Verification and Deepfake Fraud Trends in North America

Jun 2, 2023 3:14:33 PM By Stu Sjouwerman

Forced verification fraud and deepfake fraud are on the rise in the US and Canada, according to researchers at Sumsub. Pavel Goldman-Kalaydin, Sumsub’s Head of AI & ML, explains that ...

[Wake-Up Call] It's Time to Focus More on Preventing Spear Phishing

May 31, 2023 2:22:02 PM By Roger Grimes

Fighting spear phishing attacks is the single best thing you can do to prevent breaches.

Spear Phishing Trends in 2023

May 31, 2023 8:57:49 AM By Stu Sjouwerman

50% of organizations surveyed were victims of spear phishing attacks in the last twelve months, according to a new report from Barracuda. The report also found that, on average, ...

“Magic Link” Phishing Attacks Scamming Users With Fake McAfee Renewals

May 30, 2023 9:08:34 AM By Stu Sjouwerman

Threat actors are using encoded phishing links to evade security filters, according to Jeremy Fuchs at Avanan. The phishing emails purport to be notifications from McAfee informing the ...

[Mastering Minds] China's Cognitive Warfare Ambitions Are Social Engineering At Scale

May 26, 2023 1:40:02 PM By Stu Sjouwerman

As the world continues to evolve, so does the nature of warfare. China's People's Liberation Army (PLA) is increasingly focused on "Cognitive Warfare," a term referring to artificial ...

Verizon Sends New Smishing Warning

May 25, 2023 2:38:23 PM By Stu Sjouwerman

Verizon has renewed its warnings to customers about the threat of smishing, a social engineering approach that relies upon texts as opposed to other communication channels like the email ...

[Hands-On Defense] Unpatched Software Causes 33% of Successful Attacks

May 23, 2023 9:55:26 AM By Stu Sjouwerman

As you all know, KnowBe4 frequently promotes security awareness training and we also mention that unpatched software is a distant number two issue after social engineering.

[Microsoft Warning] A 38% Spike In Business Email Compromise with new Cybercrime-as-a-Service

May 23, 2023 8:50:06 AM By Stu Sjouwerman

Microsoft has observed a thirty-eight percent increase in cybercrime-as-a-service (CaaS) offerings for launching business email compromise (BEC) attacks between 2019 and 2022.

AI-generated Disinformation Dipped The Markets Yesterday

May 23, 2023 6:52:11 AM By Stu Sjouwerman

The Insider reported that an apparently AI-generated photo faking an explosion near the Pentagon in D.C. went viral. The Arlington Police Department confirmed that the image and ...

[Free Tool] Find out who falls victim to QR code phishing attacks with our QR Code Phishing Security Test

May 22, 2023 11:00:00 AM By Stu Sjouwerman

According to QRTIGER, an online QR code generator company, dynamic QR code scans increased 433% globally from 2021 to 2022. In 2022, the FBI released a warning that QR codes may be ...

The Face Off: AI Deepfakes and the Threat to the 2024 Election

May 15, 2023 6:22:35 PM By Stu Sjouwerman

The Associated Press warned this week that AI experts have raised concerns about the potential impact of deepfake technology on the upcoming 2024 election. Deepfakes are highly convincing ...

Business Email Compromise and “Confidential” Mergers and Acquisitions

May 10, 2023 10:07:25 AM By Stu Sjouwerman

A newly identified criminal organization has been observed running a large number of business email compromise (BEC) scams. Since February 2021, Abnormal Security reports the gang has ...

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

May 9, 2023 4:43:09 PM By Stu Sjouwerman

The Five Eyes member nations' cybersecurity and intelligence agencies dismantled the infrastructure of the Snake cyber-espionage malware that was operated by Russia's Federal Security ...

Blocking Social Engineering by Foreign Bad Actors: The Role of the New Foreign Malign Influence Center

May 8, 2023 7:02:01 AM By Stu Sjouwerman

The U.S. government created a new office to block disinformation. The new Foreign Malign Influence Center (FMIC) oversees efforts that span U.S. military, law enforcement, intelligence, ...

[Eye Opener] HTML Phishing Attacks Surge by 100% in 12 Months

May 7, 2023 11:57:55 AM By Stu Sjouwerman

The Cyberwire reported: "Barracuda released a study this morning indicating that HTML attacks have doubled since last year.

Response-Based Business Email Compromise Contributes to 97% of Attacks

May 4, 2023 8:39:58 AM By Stu Sjouwerman

The malwareless and seemingly benign nature of business email compromise emails, mixed with impersonation techniques, are difficult to spot as being malicious, making them even more ...

Malware Downloads Facilitated by Social Engineering

May 4, 2023 8:28:47 AM By Stu Sjouwerman

The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated ...

[Feet on the Ground] Stepping Carefully When Making an AI Your BFF

May 2, 2023 1:40:51 PM By Stu Sjouwerman

Bloomberg's Brad Stone wrote an op-ed covering this topic. In the past month, a chatbot called "My AI" or "Sage" has appeared as a new friend for several hundred million Snapchat users. ...

The Two Best Things You Can Do To Protect Yourself and Organization

May 2, 2023 8:22:23 AM By Roger Grimes

Since the beginning, two types of computer attacks (known as initial root cause exploits) have composed the vast majority of successful attacks: social engineering and exploiting ...

Automate Reporting for Security Awareness Training Events and Suspicious Email Remediation Management with Cortex XSOAR and KnowBe4

May 1, 2023 8:00:00 AM By Stu Sjouwerman

Security teams face unique challenges in today’s rapidly-changing landscape of phishing, malware, and other social engineering and cybersecurity threats. Collaboration across disparate ...