"Get Beyond Security Awareness Training" Does Not Mean Forgetting About It

Dec 23, 2024 5:13:52 PM By Roger Grimes

KnowBe4 is a big believer in focusing on decreasing human risk as the best way to decrease cybersecurity risk in most environments.

Mobile Phishing Attacks Use New Tactic to Bypass Security Measures

Dec 20, 2024 3:49:33 PM By Stu Sjouwerman

ESET has published its threat report for the second half of 2024, outlining a new social engineering tactic targeting mobile banking users.

Attackers Abuse HubSpot’s Free Form Builder to Craft Phishing Pages

Dec 20, 2024 3:49:08 PM By Stu Sjouwerman

A threat actor is abusing HubSpot’s Free Form Builder service to craft credential-harvesting phishing pages, according to Palo Alto Networks’ Unit 42.

AI-Powered Investment Scams Surge: How 'Nomani' Steals Money and Data

Dec 18, 2024 11:16:53 AM By Stu Sjouwerman

Cybersecurity researchers are warning about a new breed of investment scam that combines AI-powered video testimonials, social media malvertising, and phishing tactics to steal money and ...

Phishing Campaign Targets YouTube Creators

Dec 18, 2024 11:16:19 AM By Stu Sjouwerman

An email phishing campaign is targeting popular YouTube creators with phony collaboration offers, according to researchers at CloudSEK. The emails contain OneDrive links designed to trick ...

[Heads Up] Bad Actors Use Voice Phishing in Microsoft Teams To Spread DarkGate Malware

Dec 17, 2024 10:06:36 AM By Stu Sjouwerman

Threat actors are using voice phishing (vishing) attacks via Microsoft Teams in an attempt to trick victims into installing the DarkGate malware, according to researchers at Trend Micro.

Critical Infrastructure Under Siege: 42% Spike in Ransomware Attacks on Utilities

Dec 17, 2024 10:05:27 AM By Stu Sjouwerman

Ransomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November ...

94% of U.K. Businesses Aren’t Adequately Prepared for AI-Driven Phishing Scams

Dec 13, 2024 12:31:54 PM By Stu Sjouwerman

A new report makes it clear that U.K. organizations need to do more security awareness training to ensure their employees don’t fall victim to the evolving use of AI.

Sophisticated Phishing Campaign Attempts to Bypass SEGs

Dec 13, 2024 12:31:28 PM By Stu Sjouwerman

A widespread phishing campaign is attempting to steal credentials from employees working at dozens of organizations around the world, according to researchers at Group-IB.

Mobile Phishing Campaign Targets Job Seekers

Dec 12, 2024 11:39:42 AM By Stu Sjouwerman

Researchers at Zimperium warn that a phishing campaign is targeting Android phones to deliver the Antidot banking trojan.

Nearly Half a Billion Emails in 2024 Were Malicious

Dec 11, 2024 10:29:07 AM By Stu Sjouwerman

A new report from Hornetsecurity has found that 427.8 million emails received by businesses in 2024 contained malicious content.

Unwrapping Cybersecurity: A Festive "Die Hard" Guide

Dec 6, 2024 9:37:45 AM By Javvad Malik

It is the holiday season. Think twinkling lights, the scent of pine, and cyber threats lurking in the shadows, waiting to pounce quicker than Bruce Willis can say, “Yippee ki yay.”

FBI Warns of Cybercriminals Using Generative AI to Launch Phishing Attacks

Dec 6, 2024 9:37:42 AM By Stu Sjouwerman

The US Federal Bureau of Investigation (FBI) warns that threat actors are increasingly using generative AI to increase the persuasiveness of social engineering attacks.

Malicious Loan Apps Target Android Users in Africa, South America and Asia

Nov 27, 2024 12:19:49 PM By Stu Sjouwerman

Researchers at McAfee warn of a surge in malicious loan apps targeting Android users across South America, Southern Asia, and Africa.

Chinese Threat Actor Targets Black Friday Shoppers With Phishing Campaign

Nov 26, 2024 9:39:08 AM By Stu Sjouwerman

Researchers at EclecticIQ warn that the financially motivated Chinese threat actor “SilkSpecter” has launched a phishing campaign targeting Black Friday shoppers across Europe and the US.

U.K. Residents are Victims of the Latest Phishing Scam Targeting Starbuck Customer Credentials

Nov 26, 2024 9:38:48 AM By Stu Sjouwerman

Analysis of a new phishing attack highlight just how easy it can be to spot these kinds of attacks if recipients were properly educated.

Phishing Emails Use SVG Files to Avoid Detection

Nov 22, 2024 11:39:14 AM By Stu Sjouwerman

Phishing emails are increasingly using Scalable Vector Graphics (SVG) attachments to display malicious forms or deliver malware, BleepingComputer reports.

[Heads Up] Bad Actor Uses Deepnude AI Image Generator to Lure And Infect Users

Nov 22, 2024 11:39:11 AM By Stu Sjouwerman

The threat group FIN7 is using the lure of generating nude images of favorite celebrities to get victims to download their NetSupport RAT.

Phishing Attacks Exploits the Open Enrollment Period

Nov 22, 2024 9:18:17 AM By Stu Sjouwerman

A phishing campaign is impersonating HR to target employees who are making annual insurance changes during the open enrollment period, according to researchers at Abnormal Security.

Out of 29 Billion Cybersecurity Events, Phishing was the Primary Method of Initial Attack

Nov 20, 2024 2:22:11 PM By Stu Sjouwerman

The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access.

Security Awareness Training Blog

Social Engineering Blog

View Topics