing Campaign Targets Job Seekers

Researchers at Zimperium warn that a phishing campaign is targeting Android phones to deliver the Antidot banking trojan.
Continue Reading

Nearly Half a Billion Emails in 2024 Were Malicious

A new report from Hornetsecurity has found that 427.8 million emails received by businesses in 2024 contained malicious content.
Continue Reading

Phishing Attacks Are Now Leveraging Google Ads to Hijack Employee Payments

Researchers at Silent Push warn that a phishing campaign is using malicious Google Ads to conduct payroll redirect scams.
Continue Reading

Phishing Holds the Top Spot as the Primary Entry Point for Ransomware Attacks

New analysis of ransomware attacks shows that phishing is the primary delivery method and organizations need to offer more effective security awareness training to mitigate the threat.
Continue Reading

Your KnowBe4 Compliance Plus Fresh Content Updates from November 2024

Check out the November updates in Compliance Plus so you can stay on top of featured compliance training content.
Continue Reading

Your KnowBe4 Fresh Content Updates from November 2024

Check out the 84 new pieces of training content added in November, alongside the always fresh content update highlights, events and new features.
Continue Reading

Chinese Threat Actor Targets Black Friday Shoppers With Phishing Campaign

Researchers at EclecticIQ warn that the financially motivated Chinese threat actor “SilkSpecter” has launched a phishing campaign targeting Black Friday shoppers across Europe and the US.
Continue Reading

Phishing Attacks Exploits the Open Enrollment Period

A phishing campaign is impersonating HR to target employees who are making annual insurance changes during the open enrollment period, according to researchers at Abnormal Security.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews