Credentials and Personal Data Continue to be the Primary Targets of Social Engineering Scams

Mar 14, 2019 1:14:49 PM By Stu Sjouwerman

Targeted attacks are increasing, with cybercriminals focused on stealing information that can be used to impersonate a user and perpetuate their scams.

RSA’s Best Social Engineering News

Mar 11, 2019 7:36:44 AM By Stu Sjouwerman

KnowBe4 was at RSA 2019 this year with two booths, in both the North and South Hall. The show was humongous as usual and a torrent of news was released. I was there and it was a challenge ...

Ins and Outs of Impersonation...and Kidnapping

Mar 5, 2019 3:18:19 PM By Stu Sjouwerman

Impersonation attacks and business email compromise (aka CEO fraud) can lead to far more dangerous consequences than monetary losses, according to Matt Devost from OODA LLC. Devost ...

Kevin Mitnick Demos Outlook Exchange Exploit

Feb 25, 2019 11:44:01 AM By Stu Sjouwerman

In a webinar last week Kevin Mitnick, KnowBe4's Chief Hacking Officer, shared a shocking demonstration of a recent Outlook Exchange exploit in which delegated access is allowed from any ...

[Last Chance] Get an Insider View Into the Methods and Exploits of the World's Most Famous Hacker, Kevin Mitnick

Feb 19, 2019 11:30:50 AM By Stu Sjouwerman

Business Email Compromise, Credential Theft, and Many Other Attack Vectors Surged as High as 5x in Q4 2018

Feb 14, 2019 11:30:32 AM By Stu Sjouwerman

The latest data from Proofpoint shows many types of cyberattacks making massive jumps in comparison to both previous quarters and years.

[On-demand Webinar] Get an Insider View Into the Methods and Exploits of the World's Most Famous Hacker, Kevin Mitnick

Feb 11, 2019 2:16:07 PM By Stu Sjouwerman

Many of the world's most reputable organizations rely on Kevin Mitnick, the world's most famous hacker and KnowBe4's Chief Hacking Officer, to uncover their most dangerous security flaws. ...

Social Engineering Comes to Wikipedia

Feb 6, 2019 6:55:23 AM By Stu Sjouwerman

Attackers are selectively editing Wikipedia articles to lend credibility to tech support scams, according to Rob VandenBrink at the SANS Internet Storm Center. The Wikipedia page for the ...

Sextortion Phishing Scam Exploits Recent Breach Fears

Feb 5, 2019 7:23:09 AM By Stu Sjouwerman

Sextortion scam emails are circulating which claim that a popular adult site has been hacked, allowing an attacker to record videos of users through their webcams, according to Lawrence ...

[Brilliant New Social Engineering Phish] "Please Docusign: Funding For Your Business"

Jan 31, 2019 7:13:19 AM By Stu Sjouwerman

A friend was sent this email and he forwarded it to me. It's a brilliant new social engineering phishing scam. It will sail through all your spam / malware filters and email protection ...

"Hacking Humans" Is The No. 1 Podcast Covering Social Engineering!

Jan 30, 2019 11:33:50 AM By Stu Sjouwerman

Each week the CyberWire’s Hacking Humans podcast looks behind the social engineering scams, phishing schemes, and criminal exploits that make headlines and take a heavy toll on ...

Social Engineering Testing: Why Getting Hacked Is a Security Advantage

Jan 28, 2019 3:42:55 PM By Stu Sjouwerman

Stephanie Carruthers, People Hacker for IBM- X-Force Red wrote an excellent post about the need for red-teaming and pentesting your own organization. I'll quote the first paragraph or so, ...

Online Job Offer Turns Would-Be Applicant into Unwitting Conspirator in Malware Attack

Jan 25, 2019 7:17:51 AM By Stu Sjouwerman

The context of contacting the victim via a credible website may be all that was needed to trick one job seeker into installing malware on the network of a bank.

Criminals Make Off With USD $150,000 in Business Email Compromise Real Estate Scam

Jan 22, 2019 5:20:21 PM By Stu Sjouwerman

Scammers stole $150,000 from a woman during a real estate transaction last year, according to Lisa Vaas at Naked Security. Mireille Appert, a Swiss woman who lives in the United States, ...

Firm in $1.7-million dispute with insurer because of social engineering fraud

Jan 21, 2019 1:58:05 PM By Stu Sjouwerman

Global law firm Dentons Canada LLP is locked in a $1.7-millon dispute with its insurer after staff at the firm’s Vancouver office fell victim to an alleged social engineering attack.

Gartner's Neil Wynne: "Email Phishing is a Growing Threat"

Dec 20, 2018 3:21:41 PM By Stu Sjouwerman

Email phishing is a top threat to organizations because it works so well, according to Neil Wynne, principal and analyst for secure business enablement at Gartner. Wynne told Stephanie ...

Is that phone call really from Amazon?

Dec 20, 2018 1:35:51 PM By Eric Howes

By Eric Howes, KnowBe4 Principal Lab Researcher. Now that it's the holiday season, malicious parties across the globe are exploiting Amazon's good name and popularity with consumers to ...

CrowdStrike: Compelling Stories From The Cyber Intrusion Casebook 2018

Dec 15, 2018 2:51:34 PM By Stu Sjouwerman

From the Front Lines of Incident Response, the CrowdStrike Services Cyber Intrusion Casebook 2018 offers some compelling stories how threat actors are continuously adopting new means to ...

[Heads-up] New Email Extortion Scam Bomb Threat Demands Bitcoin

Dec 13, 2018 5:34:15 PM By Stu Sjouwerman

A new email extortion scam is making the rounds, threatening that someone has planted bombs within the recipient's building that will be detonated unless a hefty bitcoin ransom is paid by ...

WARNING: Your Head of Finance May Be 1 of 50,000 Execs Targeted in BEC Scams

Dec 13, 2018 3:42:59 PM By Stu Sjouwerman

According to a report from email security & protection vendor Agari, the cybercriminal group dubbed London Blue are directing their latest scams at very specific finance execs.

Security Awareness Training Blog

Social Engineering Blog

View Topics