Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Human Risk Management Blog

Social Engineering

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Jun 6, 2025 8:37:54 AM By Roger Grimes

Fake MFA Reset Warning Message

A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish).

Jun 5, 2025 9:03:54 AM By KnowBe4 Team

FBI Alert: Extortion Gang Targets Law Firms With Social Engineering Attacks

The FBI is warning that the Silent Ransom Group (SRG) is targeting law firms with IT-themed social engineering attacks and callback phishing emails.

Jun 5, 2025 9:03:36 AM By KnowBe4 Team

Copyright-Themed Phishing Lures Target Europe

A phishing campaign is targeting European countries with lures themed around copyright infringement, researchers at Cybereason warn.

Jun 3, 2025 12:56:04 PM By Javvad Malik

The Worsening Landscape of Educational Cybersecurity

Last year, KnowBe4's report "Exponential Growth in Cyber Attacks Against Higher Education Institutions" illustrated the growing cyber threats facing universities and colleges.

Jun 2, 2025 9:32:56 AM By Javvad Malik

Beyond Credentials: When Every Data Point Becomes a Weapon

You know what's interesting about data breaches? Everyone focuses on credit card numbers and financial data, but the reality is that every piece of information has value to someone.

Jun 2, 2025 9:32:40 AM By KnowBe4 Team

French Users Targeted by Major Phishing Campaign

Researchers at IBM Security warn that a major phishing campaign is targeting users in France, incorporating leaked personal data to make the emails more convincing.

May 29, 2025 4:25:31 PM By KnowBe4 Threat Lab

Capital One Customers Targeted By Credential Harvesting Phishing Campaign

The KnowBe4 Threat Lab has identified an active phishing campaign impersonating Capital One.

May 27, 2025 4:04:16 PM By Roger Grimes

If I Had Only 20 Seconds To Teach People How To Avoid Scams

Human risk management involves more than security awareness training, but training is a huge part of the mix.

May 19, 2025 4:43:03 PM By KnowBe4 Team

Warning: Phishing Kits Can Auto-Generate Tailored Login Pages

Commodity phishing kits are increasingly serving dynamically generated phishing pages, according to researchers at ESET.

May 16, 2025 2:08:30 PM By KnowBe4 Team

Email-based Attacks Accounted for Most Cyber Insurance Claims Last Year

Business email compromise (BEC) attacks and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024, according to a new report from Coalition.

May 13, 2025 3:32:36 PM By KnowBe4 Team

How to Protect Your Business from Scattered Spider's Latest Attack Methods

Mandiant warns that the Scattered Spider cybercriminal group is using “brazen” social engineering attacks to target large enterprise organizations in a wide range of sectors.

May 7, 2025 2:08:58 PM By Cindy Zhou

Warning: Phishing Campaign Impersonates the US Social Security Administration

Researchers at Malwarebytes warn that phishing emails are impersonating the US Social Security Administration (SSA) to trick users into installing the ScreenConnect remote access tool.

May 1, 2025 4:29:20 PM By Stu Sjouwerman

Email Remains the Top Attack Vector for Cyberattacks

Email is still the most common attack vector for cyber threats, according to a new report from Barracuda.

Apr 29, 2025 10:46:50 AM By Roger Grimes

What Is Device Code Phishing?

Ever since Microsoft’s initial announcement on February 13, 2025, about a Russian nation-state phishing campaign using "device code phishing," many people have been wondering what it is. ...

Apr 29, 2025 10:46:20 AM By Stu Sjouwerman

Criminals Exploit the Death of Pope Francis to Launch Scams

Scammers are exploiting the death of Pope Francis to launch social engineering attacks, according to researchers at Check Point.

Apr 25, 2025 4:04:00 PM By Stu Sjouwerman

Social Engineering Campaign Abuses Zoom to Install Malware

A social engineering campaign is abusing Zoom's remote control feature to take control of victims’ computers and install malware, according to researchers at security firm Trail of Bits.

Apr 24, 2025 3:38:15 PM By Stu Sjouwerman

Half of Organizations Lack Protection Against Email Spoofing

A new report from Valimail has found that 50% of organizations lack effective protection against email spoofing.

Apr 16, 2025 12:13:48 PM By Stu Sjouwerman

How Does Human Risk Management Differ from Security Awareness Training?

In today's cybersecurity landscape, organizations face an ever-present and often underestimated threat: human risk. Despite significant advancements in technological defenses, human error ...

Apr 15, 2025 11:03:55 AM By Stu Sjouwerman

UK Organizations Cite Phishing as the Most Disruptive Type of Cyberattack

Phishing was the most prevalent and disruptive type of attack experienced by UK organizations over the past twelve months, according to the British government’s Cyber Security Breaches ...

Apr 11, 2025 6:49:55 PM By Stu Sjouwerman

Warning: QuickBooks Phishing Campaign Targets Taxpayers

Cybercriminals are capitalizing on tax season by launching phishing campaigns targeting QuickBooks users, Malwarebytes reports.

Subscribe

Search Our Blog


New call-to-action

Subscribe To Our Blog

Posts By Topic

View all

Get the latest insights, trends and security news. Subscribe to CyberheistNews.