Secret Service Warning: Exploiting the Coronavirus for Fraud and Profit.

Mar 11, 2020 1:07:08 PM By Eric Howes

By Eric Howes, KnowBe4 Principal Lab Researcher. On Monday of this week we published a review of the coronavirus-themed emails that had been reported to us by customers using the Phish ...

A Look at Email Security in the US Healthcare Sector

Mar 11, 2020 8:24:41 AM By Stu Sjouwerman

90% of US healthcare organizations experienced email-based attacks in the past year, and 25% of these organizations said the attacks were extremely or very disruptive, according to a new ...

Cyberattacks on MSPs Grow Exponentially as the Focus Shifts to Hold Their Customer’s Data for Ransom

Mar 10, 2020 9:56:37 AM By Stu Sjouwerman

Recent insight from data protection vendor Datto puts MSPs on notices to secure their own environments to protect both their business and that of their customers.

Cruel Hoax Scams Elderly Woman

Mar 10, 2020 8:27:25 AM By Stu Sjouwerman

An 89-year-old woman in Delaware lost $9,500 to scammers who told her that her grandson had been arrested for causing a car accident, Delaware Online reports. The scammers called the ...

Exploiting the Coronavirus: The Spammers, the Scammers, and the Bad Guys

Mar 9, 2020 1:35:06 PM By Eric Howes

By Eric Howes, KnowBe4 Principal Lab Researcher. If you've been paying attention to the news over the past week or so, you've undoubtedly noticed that the majority of the stories on your ...

Use Advocates to Spread Your Security Awareness Training Program

Mar 9, 2020 8:00:00 AM By Roger Grimes

I’ve always been a big fan of train-the-trainer programs. Even if you are a great computer security consultant and trainer, there is a limit to what you, one person or one team, can do. ...

February Content Update: Including Season 2 of Netflix-Style Series 'The Inside Man'

Mar 6, 2020 12:00:34 PM By Stu Sjouwerman

Here are a few important updates to share with you from the month of February.

New Norton LifeLock Phishing Scam Installs Remote Access Trojan

Mar 6, 2020 11:07:39 AM By Stu Sjouwerman

In yet another case of brand impersonation, this new phishing scam seeks out the millions of LifeLock customers and follows a seasoned infection path, with the goal being persistence and ...

Yet Another Utility Company Falls Victim to Ransomware Attack

Mar 5, 2020 3:26:40 PM By Stu Sjouwerman

The latest ransomware attack on yet another utility company echos the warnings from last year’s report on utilities’ readiness for a cyberattack.

Anti-Virus, Identity Protection Phishbait

Mar 5, 2020 8:29:19 AM By Stu Sjouwerman

A phishing campaign is using fake NortonLifelock documents to trick victims into installing a remote access tool, according to researchers at Palo Alto Networks’ Unit 42. The documents ...

KnowBe4 and Agari Announce New Partnership to Transform Phishing Protection

Mar 5, 2020 8:00:00 AM By Stu Sjouwerman

As market leaders, KnowBe4 and Agari have joined forces to help stop identity-based email attacks. Together, we have created a best-in-class approach to defend against phishing attacks at ...

New Sophisticated Credential-Stealing Malware, Forelord, Attacks the Middle East

Mar 4, 2020 5:15:52 PM By Stu Sjouwerman

This latest APT highlights the levels of sophistication attackers will go to just to establish persistence, infect the endpoint, and steal credentials from the victim organization.

Courts Limit Payout on Insurance Claim to Just One Section of the Liability Policy

Mar 4, 2020 5:14:07 PM By Stu Sjouwerman

The latest ruling shows how the courts are becoming well-versed in the ways of cyberattacks, and are holding both insurers and policyholders to the letter of the contract.

Social Security Administration Warns of Phone Scams On March 5th "Slam The Scam Day"

Mar 4, 2020 3:47:47 PM By Stu Sjouwerman

The Social Security Administration in Association with the Federal Trade Commission's (FTC) National Consumer Protection Week, want to remind everyone that scammers are now targeting ...

[On-Demand] Never Assume Breach: Build a Data-Driven Defense Strategy to Secure Your Organization's Most Valuable Assets

Mar 4, 2020 8:47:52 AM By Stu Sjouwerman

Even the world’s most successful organizations have significant weaknesses in their IT security defenses, which today’s determined hackers can exploit at will. There’s even a term for it: ...

Cut-and-Paste Phishbait

Mar 4, 2020 8:21:52 AM By Stu Sjouwerman

Naked Security describes a phishing campaign that’s convincingly spoofing emails from the online payment company Stripe. The email informs the recipient that an unknown device has logged ...

Data Breach After Effects: Consequences and Learning Lessons

Mar 4, 2020 8:17:07 AM By Stu Sjouwerman

If you think your organization is safe from a data breach, think again. Data breaches could be deadly for any organization big or small.

New Sophisticated “Exaggerated Lion” BEC Check Scam Uses Mules to Cash Out

Mar 3, 2020 8:36:45 AM By Stu Sjouwerman

You may wonder exactly how BEC scammers see a payday. New insight from security vendor Agari documents how a secondary check scam dupes unsuspecting victims to help.

Racoon: Infostealer Malware Collects Credentials, Financial and Personal Information

Mar 3, 2020 8:32:40 AM By Stu Sjouwerman

Access to a compromised endpoint may no longer be enough. So, enterprising malware authors offer up infostealers to help exfiltrate valuable data from an infected machine.

None But the Lonely Heart Would Fall for an Emoji

Mar 3, 2020 8:24:20 AM By Stu Sjouwerman

Researchers at Malwarebytes and X-Force IRIS have come across an ongoing phishing campaign that’s using romance-themed emails to distribute the Nemty ransomware, BleepingComputer reports. ...

Security Awareness Training Blog