SMBs Are 350% More Likely to Experience Social Engineering Attacks Via Phishing

Mar 22, 2022 4:08:43 PM By Stu Sjouwerman

New data shows phishing, social engineering, and impersonation dominate as cybercriminals are becoming more frequent and successful with their attacks.

KnowBe4 Named a Leader in The Forrester Wave for Security Awareness and Training Solutions

Mar 17, 2022 8:00:00 AM By Stu Sjouwerman

We’re thrilled to announce that KnowBe4 has been named a Leader in The Forrester WaveTM : Security Awareness and Training Solutions, Q1 2022 report based on our current offering, strategy ...

Shipping Fraud Rises Nearly 800% in 2021

Mar 15, 2022 8:48:09 AM By Stu Sjouwerman

Shipping fraud had a global increase of nearly 800% over the course of 2021, according to TransUnion’s 2022 Global Digital Fraud Trends Report.

Social Engineering through Contact Form

Mar 14, 2022 9:16:00 AM By Stu Sjouwerman

Email is the familiar form of phishing, but there’s an ongoing criminal campaign that follows a different, arguably subtler avenue of approach: the corporate contact form. Abnormal ...

Social Engineering a Major Factor in Cyberattack on Camera Maker Axis Communications

Mar 9, 2022 10:58:04 AM By Stu Sjouwerman

As details of the February attack continue to be divulged, it becomes evident that cybercriminals were able to get past both users and security controls.

[World Premiere] KnowBe4’s New Season 4 of Netflix-Style Security Awareness Video Series - ‘The Inside Man’

Mar 8, 2022 8:30:14 AM By Stu Sjouwerman

We’re thrilled to announce the long-awaited fourth season of the award-winning KnowBe4 Original Series - ‘The Inside Man’ is now available in the KnowBe4 ModStore!

FBI: Scammers Take Business Email Compromise Attacks to Virtual Meeting Platforms

Mar 4, 2022 8:34:12 AM By Stu Sjouwerman

In a new twist on an old scam, BEC attacks switch from email to a virtual meeting where social engineering tactics are used to further establish credibility and increase the likelihood of ...

What It's Like to Be the Face of Romance (Scams)

Mar 3, 2022 8:40:41 AM By Stu Sjouwerman

A real US Army colonel named Daniel Blackmon is being impersonated in hundreds or even thousands of romance scams, according to Haley Britzky at Task & Purpose. The scammers took ...

Scammers Will Take Advantage of New IRS Rules

Mar 1, 2022 9:42:52 AM By Stu Sjouwerman

New IRS requirements will soon be used as phishbait, according to Gene Marks, owner of Marks Group PC and a columnist for the Guardian.

Wartime Suffering as Phishbait

Feb 28, 2022 10:45:46 AM By Stu Sjouwerman

It’s easy to forget, when a hybrid war like the one currently raging in Ukraine is occupying so much attention, that ordinary criminal lowlifes continue to seek victims, and the war only ...

20 Year-Old “Right-to-Left Override” Functionality Used in Attacks to Trick Microsoft 365 Users Out of Credentials

Feb 22, 2022 9:01:58 AM By Stu Sjouwerman

Used to disguise malicious file extensions, this legacy functionality is being repurposed in attacks to obfuscate attachment types and steal credentials in an impressive way.

New QBot Attack Only Takes 30 Minutes to Elevate Privileges and Steal Data

Feb 22, 2022 9:01:50 AM By Stu Sjouwerman

This banking trojan-turned-information-stealer has been around for nearly 15 years. But its latest iteration – seen even in the past few weeks – has stepped up in its’ ability to act ...

The 4 Things You Should Be Doing Right Now To Best Improve Your Cybersecurity

Feb 3, 2022 3:28:15 PM By Roger Grimes

The key to really good cybersecurity is to concentrate on just 4 things. Master them first before you begin to try and do the other hundreds of things that everyone else is going to tell ...

Web Trackers Collect Much More Info About Your Users’ Browsing Activity Than Previously Believed

Feb 3, 2022 8:27:29 AM By Stu Sjouwerman

Researchers at Norton LifeLock have found that web trackers are collecting much more information about users’ browsing activity than had previously been believed. Such trackers can follow ...

Ransomware Operators Try to Recruit Insiders

Jan 26, 2022 8:37:30 AM By Stu Sjouwerman

Sixty-five percent of organizations report that their employees have been contacted by ransomware attackers in an attempt to recruit insider threats, according to researchers at Pulse and ...

A Generational Divide Among Social Engineering Victims

Jan 24, 2022 9:11:49 AM By Stu Sjouwerman

Younger and older people differ in their susceptibility to different types of social engineering attacks, according to researchers at Avast. Younger people tend to fall for scams ...

FBI: US Defense Industry Organizations Targeted with USB-Based Ransomware Attacks

Jan 21, 2022 8:24:40 AM By Stu Sjouwerman

Using mailed out “BadUSB” drives as the initial attack vector, cybercriminals are attempting to infiltrate sensitive networks and infect them with BlackMatter or REvil ransomware strains.

A Cyberespionage Group Uses Social Engineering

Jan 19, 2022 8:33:29 AM By Stu Sjouwerman

A sophisticated China-aligned threat actor is using social engineering to carry out cyberespionage and financially motivated attacks, according to researchers at Trend Micro.

North Korean Cryptocurrency Theft Relies on Social Engineering

Jan 18, 2022 11:59:26 AM By Stu Sjouwerman

A North Korean threat actor being called “BlueNoroff,” a subunit of Pyongyang’s Lazarus Group, has been targeting cryptocurrency startups with financially motivated attacks, researchers ...

Fifty FIFA eSports Accounts Were Hacked Via Social Engineering

Jan 13, 2022 3:08:08 PM By Stu Sjouwerman

Video game maker Electronic Arts (EA) has stated that around fifty high-profile accounts for the soccer game FIFA 22 were hacked after attackers manipulated the company’s customer service ...

Security Awareness Training Blog

Social Engineering Blog

View Topics