Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

US Political Campaigns Targeted by Iranian Spear Phishing Attacks

Aug 21, 2024 4:02:10 PM By Stu Sjouwerman
Researchers at Recorded Future’s Insikt Group warn that the Iranian state-sponsored threat actor “GreenCharlie” is launching spear phishing attacks against US political campaigns.
Continue Reading

Cybersecurity in 2024: Reflecting on the Past, Preparing for the Future

Aug 21, 2024 2:33:51 PM By Martin Kraemer
As Europe is returning from summer breaks, it is time to reflect on the first half of 2024 and look forward to the rest of the year.
Continue Reading

Ransomware Group Known as ‘Royal’ Rebrands as BlackSuit and Is Leveraging New Attack Methods

Aug 19, 2024 8:34:46 AM By Stu Sjouwerman
The ransomware threat group formerly known as "Royal" has rebranded itself as BlackSuit and updated their attack methods, warns the FBI.
Continue Reading

Is Disabling Clickable URL Links Enough?

Aug 19, 2024 8:34:42 AM By Roger Grimes
Recently, we had a customer reach out to ask if disabling clickable uniform resource locator (URL) links in emails was enough protection by itself to potentially not need employee ...
Continue Reading

[PROVED] Unsuspecting Call Recipients Are Super Vulnerable to AI Vishing

Aug 16, 2024 3:04:50 PM By Perry Carpenter
Heads-up: I just proved that unsuspecting call recipients are super vulnerable to AI vishing
Continue Reading

Real Social Engineering Attack on KnowBe4 Employee Foiled

Aug 14, 2024 8:38:02 AM By Stu Sjouwerman
DavidB, the KnowBe4 VP of Asia Pacific and Japan, recently experienced a sophisticated social engineering attack via WhatsApp.
Continue Reading

Chameleon Malware Poses as CRM App

Aug 13, 2024 1:54:29 PM By Stu Sjouwerman
Researchers at ThreatFabric warn that a phishing campaign is distributing the Chameleon Android malware by impersonating a Customer Relationship Management (CRM) app. The campaign is ...
Continue Reading

AI Tools Have Increased the Sophistication of Social Engineering Attacks

Aug 6, 2024 2:04:50 PM By Stu Sjouwerman
The Cyber Security Agency of Singapore (CSA) has warned that threat actors are increasingly using AI to enhance phishing and other social engineering attacks, Channel News Asia reports.
Continue Reading

New Malvertising Campaign Impersonates Google Authenticator

Aug 6, 2024 2:04:46 PM By Stu Sjouwerman
Researchers at Malwarebytes spotted a malvertising campaign that abused Google Ads to target people searching for Google Authenticator.
Continue Reading

KnowBe4 Honors the World Famous Hacker for the First National Social Engineering Day

Aug 6, 2024 8:30:00 AM By Stu Sjouwerman
On August 6th, 2024, we celebrate National Social Engineering Day – a new national day established by KnowBe4 and officially recognized by the National Day Calendar. The day aims to ...
Continue Reading

New Research: Smaller Companies Receiving Higher Rates Of Phishing Emails

Aug 2, 2024 9:44:44 AM By Stu Sjouwerman
Researchers at Barracuda have found that smaller companies tend to receive a higher rate of phishing attacks spread across the organization, according to a report looking at the phishing ...
Continue Reading

New Phishing Kit Uses Voice Call Generator to Impersonate Spanish Banks

Jul 30, 2024 1:47:23 PM By Stu Sjouwerman
A new cybercriminal group is selling “a sophisticated AI-powered phishing-as-a-service platform” that targets 36 Spanish banks, according to researchers at Group-IB.
Continue Reading

IoT: Internet of Threats?

Jul 29, 2024 1:50:33 PM By Javvad Malik
The Internet of Things (IoT) has slowly but surely weaved its way into our homes and places of work. From smart homes to industrial control systems, IoT has brought convenience and ...
Continue Reading

QR Code Phishing is Still on the Rise. The SEG is Dead.

Jul 29, 2024 8:19:34 AM By Stu Sjouwerman
Organizations need to be aware of the threat posed by QR code phishing (quishing), according to researchers at Trend Micro.
Continue Reading

Nearly All Ransomware Attacks Now Include Exfiltration of Data…But Not All Are Notified

Jul 29, 2024 8:19:31 AM By Stu Sjouwerman
Organizations are falling victim to ransomware attacks where data is stolen, but the victim isn’t being told about it. I have a theory as to why this is happening.
Continue Reading

North Korean Fake IT Worker FAQ

Jul 25, 2024 7:09:14 AM By Stu Sjouwerman
Frequently Asked Questions About KnowBe4's Fake IT Worker Blog July 23, 2024, I wrote a blog post about how KnowBe4 inadvertently hired a skillful North Korean IT worker who used the ...
Continue Reading

Phishing Campaigns Abuse Cloud Platforms to Target Latin America

Jul 23, 2024 1:55:11 PM By Stu Sjouwerman
Several threat actors are abusing legitimate cloud services to launch phishing attacks against users in Latin America, according to Google’s latest Threat Horizons Report.
Continue Reading

How a North Korean Fake IT Worker Tried to Infiltrate Us

Jul 23, 2024 10:14:55 AM By Stu Sjouwerman
Incident Report Summary: Insider Threat First of all: No illegal access was gained, and no data was lost, compromised, or exfiltrated on any KnowBe4 systems. This is not a data breach ...
Continue Reading

Phishing Attacks Will Likely Follow Last Week’s Global IT Outage

Jul 22, 2024 2:36:16 PM By Stu Sjouwerman
Organizations should expect to see phishing attacks exploiting the global IT outage that occurred last Friday, the Business Post reports.
Continue Reading

[Warn Your Users] High Scam Risk After Failed Trump Assassination

Jul 14, 2024 8:05:51 AM By Stu Sjouwerman
Pictures of Donald Trump rushed from a campaign stage, his cheek brushed with blood from an assassination attempt, are an unsettling shock.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews