You Must Know What You're Clicking On Even With MFA

Dec 27, 2018 12:00:56 PM By Roger Grimes

By Roger Grimes, KnowBe4's Data-driven Defense Evangelist. I’ve been in computer security for over 30-years and I’ve been giving presentations nearly as long. And in that time, no talk ...

Iranian Hacker Group Beats 2FA with New Phishing Campaign Targeting Google Users

Dec 24, 2018 2:10:16 PM By Stu Sjouwerman

A new phishing attack method shows that even the mighty two-factor authentication can be beaten without needing to possess a user’s mobile device.

Real Estate Transactions are Increasingly Vulnerable to CEO Fraud

Dec 20, 2018 3:30:07 PM By Stu Sjouwerman

The real estate industry is a particularly attractive target for BEC (Business Email Compromise—also known as CEO Fraud—attacks, according to FBI spokesman David Fitz. Fitz told The ...

UK Companies Cite a Lack of Cybersecurity Support from the Government

Dec 18, 2018 6:58:51 AM By Stu Sjouwerman

With cyberattacks occurring at such a regular frequency, UK organizations are desiring for the government to provide guidance and support on how to prepare for and address attacks.

These Incredibly Realistic Fake Faces Show How AI Can Now Mess With Us

Dec 15, 2018 10:14:50 AM By Stu Sjouwerman

This starts to be more than a bit concerning. The faces in this post look like pretty normal humans. They could be social media shots. However, they were generated by a recent type of ...

Ransomware Recovery Expert Scams Victims and Turns Out to be Nothing More than a Bitcoin Middleman

Dec 13, 2018 4:56:26 PM By Stu Sjouwerman

Organizations falling victim to ransomware look for any way to ensure they get their files back. One Belasurian businessman promises decryption but is merely conning victims out of more ...

WARNING: Your Head of Finance May Be 1 of 50,000 Execs Targeted in BEC Scams

Dec 13, 2018 3:42:59 PM By Stu Sjouwerman

According to a report from email security & protection vendor Agari, the cybercriminal group dubbed London Blue are directing their latest scams at very specific finance execs.

Giveaway Scam Offers Free Volkswagens to Generate Ad Revenue

Dec 12, 2018 5:34:58 PM By Stu Sjouwerman

A scam campaign is promising free Volkswagen car giveaways to trick social media users into visiting third-party ad servers, according to researchers at Sucuri.

A Call for More Consumer Privacy Laws Could Spell Penalties in Your Future

Dec 12, 2018 7:08:44 AM By Stu Sjouwerman

In the wake of the Marriott data breach, U.S. senators are calling for tougher privacy laws and stiff fines for organizations that do not properly protect consumer data.

Scammers are Posing as Huawei’s Captive CFO

Dec 11, 2018 11:54:08 AM By Stu Sjouwerman

An advance fee scam is targeting individuals in China following the arrest of Huawei’s CFO, Meng Wanzou, according to the SANS Internet Storm Center. Ms. Meng, who is also the daughter of ...

Half of Management Teams Don’t Understand Business Process Compromise

Dec 11, 2018 11:47:09 AM By Stu Sjouwerman

A new survey by Trend Micro reveals that 43% of organizations in twelve countries have been affected by Business Process Compromise (BPC) attacks. In spite of this, 50% of management ...

Employee Education and Training is a Key Component of a Culture of Security

Dec 11, 2018 11:33:20 AM By Stu Sjouwerman

Organizations need to focus on education and training rather than blaming employees for security gaffes, according to the speakers in a panel debate at Computing′s Enterprise Security and ...

Cybercriminals Use 1.7 Million Compromised PCs in Botnet Advertising Fraud Scam

Dec 10, 2018 2:09:32 PM By Stu Sjouwerman

The Russian-born, botnet-driven advertising fraud scam, 3ve, generated over $29 million in revenue using fileless malware variant Kovter, botnets, and unsuspecting users.

Google Maps’ Bank Listings Updated by Scammers

Dec 5, 2018 6:37:42 AM By Stu Sjouwerman

Scammers are taking advantage of Google Maps by modifying the contact information of the service’s bank listings. After replacing banks’ legitimate phone numbers with numbers of their ...

GreyEnergy Malware Spreads Through Phishing Emails

Dec 5, 2018 6:32:48 AM By Stu Sjouwerman

The GreyEnergy APT primarily uses phishing emails as its initial infection method, according to analysis by Nozomi Networks. The malware has been targeting industrial control systems in ...

Phishing Emails are Targeting Spotify Users

Dec 5, 2018 6:25:14 AM By Stu Sjouwerman

A phishing campaign is attempting to steal login credentials from Spotify users, according to researchers at AppRiver. The emails ask users to click a hyperlink to confirm their accounts, ...

Why You Need To Make Security Awareness Training Mandatory. Read This Horror Story.

Dec 4, 2018 7:24:15 AM By Stu Sjouwerman

OK, so here is a horror story that you can prevent from happening in your own organization. Now and then we hear that KnowBe4 customers do not make the security awareness training ...

Learning a 120K Lesson the Hard Way

Dec 1, 2018 10:52:26 AM By Stu Sjouwerman

The bank isn’t always responsible for making you whole after a business email compromise. Indiana’s Lake Ridge Schools lost more than $120,000 from a seven-million-dollar construction ...

Attackers Impersonate CEOs to Scam Employees into Sending Gift Cards for the Holidays

Dec 1, 2018 8:07:40 AM By Stu Sjouwerman

A crafty mix of social engineering, great timing, and context act as the perfect ingredients to trick unwitting users into buying gift cards and placing them into the hands of the ...

[Heads-up] Bad Guys Love Marriott: 500 Million Data Breach Is Phishing Heaven

Nov 30, 2018 10:18:39 AM By Stu Sjouwerman

So I guess we have just reached the tipping point, it's "privacy game over" for business travelers.

Security Awareness Training Blog