Fake Zoom Downloader is the Latest Method of Attack on Remote Workers

May 7, 2020 10:33:08 AM By Stu Sjouwerman

Riding on the coattails of the massive rise in popularity in the video conference solution, remote workers new to Zoom need to be wary of where they download the installer.

Cybercriminals Lean Heavily on Social Engineering Tactics to Gain Access to Bank Accounts

May 7, 2020 10:30:09 AM By Stu Sjouwerman

A series of attack anecdotes shared by Brian Krebs shows how persistent and sophisticated scammers are in using social engineering tactics to gain access to their victim’s bank account ...

COVID-19 Security Hints & Tips Email Templates In 10 Additional Languages

May 7, 2020 10:14:12 AM By Stu Sjouwerman

The Product Content team is happy to announce that our 9 COVID-19 Security Hints and Tips email templates are now available in 10 additional languages. The new emails are available in: ...

It's World Password Day 2020 - Is Your Organization Safe?

May 7, 2020 8:22:37 AM By Stu Sjouwerman

Today is World Password Day, a holiday created by Intel on the first Thursday of May to ensure everyone knows password best practices. “P@ssW0rd” has never been a safe password to use to ...

Some Phishers Who Know Their Trade

May 7, 2020 8:19:31 AM By Stu Sjouwerman

Researchers at Votiro have come across well-crafted phishing emails that purport to come from UPS, FedEx, and DHL. All of the emails contain malicious Excel attachments that will install ...

What is the Right Password Policy?

May 7, 2020 8:15:00 AM By Roger Grimes

What is the right password policy? Conventional password policies say you must have a password at least 8-12 characters long…16 characters or longer if it belongs to an elevated ...

Implausible Phishbait, But Someone May Bite

May 6, 2020 8:24:27 AM By Stu Sjouwerman

Scammers are impersonating FINRA, the Financial Industry Regulatory Authority, in an attempt to deliver malware or steal SharePoint credentials, Help Net Security reports. FINRA issued an ...

[HEADS UP] Coronavirus in Australia: Government Warns Phishing Email Target

May 5, 2020 10:19:35 AM By Stu Sjouwerman

A phishing email has been circulating during the pandemic in Australia. Australians are being warned to look out for phishing scams during the coronavirus pandemic, with a new dodgy email ...

1,000+ SEC Filings Show Ransomware an On-Going Risk for Public Companies

May 5, 2020 9:56:02 AM By Stu Sjouwerman

As public companies seek to improve their cybersecurity posture, they also work to comply with SEC formal guidance to disclose cybersecurity risk, highlighting ransomware as a key factor.

Medical Suppliers Targeted With Agent Tesla Infostealer

May 5, 2020 8:28:41 AM By Stu Sjouwerman

Researchers at Fortinet have identified a spear phishing campaign targeting medical suppliers with COVID-19-themed emails. The emails contain choppy grammar, but the message is clear ...

PerSwaysion: Convincing Executives to Act Against Their Own Interest

May 4, 2020 8:26:14 AM By Stu Sjouwerman

Researchers at Group-IB have discovered a sophisticated spear phishing campaign that’s targeted executives at more than 150 companies around the world since mid-2019. The researchers have ...

GitHub is the Latest Target of Social Engineering Phishing Attacks

May 4, 2020 7:15:00 AM By Stu Sjouwerman

Using simple alert-style email notices, scammers look to steal credentials to gain access to development code, intellectual property, and project details.

Zelle Users Continue to be the Target of Scams Intent on Fraud

May 4, 2020 7:05:00 AM By Stu Sjouwerman

The wildly popular payment app is a cybercriminals playground where users are easy prey for money laundering, scams, mules, and just plain old fraud.

Half of all Breaches Start with Phishing and Social Engineering

May 4, 2020 7:03:00 AM By Stu Sjouwerman

New data shows successful attacks on internal networks, cloud environments, and POS systems all are very susceptible to this common attack vector.

The Need for Pandemic Financial Relief Spurs a Phishing Attack Impersonating the U.S. Federal Reserve

May 4, 2020 7:00:00 AM By Stu Sjouwerman

Scammers use realistic-looking emails and a well-designed website under the guise of the Paycheck Protection Program to trick victims into providing banking credentials.

Is That COVID-19 Email Legitimate or a Phish?

May 1, 2020 8:39:23 AM By Roger Grimes

It’s no surprise that phishers and scammers are using the avalanche of new information and events involving the global coronavirus pandemic as a way to successfully phish more victims. ...

April Content Update: Including New Work from Home Training Module from Twist & Shout

Apr 30, 2020 11:14:22 AM By Stu Sjouwerman

Here are a few important updates and news to share with you from the past month.

Scammers Can Use Recent Transactions to Trick You

Apr 30, 2020 8:53:09 AM By Stu Sjouwerman

KrebsOnSecurity reports that scammers are using caller ID spoofing to impersonate their victims, and then socially engineering victims’ banks into divulging information about recent ...

[NEW FEATURE] Brandable Content Now Available

Apr 30, 2020 8:00:00 AM By Stu Sjouwerman

You asked, we listened! We’re excited to introduce the new Brandable Content feature within your KnowBe4 platform! You now have the option to add branded custom content to the beginning ...

[Heads Up] Microsoft: Ransomware Gangs That Don't Threaten To Leak Your Data Steal It Anyway

Apr 29, 2020 3:34:37 PM By Stu Sjouwerman

That means you can from now on count a ransomware infection as a data breach with all the consequences that this brings. Moreover, the so-called "human-operated" ransomware gangs have ...

Security Awareness Training Blog