Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

[NEW FEATURE] KnowBe4 User Event API Helps You Tailor Security Awareness Training Based on Custom User Risk Events

You already know the importance of frequent year-round simulated phishing attacks and security awareness training for your users to help you build a more resilient and secure ...
Continue Reading

Phishing Attacks Go Mobile as Cybercriminals Leverage Push Notifications

Taking advantage of the inherent trust in mobile content, the bad guys are using a mixture of phishing text messages and look-alike sites to trick users into giving up credentials.
Continue Reading

[Heads-up] The U.S. Launched A Cyber Attack On Iran, And We're Expecting Spear Phishing Strike Backs

The tension in the Middle-East apparently prompted a game-changing move by the U.S. President.  Washington Post sources say exactly 10 years after Stuxnet, the President approved a ...
Continue Reading

UK Forensic Crime Labs Shut Down Due To Ransomware Attack

Every police force across England and Wales has been forced to prioritize evidence for forensic testing following a criminal cyber attack affecting one of the primary forensic service ...
Continue Reading

FBI Alert: Last Week Conflict With Iran Can Cause Spear Phishing Retaliation

This blog post has been superseded by a more recent one.  You can find this new post here.
Continue Reading

Phishing Campaign Impersonates Email Alerts From DHS

An ongoing email-based phishing scam is attempting to fool recipients into opening malicious attachments disguised as notifications from the U.S. Department of Homeland Security (DHS), ...
Continue Reading

Why Do Organizations Still Under-report Cybercrime?

It’s estimated that organizations aren’t engaging with Law Enforcement when becoming a victim of a cybercrime in large numbers. We cover 5 reasons why organizations don’t.
Continue Reading

Bogus Emails: 3.4 Billion Are Sent Every Day...

Research from Valimail shows that at least 3.4 billion phony emails are sent every day, Help Net Security reports. Despite this staggering number, most organizations still aren’t ...
Continue Reading

How Hackers Emptied Church Coffers with a Phishing Attack and Social Engineering Phone Call

Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.
Continue Reading

Hit by Ransomware Attack, Florida City Agrees to Pay Hackers $600,000

It was all over the press, and even made it in the New York Times: "The leaders of Riviera Beach, Fla., looking weary, met quietly this week for an extraordinary vote to pay nearly ...
Continue Reading

[NEW FEATURES] Branded Certificates and End User Surveys

We are excited to announce the release of two new features in the KnowBe4 platform. Branded Certificates and End User Training Surveys!
Continue Reading

Voicemail Phishing Scam Steals Credentials

A new phishing campaign is asking victims to click on a link in an email to download a voicemail, My Online Security reports. When recipients click on the link, they’ll be redirected to a ...
Continue Reading

FBI’s Advice on Spotting Phishing

The FBI’s Internet Crime Complaint Center (IC3) released a PSA warning that attackers are exploiting people’s trust in sites that use HTTPS. Cybersecurity training has in the past rightly ...
Continue Reading

Social Engineering is at the Root of Nearly all Fraud Attacks

According to the latest fraud report from RSA, all four of the documented fraud attack methods use some form of social engineering to trick victims into giving up their money.
Continue Reading

Extortion Threatens Reputational Damage

Scammers are sending emails threatening to damage the reputation of websites unless the sites’ owners hand over 0.3 bitcoin, or around $2,400, according to BleepingComputer.
Continue Reading

The CIA will not Fix Your Online Rap Sheet

Scammers are still posing as CIA employees and telling victims that they’re about to be arrested for their involvement in an international pedophile ring, according to the Register. The ...
Continue Reading

Corporate Email Creates Unavoidable Risk

It’s impossible to avoid the risk of phishing attacks entirely, since employees still need to do their jobs, as Kelly Sheridan at Dark Reading puts it. Sheridan points to a recent report ...
Continue Reading

KnowBe4 Fresh Content and Feature Updates - May 2019

Check out the content and feature updates in the KnowBe4 platform for the month of May!
Continue Reading

It only takes three seconds...

“Statistics suggest the average human being falls for a social engineering attack about four times — with training — before they become ‘inoculated’ against that type of attack,” “Helpful ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews