Smishing and Carrier Impersonation

Oct 22, 2019 6:47:08 AM By Stu Sjouwerman

While most phishing campaigns involve email, SMS text messages are an ideal alternative for attackers, according to Paul Ducklin at Naked Security. Text messages are brief and uniform in ...

Can An Employee's Bad Conscience Be A Vulnerability?

Oct 21, 2019 7:06:27 AM By Stu Sjouwerman

It can be useful to remember that social engineering succeeds much better when its marks are stressed or hurried. That appears to be the case with an ongoing scam campaign that lays its ...

KnowBe4 Wins ComputingSecurity Award: Education and Training Provider of the Year

Oct 18, 2019 9:43:51 AM By Stu Sjouwerman

We are extremely pleased to announce we won the ComputingSecurity Award for Education and Training Provider of the Year. Here is the team accepting the award.

An Unusually Vile Bit of Social Engineering

Oct 18, 2019 6:59:20 AM By Stu Sjouwerman

A woman in Wales lost £1,000 to a scammer who posed as a police officer and threatened that she would lose her children if she didn’t pay the money within an hour, Wales Online reports. ...

A Lawyer's Look at "Big Game Phishing"

Oct 17, 2019 6:50:18 AM By Stu Sjouwerman

Ransomware attacks have increasingly been going after high-value data in order to extract larger ransoms from victims, according to the well-known law firm Cooley. This trend was ...

Microsoft Recommends: "Top 6 Email Security Best Practices"... And One Of Them Is Phishing Simulations

Oct 17, 2019 6:11:20 AM By Stu Sjouwerman

Girish Chander, Microsoft's Group Program Manager of Office 365 Security wrote an excellent post on their blog titled "Top 6 email security best practices to protect against phishing ...

CRN: "Kevin Mandia -- Detect Spear Phishing, Lock Down CEO Email To Stay Safe"

Oct 15, 2019 7:10:57 AM By Stu Sjouwerman

Michael Novinson at CRN had a great article that really explains the issues we are dealing with. He started out with: "Spear phishing remains the most common way for adversaries to ...

Simjacking is Still a Problem, British Food Writer Lost £5,000

Oct 15, 2019 6:50:20 AM By Stu Sjouwerman

British food writer Jack Monroe lost £5,000 due to a simjacking attack, the BBC reports. In a series of tweets, Monroe said someone had taken over her phone number and used the access to ...

Extremely Embarrassing 250,000-record Data Breach At Hookers.nl

Oct 14, 2019 10:50:12 AM By Stu Sjouwerman

The data of 250,000 users of Hookers.nl, a forum where experiences with prostitutes and escorts are exchanged, have been stolen and offered for sale on the internet. It concerns e-mail ...

Why Hack When You Can Con?

Oct 14, 2019 9:42:25 AM By Stu Sjouwerman

U.S. Organizations Involved with Nuclear Deterrence are the Target of North Korean Phishing Attacks

Oct 14, 2019 7:00:00 AM By Stu Sjouwerman

Using some very sophisticated methods, the Kimsuky group is believed to be behind a spear phishing campaign aimed at stealing U.S. secrets.

[PODCAST] Understanding Social Engineering and Maintaining Healthy Paranoia

Oct 11, 2019 11:05:37 AM By Stu Sjouwerman

Recorded Future's Guest today was Rosa Smothers, senior vice president of cyber operations at KnowBe4, where she leads KnowBe4’s federal practice efforts, including providing ...

Many in Utilities Sector Expect Attacks on Critical Infrastructure: Survey

Oct 11, 2019 7:00:00 AM By Stu Sjouwerman

Ed Kovacs at SecurityWeek reported on something that is one of the few things that keep me "awake at night":

"Staggering" Increase in Business Email Compromise--aka CEO Fraud

Oct 11, 2019 7:00:00 AM By Stu Sjouwerman

Mimecast’s quarterly Email Security Risk Assessment (ESRA) identified millions of dangerous emails making it through security filters, including a 269% increase in business email ...

Cybercriminals Leverage the U.K.’s Strong Customer Authentication Requirement in a New String of Phishing Attacks

Oct 10, 2019 7:00:00 AM By Stu Sjouwerman

Attackers are taking advantage of the requirement to secure online shopping and banking transactions processed within the U.K. to gather personal details of consumers and users alike.

Chinese State-Sponsored Phishing

Oct 9, 2019 7:15:59 AM By Stu Sjouwerman

A sophisticated threat group is going after a variety of industries using spearphishing and an arsenal of malware, according to Nalani Fraser and Fred Plan from FireEye. Fraser and Plan ...

Is Cyberinsurance a Reason for the Rise in Ransomware Attacks?

Oct 9, 2019 7:00:36 AM By Stu Sjouwerman

Are cybercriminals counting on the victim’s simple cost-to-benefit decision to have their cyber-insurer pay the ransom? And, if so, are they targeting companies with cyberinsurance?

Fall LinkedIn Job Postings Are a Prime Vehicle for Job Scams, Cyber Attacks

Oct 9, 2019 6:56:31 AM By Stu Sjouwerman

LinkedIn says the Fall hiring season is very hot right now. With more than 20 million jobs posted, LinkedIn is the perfect way for scammers to trick users into becoming victims.

[Heads up] FBI Warns About Attacks That Bypass Your Multi-factor Authentication (MFA)

Oct 8, 2019 7:01:47 AM By Stu Sjouwerman

Last month, the FBI sent a special alert called a Private Industry Notification (PIN) to industry partners about the rising threat of attacks that bypass their multi-factor authentication ...

New Instagram Phishing Scam Uses Familiar (But Fake) 2FA Codes to Trick Victims

Oct 7, 2019 6:55:43 AM By Stu Sjouwerman

Scammers use familiar verification methods to establish credibility and lull the victim into a false sense of security to compromise Instagram accounts.

Security Awareness Training Blog

Social Engineering Blog

View Topics