KnowBe4

Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Ransomware Recovery Expert Scams Victims and Turns Out to be Nothing More than a Bitcoin Middleman

Organizations falling victim to ransomware look for any way to ensure they get their files back. One Belasurian businessman promises decryption but is merely conning victims out of more ...
Continue Reading

WARNING: Your Head of Finance May Be 1 of 50,000 Execs Targeted in BEC Scams

According to a report from email security & protection vendor Agari, the cybercriminal group dubbed London Blue are directing their latest scams at very specific finance execs.
Continue Reading

Giveaway Scam Offers Free Volkswagens to Generate Ad Revenue

A scam campaign is promising free Volkswagen car giveaways to trick social media users into visiting third-party ad servers, according to researchers at Sucuri.
Continue Reading

A Call for More Consumer Privacy Laws Could Spell Penalties in Your Future

In the wake of the Marriott data breach, U.S. senators are calling for tougher privacy laws and stiff fines for organizations that do not properly protect consumer data.
Continue Reading

Scammers are Posing as Huawei’s Captive CFO

An advance fee scam is targeting individuals in China following the arrest of Huawei’s CFO, Meng Wanzou, according to the SANS Internet Storm Center. Ms. Meng, who is also the daughter of ...
Continue Reading

Half of Management Teams Don’t Understand Business Process Compromise

A new survey by Trend Micro reveals that 43% of organizations in twelve countries have been affected by Business Process Compromise (BPC) attacks. In spite of this, 50% of management ...
Continue Reading

Employee Education and Training is a Key Component of a Culture of Security

Organizations need to focus on education and training rather than blaming employees for security gaffes, according to the speakers in a panel debate at Computing′s Enterprise Security and ...
Continue Reading

Cybercriminals Use 1.7 Million Compromised PCs in Botnet Advertising Fraud Scam

The Russian-born, botnet-driven advertising fraud scam, 3ve, generated over $29 million in revenue using fileless malware variant Kovter, botnets, and unsuspecting users.
Continue Reading

Google Maps’ Bank Listings Updated by Scammers

Scammers are taking advantage of Google Maps by modifying the contact information of the service’s bank listings. After replacing banks’ legitimate phone numbers with numbers of their ...
Continue Reading

GreyEnergy Malware Spreads Through Phishing Emails

The GreyEnergy APT primarily uses phishing emails as its initial infection method, according to analysis by Nozomi Networks. The malware has been targeting industrial control systems in ...
Continue Reading

Phishing Emails are Targeting Spotify Users

A phishing campaign is attempting to steal login credentials from Spotify users, according to researchers at AppRiver. The emails ask users to click a hyperlink to confirm their accounts, ...
Continue Reading

Why You Need To Make Security Awareness Training Mandatory. Read This Horror Story.

OK, so here is a horror story that you can prevent from happening in your own organization. Now and then we hear that KnowBe4 customers do not make the security awareness training ...
Continue Reading

Learning a 120K Lesson the Hard Way

The bank isn’t always responsible for making you whole after a business email compromise. Indiana’s Lake Ridge Schools lost more than $120,000 from a seven-million-dollar construction ...
Continue Reading

Attackers Impersonate CEOs to Scam Employees into Sending Gift Cards for the Holidays

A crafty mix of social engineering, great timing, and context act as the perfect ingredients to trick unwitting users into buying gift cards and placing them into the hands of the ...
Continue Reading

[Heads-up] Bad Guys Love Marriott: 500 Million Data Breach Is Phishing Heaven

So I guess we have just reached the tipping point, it's "privacy game over" for business travelers.
Continue Reading

KnowBe4 Fresh Content Update & New Features November 2018

We've got a few content updates in the KnowBe4 Modstore to share with you for the month of November!
Continue Reading

Employers Are Liable If They Don't Protect Employees' Sensitive Personal Information from Attack

A recent ruling from the Pennsylvania Supreme Court on an employee lawsuit against the University of Pittsburgh Medical Center stemming from a data breach should put all employers on ...
Continue Reading

Shadow IT is Alive and Well: One-Third of Employees Deploy Their Own Software

Employees see IT as an “inconvenience” and look for ways to get around security measures, putting the organization at risk, according to SailPoint’s 2018 Market Pulse Survey.
Continue Reading

As You Read This, It's Cyber Monday. How To Avoid The Top 10 Security Threats

InfoSecBuzz asked a number of security experts for their advice on the top security threats and how to avoid them. These are specialists from Alienvault, Cylance, Cybereason, F5 Networks, ...
Continue Reading

[Heads-up] Bad Guys Are Now Taking Over Email Inboxes Without Phishing Attacks

I found a great article in SecurityWeek by Alastair Paterson, the CEO of Digital Shadows. Could not have said it better myself, and he alerted everyone about an attack vector that was ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews