Bad News from the (Fake) CDC: You've Got Malware

Apr 3, 2020 9:42:15 AM By Stu Sjouwerman

Malicious actors continue to probe organizations' security and defenses with malicious emails explicitly crafted to create and exploit sense of panic in the wake of the COVID-19. Over the ...

Malicious Actors Release Coronavirus Guidelines for America

Apr 3, 2020 9:40:07 AM By Stu Sjouwerman

You already knew this was going to happen. It was just a matter of waiting. Fast on the heels of the release of President Trump's "Coronavirus Guidelines for America," malicious actors ...

A new ransomware strain called 'Save the Queen’, distributes itself from your own Domain Controllers

Apr 2, 2020 1:47:56 PM By Stu Sjouwerman

Sophisticated cybercriminals have continuously improved the effectiveness of ransomware attacks, according to Yaki Faitelson, co-founder and CEO of Varonis. In an article for Forbes, ...

New Potential Phishing Scam Begins with A Phone Call

Mar 31, 2020 4:10:33 PM By Stu Sjouwerman

A recent suspicious phone call was brought to our attention. It looks to be the beginning of a phishing campaign and demonstrates the lengths cybercriminals will go to in order to ensure ...

70% to 90% of All Malicious Breaches are Due to Social Engineering and Phishing Attacks

Mar 31, 2020 8:50:03 AM By Roger Grimes

If you’ve heard me speak the last two years, read any of my articles, or watched any of my webinars, you’ve probably heard me say, “Seventy to ninety percent of all malicious breaches are ...

The Dilemma: Should you phish test during the COVID-19 pandemic?

Mar 31, 2020 8:45:13 AM By Perry Carpenter

By Perry Carpenter, KnowBe4 Chief Evangelist and Strategy Officer. There’s no question, these are challenging times. Employees and organizations around the world are doing their best to ...

Trends in Phishing, as Seen From a Mountain View

Mar 31, 2020 8:31:06 AM By Stu Sjouwerman

Researchers from Google’s Threat Analysis Group (TAG) released details on recent state-sponsored phishing campaigns from around the world. The researchers said that Google’s phishing ...

Hospitality Provider the Target of an Old-School BadUSB Social Engineering Attack

Mar 26, 2020 7:44:59 PM By Stu Sjouwerman

In what appears to be a mix of old- and new-school social engineering, an attack spotted in the wild using a USB thumb drive offers us a view into how one company could have become the ...

Inception: Your Employee's Mind is the Scene of the Crime

Mar 26, 2020 8:44:33 AM By Javvad Malik

I loved the movie Inception when it came out. It had everything, a stellar cast, amazing visuals, a strong plot, and a twisted end that still has me wondering whether or not they were in ...

[HEADS UP] Cybercriminals Attempt to Exploit Stimulus Package for COVID-19

Mar 26, 2020 8:20:17 AM By Stu Sjouwerman

In several recent blog posts we've showed you the myriad ways in which malicious actors have aggressively -- even ruthlessly -- deployed social engineering tactics to leverage the ...

An Intimate Look at a Nigerian Social Engineer

Mar 23, 2020 10:05:23 AM By Stu Sjouwerman

Researchers at Check Point offer a look at a Nigerian citizen who moonlights as a cybercriminal who uses social engineering techniques. The man, whom the researchers call “Dton,” ...

Just How Lucrative is Cybercrime? According to New Charges Against One Gang, $30 Million Lucrative

Mar 23, 2020 8:28:55 AM By Stu Sjouwerman

The recent arrest and charging of a gang of 24 U.S.-based cybercriminals in Atlanta demonstrates how easy it is to become a cybercriminal and use social engineering tactics to fool people ...

[Heads-Up] Feeding Frenzy: COVID-19 Phishing Attacks Surge as U.S. Reels from Pandemic

Mar 23, 2020 7:00:00 AM By Eric Howes

By Eric Howes, KnowBe4 Principal Lab Researcher. Having already published three blog pieces on the epidemic of Coronavirus-themed phishing emails and spam/scam offerings online (see HERE, ...

Organizations Need To Be Wary Of Home Worker Phishing Risks

Mar 19, 2020 5:31:33 PM By Stu Sjouwerman

Security experts warn that phishing attacks against home workers will rise.

The Effectiveness of Educating End Users With a Test-Out Quiz

Mar 17, 2020 12:54:14 PM By Roger Grimes

Use a “test-out” quiz as a way to get people who are normally resistant to training to proactively take the training. They think they are taking a quiz to avoid the training, but in ...

Coronavirus-Themed Simulated Phishing Templates

Mar 16, 2020 9:48:41 AM By Stu Sjouwerman

The following templates were added to the console this morning:

Hackers Use Interactive Malicious COVID-19 Map to Spread Malware

Mar 14, 2020 10:44:24 AM By Stu Sjouwerman

Cybercriminals constantly latch on to news items that captivate the public’s attention, but usually they do so by sensationalizing the topic or spreading misinformation about it. ...

U.S. Homeland Security: "Malicious Actors Expected To Focus Attacks On Teleworkers. Secure Your VPN"

Mar 14, 2020 9:55:44 AM By Stu Sjouwerman

The Department of Homeland Security's cybersecurity agency this week shared tips on how to properly secure enterprise virtual private networks (VPNs) seeing that a lot of organizations ...

[Heads Up] Your Exfiltrated Ransomware Data Is Now Used To Spearphish Your Business Partners

Mar 12, 2020 1:26:41 PM By Stu Sjouwerman

Ransomware operators are continually improving their tactics to ensure more lucrative payouts, according to Information Security Media Group (ISMG). Over the past several years, attackers ...

[Heads Up!] A Whopping 21 Percent of Phishing Attack URLs Are Not Detected As Malicious For Days After They Go Live

Mar 12, 2020 7:03:09 AM By Stu Sjouwerman

New data from Akamai provides insight into why phishing attacks are making it all the way to the endpoint… and why they can trick users so easily into becoming a victim.

Security Awareness Training Blog

Social Engineering Blog

View Topics