KnowBe4

Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Business Email Compromise, Credential Theft, and Many Other Attack Vectors Surged as High as 5x in Q4 2018

The latest data from Proofpoint shows many types of cyberattacks making massive jumps in comparison to both previous quarters and years.
Continue Reading

Cyberheist On Bank Causes Shutdown Of All Operations

Reuters reported that the Bank of Valetta, which accounts for almost half of Malta’s banking transactions, had to shut down all of its operations on Wednesday after hackers broke into its ...
Continue Reading

New York State Education Department Proposes New Regulations to Strengthen PII Security

The new proposed amendments seek to protect the personally identifiable information for students and school personnel accessible by both educational agencies and contractors.
Continue Reading

Risk Alert: Most Users Still Don’t Understand Much About Scams, Attacks, and Cyber Risk

The latest data from Proofpoint shows improvement in user cyber-awareness, but organizations have a long way to go to consider users able to help prevent attacks.
Continue Reading

Bogus Security Alerts Aren’t From Norton

  Con artists are targeting thousands of people with tech support scams that pose as security alerts from Norton Security, researchers at Symantec have found. The phony alerts pop up in ...
Continue Reading

Surge in Email-enabled Healthcare Fraud

Email fraud targeting healthcare professionals has spiked 453% over the past two years, according to a new report by Proofpoint. Proofpoint researchers tracked business email compromise ...
Continue Reading

Company Sues Employee After She Falls For USD 250K CEO Fraud Scam

A woman is being sued for sending approx. 250K of her employer's cash to an online fraudster.  Patricia Reilly, who was working for the UK Peebles Media Group fell for a CEO Fraud Scam ...
Continue Reading

Scammers Still Exploit Hijacked GoDaddy Domains

Criminals are still using hijacked GoDaddy domains to launch large-scale spam campaigns, despite GoDaddy taking steps last month to address the authentication flaw exploited by the ...
Continue Reading

Today I was attacked through an existing vendor using a real email thread

We have been dealing with a vendor of ours for on-hold messages for many years. I send them a Word file with the hold messages, their studio records them, and they send us a wave file ...
Continue Reading

KnowBe4 Fresh Content & Feature Updates - January 2019

Here's a few important updates to share with you for the month of January!
Continue Reading

[Brilliant New Social Engineering Phish] "Please Docusign: Funding For Your Business"

A friend was sent this email and he forwarded it to me. It's a brilliant new social engineering phishing scam. It will sail through all your spam / malware filters and email protection ...
Continue Reading

Awareness Training is the Key to a Culture of Security

Here’s a follow-up to an earlier post of ours, with amplification of points well-worth making.
Continue Reading

It Only Takes 1 Phish: “Unremarkable” Phishing Attack Results in a Breach in the European Union’s Diplomatic Communications Network

A three-year-long cyber-attack led to the successful breach of the all communications between all EU member states, putting countries and their futures at risk.
Continue Reading

International Legal Tech Association: "KnowBe4 Is The Biggest Winner In Awareness Content"

The International Legal Technology Association is the premier peer-driven association for technologists in the legal field. The ILTA's most prestigious publication each year is their ...
Continue Reading

Phishing Kit Uses Custom Font Files to Decode Text

Researchers at Proofpoint discovered a phishing template that uses a unique method for encoding text using web fonts. The researchers found that the source code of the landing page ...
Continue Reading

Judge Calls for County Officials to Resign After Falling Victim to a $500K CEO Fraud Scam

Months after a classic fraud scam took Galveston County for $525,000, County Judge Mark Henry is now asking for the County Auditor and Purchasing Agent to resign.
Continue Reading

Malicious Business Email Campaign Uses Google Cloud Storage to Target Banks and Financial Services Companies

Researchers at Menlo Labs have spotted and tracked a new campaign aimed at tricking employees of US and UK financial firms and banks into downloading Houdini Malware.
Continue Reading

KnowBe4 Fresh Content Update & New Features December 2018

Here's a few important updates to share with you for the month of December!
Continue Reading

You Must Know What You're Clicking On Even With MFA

By Roger Grimes, KnowBe4's Data-driven Defense Evangelist.  I’ve been in computer security for over 30-years and I’ve been giving presentations nearly as long. And in that time, no talk ...
Continue Reading

Iranian Hacker Group Beats 2FA with New Phishing Campaign Targeting Google Users

A new phishing attack method shows that even the mighty two-factor authentication can be beaten without needing to possess a user’s mobile device.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews