Why Do You Still Need Security Awareness Training If You Use Phishing-Resistant MFA?

Jun 7, 2023 10:21:14 AM By Roger Grimes

For years, KnowBe4 has been a long-time proponent of everyone using PHISHING-RESISTANT multi-factor authentication (MFA) whenever possible.

North Korean Phishing Campaign Targeting Think Tanks, Academics and Media

Jun 6, 2023 6:28:01 PM By Stu Sjouwerman

The U.S. and South Korean governments have issued a joint advisory outlining a North Korean phishing campaign, The Register reports. The threat actor, known as “Kimsuky,” is targeting ...

[FBI ALERT] Skin Deep: The Scary Reality of New Deepfake-Enabled Sextortion

Jun 5, 2023 6:27:52 PM By Stu Sjouwerman

Today, the FBI alerted warned against a new even more disgusting type of sextortion. Previously, these schemes involved coerced or stolen digital material, but now some criminals are ...

Verification and Deepfake Fraud Trends in North America

Jun 2, 2023 3:14:33 PM By Stu Sjouwerman

Forced verification fraud and deepfake fraud are on the rise in the US and Canada, according to researchers at Sumsub. Pavel Goldman-Kalaydin, Sumsub’s Head of AI & ML, explains that ...

[Wake-Up Call] It's Time to Focus More on Preventing Spear Phishing

May 31, 2023 2:22:02 PM By Roger Grimes

Fighting spear phishing attacks is the single best thing you can do to prevent breaches.

Spear Phishing Trends in 2023

May 31, 2023 8:57:49 AM By Stu Sjouwerman

50% of organizations surveyed were victims of spear phishing attacks in the last twelve months, according to a new report from Barracuda. The report also found that, on average, ...

“Magic Link” Phishing Attacks Scamming Users With Fake McAfee Renewals

May 30, 2023 9:08:34 AM By Stu Sjouwerman

Threat actors are using encoded phishing links to evade security filters, according to Jeremy Fuchs at Avanan. The phishing emails purport to be notifications from McAfee informing the ...

[Mastering Minds] China's Cognitive Warfare Ambitions Are Social Engineering At Scale

May 26, 2023 1:40:02 PM By Stu Sjouwerman

As the world continues to evolve, so does the nature of warfare. China's People's Liberation Army (PLA) is increasingly focused on "Cognitive Warfare," a term referring to artificial ...

Verizon Sends New Smishing Warning

May 25, 2023 2:38:23 PM By Stu Sjouwerman

Verizon has renewed its warnings to customers about the threat of smishing, a social engineering approach that relies upon texts as opposed to other communication channels like the email ...

[Hands-On Defense] Unpatched Software Causes 33% of Successful Attacks

May 23, 2023 9:55:26 AM By Stu Sjouwerman

As you all know, KnowBe4 frequently promotes security awareness training and we also mention that unpatched software is a distant number two issue after social engineering.

[Microsoft Warning] A 38% Spike In Business Email Compromise with new Cybercrime-as-a-Service

May 23, 2023 8:50:06 AM By Stu Sjouwerman

Microsoft has observed a thirty-eight percent increase in cybercrime-as-a-service (CaaS) offerings for launching business email compromise (BEC) attacks between 2019 and 2022.

AI-generated Disinformation Dipped The Markets Yesterday

May 23, 2023 6:52:11 AM By Stu Sjouwerman

The Insider reported that an apparently AI-generated photo faking an explosion near the Pentagon in D.C. went viral. The Arlington Police Department confirmed that the image and ...

[Free Tool] Find out who falls victim to QR code phishing attacks with our QR Code Phishing Security Test

May 22, 2023 11:00:00 AM By Stu Sjouwerman

According to QRTIGER, an online QR code generator company, dynamic QR code scans increased 433% globally from 2021 to 2022. In 2022, the FBI released a warning that QR codes may be ...

The Face Off: AI Deepfakes and the Threat to the 2024 Election

May 15, 2023 6:22:35 PM By Stu Sjouwerman

The Associated Press warned this week that AI experts have raised concerns about the potential impact of deepfake technology on the upcoming 2024 election. Deepfakes are highly convincing ...

Business Email Compromise and “Confidential” Mergers and Acquisitions

May 10, 2023 10:07:25 AM By Stu Sjouwerman

A newly identified criminal organization has been observed running a large number of business email compromise (BEC) scams. Since February 2021, Abnormal Security reports the gang has ...

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

May 9, 2023 4:43:09 PM By Stu Sjouwerman

The Five Eyes member nations' cybersecurity and intelligence agencies dismantled the infrastructure of the Snake cyber-espionage malware that was operated by Russia's Federal Security ...

Blocking Social Engineering by Foreign Bad Actors: The Role of the New Foreign Malign Influence Center

May 8, 2023 7:02:01 AM By Stu Sjouwerman

The U.S. government created a new office to block disinformation. The new Foreign Malign Influence Center (FMIC) oversees efforts that span U.S. military, law enforcement, intelligence, ...

[Eye Opener] HTML Phishing Attacks Surge by 100% in 12 Months

May 7, 2023 11:57:55 AM By Stu Sjouwerman

The Cyberwire reported: "Barracuda released a study this morning indicating that HTML attacks have doubled since last year.

Response-Based Business Email Compromise Contributes to 97% of Attacks

May 4, 2023 8:39:58 AM By Stu Sjouwerman

The malwareless and seemingly benign nature of business email compromise emails, mixed with impersonation techniques, are difficult to spot as being malicious, making them even more ...

Malware Downloads Facilitated by Social Engineering

May 4, 2023 8:28:47 AM By Stu Sjouwerman

The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated ...

Security Awareness Training Blog

Social Engineering Blog

View Topics