KnowBe4

Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

Friday Afternoon, Monday Morning, and Law Firm Risk

Law firm employees appear to be getting better at avoiding real estate scams, says Toni Ryder-McMullin at Today’s Conveyancer. Conveyance is the act of transferring an ownership interest ...
Continue Reading

reCAPTCHA Phishbait Targets Google Users

A phishing campaign is using a phony Google reCAPTCHA system to deliver banking malware, according to researchers at Sucuri. The attackers are sending emails, supposedly from a Polish ...
Continue Reading

Identity Theft by Low-Interest Credit Card Offer

Scammers have stolen large amounts of personal and financial information from thousands of Canadians via fraudulent phone calls offering lower interest rates on credit cards, an ...
Continue Reading

It's The Season for Tax Scams... Again

America's Internal Revenue Service is warning taxpayers about a surge in phishing emails, links, and phone calls during tax season, according to Toni Birdsong at McAfee. The scammers pose ...
Continue Reading

Cyber Espionage Warning: The Most Advanced Hacking Groups Are Getting More Ambitious

Once attackers might have needed the latest zero-days to gain access to corporate networks, but now it's spear-phishing emails using social engineering tactics that are most likely to ...
Continue Reading

The NoRelationship Attack Bypasses Office 365 Email Attachment Security

Attackers are bypassing Office 365 email attachment security by editing the relationship files that are included with Office documents, according to Yoav Nathaniel at Avanan. A ...
Continue Reading

Hackers take over Tampa Mayor Bob Buckhorn's Twitter account, make bomb threat at Tampa Airport

TAMPA, Fla. (WFLA) - Tampa police are investigating a bomb threat made against Tampa International Airport after hackers took over Tampa Mayor Bob Buckhorn’s Twitter account Thursday ...
Continue Reading

Remote Access Credentials Are the Latest Malware Attack Target

The latest iteration of notable banking trojan, Trickbot, now includes a password grabbing module designed to provide cybercriminals with remote access to internal systems.
Continue Reading

It’s Time to Have a Security Plan Around Consumer Data Privacy

The growth in both consumer concern and laws seeking to protect consumer data means organizations need to take specific measures to ensure the safeguarding of customer data.
Continue Reading

Business Email Compromise, Credential Theft, and Many Other Attack Vectors Surged as High as 5x in Q4 2018

The latest data from Proofpoint shows many types of cyberattacks making massive jumps in comparison to both previous quarters and years.
Continue Reading

Cyberheist On Bank Causes Shutdown Of All Operations

Reuters reported that the Bank of Valetta, which accounts for almost half of Malta’s banking transactions, had to shut down all of its operations on Wednesday after hackers broke into its ...
Continue Reading

New York State Education Department Proposes New Regulations to Strengthen PII Security

The new proposed amendments seek to protect the personally identifiable information for students and school personnel accessible by both educational agencies and contractors.
Continue Reading

Risk Alert: Most Users Still Don’t Understand Much About Scams, Attacks, and Cyber Risk

The latest data from Proofpoint shows improvement in user cyber-awareness, but organizations have a long way to go to consider users able to help prevent attacks.
Continue Reading

Bogus Security Alerts Aren’t From Norton

  Con artists are targeting thousands of people with tech support scams that pose as security alerts from Norton Security, researchers at Symantec have found. The phony alerts pop up in ...
Continue Reading

Surge in Email-enabled Healthcare Fraud

Email fraud targeting healthcare professionals has spiked 453% over the past two years, according to a new report by Proofpoint. Proofpoint researchers tracked business email compromise ...
Continue Reading

Company Sues Employee After She Falls For USD 250K CEO Fraud Scam

A woman is being sued for sending approx. 250K of her employer's cash to an online fraudster.  Patricia Reilly, who was working for the UK Peebles Media Group fell for a CEO Fraud Scam ...
Continue Reading

Scammers Still Exploit Hijacked GoDaddy Domains

Criminals are still using hijacked GoDaddy domains to launch large-scale spam campaigns, despite GoDaddy taking steps last month to address the authentication flaw exploited by the ...
Continue Reading

Today I was attacked through an existing vendor using a real email thread

We have been dealing with a vendor of ours for on-hold messages for many years. I send them a Word file with the hold messages, their studio records them, and they send us a wave file ...
Continue Reading

KnowBe4 Fresh Content & Feature Updates - January 2019

Here's a few important updates to share with you for the month of January!
Continue Reading

[Brilliant New Social Engineering Phish] "Please Docusign: Funding For Your Business"

A friend was sent this email and he forwarded it to me. It's a brilliant new social engineering phishing scam. It will sail through all your spam / malware filters and email protection ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews