Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Security Awareness Training Blog

Read the latest news about security awareness training, best practices, why you need it, and what happens when you don't have it in place.

View Topics

Business Email Compromise, Credential Theft, and Many Other Attack Vectors Surged as High as 5x in Q4 2018

Feb 14, 2019 11:30:32 AM By Stu Sjouwerman
The latest data from Proofpoint shows many types of cyberattacks making massive jumps in comparison to both previous quarters and years.
Continue Reading

Cyberheist On Bank Causes Shutdown Of All Operations

Feb 14, 2019 8:51:11 AM By Stu Sjouwerman
Reuters reported that the Bank of Valetta, which accounts for almost half of Malta’s banking transactions, had to shut down all of its operations on Wednesday after hackers broke into its ...
Continue Reading

New York State Education Department Proposes New Regulations to Strengthen PII Security

Feb 13, 2019 2:47:23 PM By Stu Sjouwerman
The new proposed amendments seek to protect the personally identifiable information for students and school personnel accessible by both educational agencies and contractors.
Continue Reading

Bogus Security Alerts Aren’t From Norton

Feb 12, 2019 10:55:52 AM By Stu Sjouwerman
Con artists are targeting thousands of people with tech support scams that pose as security alerts from Norton Security, researchers at Symantec have found. The phony alerts pop up in the ...
Continue Reading

Surge in Email-enabled Healthcare Fraud

Feb 12, 2019 10:49:51 AM By Stu Sjouwerman
Email fraud targeting healthcare professionals has spiked 453% over the past two years, according to a new report by Proofpoint. Proofpoint researchers tracked business email compromise ...
Continue Reading

Company Sues Employee After She Falls For USD 250K CEO Fraud Scam

Feb 12, 2019 10:02:32 AM By Stu Sjouwerman
A woman is being sued for sending approx. 250K of her employer's cash to an online fraudster. Patricia Reilly, who was working for the UK Peebles Media Group fell for a CEO Fraud Scam ...
Continue Reading

Scammers Still Exploit Hijacked GoDaddy Domains

Feb 7, 2019 7:18:05 AM By Stu Sjouwerman
Criminals are still using hijacked GoDaddy domains to launch large-scale spam campaigns, despite GoDaddy taking steps last month to address the authentication flaw exploited by the ...
Continue Reading

Today I was attacked through an existing vendor using a real email thread

Feb 5, 2019 10:39:55 AM By Stu Sjouwerman
We have been dealing with a vendor of ours for on-hold messages for many years. I send them a Word file with the hold messages, their studio records them, and they send us a wave file ...
Continue Reading

KnowBe4 Fresh Content & Feature Updates - January 2019

Feb 4, 2019 1:59:09 PM By Stu Sjouwerman
Here's a few important updates to share with you for the month of January!
Continue Reading

[Brilliant New Social Engineering Phish] "Please Docusign: Funding For Your Business"

Jan 31, 2019 7:13:19 AM By Stu Sjouwerman
A friend was sent this email and he forwarded it to me. It's a brilliant new social engineering phishing scam. It will sail through all your spam / malware filters and email protection ...
Continue Reading

Awareness Training is the Key to a Culture of Security

Jan 14, 2019 3:47:52 PM By Stu Sjouwerman
Here’s a follow-up to an earlier post of ours, with amplification of points well-worth making.
Continue Reading

It Only Takes 1 Phish: “Unremarkable” Phishing Attack Results in a Breach in the European Union’s Diplomatic Communications Network

Jan 9, 2019 7:02:51 AM By Stu Sjouwerman
A three-year-long cyber-attack led to the successful breach of the all communications between all EU member states, putting countries and their futures at risk.
Continue Reading

International Legal Tech Association: "KnowBe4 Is The Biggest Winner In Awareness Content"

Jan 5, 2019 11:30:16 AM By Stu Sjouwerman
The International Legal Technology Association is the premier peer-driven association for technologists in the legal field. The ILTA's most prestigious publication each year is their ...
Continue Reading

Phishing Kit Uses Custom Font Files to Decode Text

Jan 5, 2019 10:40:48 AM By Stu Sjouwerman
Researchers at Proofpoint discovered a phishing template that uses a unique method for encoding text using web fonts. The researchers found that the source code of the landing page ...
Continue Reading

Judge Calls for County Officials to Resign After Falling Victim to a $500K CEO Fraud Scam

Jan 1, 2019 8:10:52 AM By Stu Sjouwerman
Months after a classic fraud scam took Galveston County for $525,000, County Judge Mark Henry is now asking for the County Auditor and Purchasing Agent to resign.
Continue Reading

Malicious Business Email Campaign Uses Google Cloud Storage to Target Banks and Financial Services Companies

Dec 27, 2018 5:16:40 PM By Stu Sjouwerman
Researchers at Menlo Labs have spotted and tracked a new campaign aimed at tricking employees of US and UK financial firms and banks into downloading Houdini Malware.
Continue Reading

KnowBe4 Fresh Content Update & New Features December 2018

Dec 27, 2018 1:06:19 PM By Stu Sjouwerman
Here's a few important updates to share with you for the month of December!
Continue Reading

You Must Know What You're Clicking On Even With MFA

Dec 27, 2018 12:00:56 PM By Roger Grimes
By Roger Grimes, KnowBe4's Data-driven Defense Evangelist. I’ve been in computer security for over 30-years and I’ve been giving presentations nearly as long. And in that time, no talk ...
Continue Reading

Iranian Hacker Group Beats 2FA with New Phishing Campaign Targeting Google Users

Dec 24, 2018 2:10:16 PM By Stu Sjouwerman
A new phishing attack method shows that even the mighty two-factor authentication can be beaten without needing to possess a user’s mobile device.
Continue Reading

Real Estate Transactions are Increasingly Vulnerable to CEO Fraud

Dec 20, 2018 3:30:07 PM By Stu Sjouwerman
The real estate industry is a particularly attractive target for BEC (Business Email Compromise—also known as CEO Fraud—attacks, according to FBI spokesman David Fitz. Fitz told The ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews