Data Breaches Involving Social Engineering Attacks Take Longer to Identify and Contain

Aug 23, 2023 3:28:36 PM By Stu Sjouwerman

Continuing coverage of IBM’s recently-released Cost of a Data Breach report, we focus on the impact attacks involving social engineering have on data breach costs.

Social Engineering Is the Number One Cybersecurity Problem by Far

Aug 23, 2023 1:10:11 PM By Roger Grimes

The number one way that hackers and malware compromise people, devices, and networks is social engineering. No one argues that anymore, but it was not always known or discussed that way. ...

LinkedIn Deception: How a Chinese Spy Tricked Thousands of UK Officials

Aug 23, 2023 10:35:27 AM By Stu Sjouwerman

In last few years, cyber espionage has taken a new form. A recent investigation by The Times has unveiled a Chinese intelligence officer's extensive use of LinkedIn to target UK ...

[FREE RESOURCE KIT] Cybersecurity Awareness Month Kit 2023 Now Available

Aug 15, 2023 9:36:59 AM By Stu Sjouwerman

Get the resources you need to help keep your users safe from malicious social engineering attacks during this year's Cybersecurity Awareness Month with our free resource kit.

Beware of Clickbait PDF Phishing Attacks Lurking in Search Results

Aug 14, 2023 2:51:18 PM By Martin Kraemer

We previously reported independently on PDF-based phishing attacks skyrocketing and the rise of SEO attacks. A recent research study found that the combination of both is quite common. ...

Gootloader Malware Uses Social Engineering to Target Law Firms (or their Clients)

Aug 14, 2023 10:56:30 AM By Stu Sjouwerman

Law firms are being targeted by a large number of social engineering attacks involving the Gootloader malware delivery tool, according to researchers at Trustwave.

[GUIDE] Scary SEO and Waterhole Attacks: What You Need to Know Now

Aug 11, 2023 8:22:22 AM By Roger Grimes

Most social engineering scams search out their potential victims, often sending emails to known email addresses, sending chat messages to them or calling known phone numbers. The ...

KnowBe4’s Interactive Phishing Analysis Center: Keep Your Finger On The Pulse

Aug 8, 2023 1:50:55 PM By Stu Sjouwerman

As a security awareness practitioner, keeping your pulse on industry - and geographical - benchmarking data and best practices is always a good way to measure your organization’s security ...

Most Organizations Using Weak Multifactor Authentication

Aug 8, 2023 10:10:03 AM By Stu Sjouwerman

Most organizations are still using weak forms of multi-factor authentication (MFA), a survey by Nok Nok has found. These forms of MFA can be bypassed if an employee falls for a social ...

GitHub Warns of Social Engineering Campaign Targeting Employees in the Technology Industry

Aug 7, 2023 10:09:34 AM By Stu Sjouwerman

A few weeks ago, GitHub posted on their blog a recent security alert that should have any organization in the tech industry worried.

Boarding Pass Selfies and Cybersecurity Don't Mix

Aug 4, 2023 9:14:42 AM By Stu Sjouwerman

There is no such thing as a vacation for cybercriminals. We recently released our top summer cybersecurity travel tips to help keep you safe. Earlier this year, we posted about ...

Advanced Phishing Campaign Exploits 3rd Parties

Aug 3, 2023 10:27:09 AM By Stu Sjouwerman

Researchers at BlueVoyant warn that attackers are increasingly adding an extra step to their phishing campaigns, impersonating third-parties to lend credibility to the scams.

How KnowBe4 Can Help You Fight Spear Phishing

Jul 27, 2023 8:00:00 AM By Roger Grimes

This blog was co-written by KnowBe4's Data-Driven Defense Evangelist Roger A. Grimes and Chief Learning Officer John Just. Social engineering is involved in 70% to 90% of successful ...

Beware of the Barbie Scam: What You Need to Know After the Recent Movie Release

Jul 26, 2023 8:44:37 AM By Stu Sjouwerman

Scammers are taking advantage of the popularity of the Barbie movie, according to researchers at McAfee.

Phony Browser Updates Deliver NetSupport Trojan Using Social Engineering Tactics

Jul 25, 2023 10:16:41 AM By Stu Sjouwerman

A new social engineering campaign tracked as “FakeSG” is distributing the NetSupport remote access Trojan (RAT) via phony browser updates, according to researchers at Malwarebytes. The ...

[INFOGRAPHIC] KnowBe4’s Content Library by the Numbers

Jul 19, 2023 9:27:35 AM By Stu Sjouwerman

KnowBe4 offers the world’s largest library of always-fresh security awareness and compliance training content that includes assessments, interactive training modules, videos, games, ...

[HEADS UP] See WormGPT, the new "ethics-free" Cyber Crime attack tool

Jul 17, 2023 1:26:05 PM By Stu Sjouwerman

A new generative AI model called “WormGPT” is being offered on cybercrime forums, according to researchers at SlashNext. While other AI tools, such as ChatGPT, have safeguards in place ...

Tailgating Through Physical Security Using Social Engineering Tactics

Jul 13, 2023 9:00:47 AM By Stu Sjouwerman

Researchers at Check Point outline various forms of tailgating attacks. These attacks can allow threat actors to bypass physical security measures via social engineering.

Launch Of New Meta Thread App Spawns Hundreds Of Spoof Domains

Jul 12, 2023 8:56:35 AM By Stu Sjouwerman

Researchers at Veriti have observed hundreds of spoofed domains following Meta’s launch of its Threads social media platform.

Australia’s National Anti-Scam Centre: Prevention Is Better Than the Cure

Jul 10, 2023 10:56:48 AM By Jacqueline Jayne

Australia officially launched their National Anti-Scam Centre this week. With more than AUD $3.1 billion lost each year, Australians need support.

Security Awareness Training Blog

Social Engineering Blog

View Topics