[Heads-Up] If This Is True It's A Disaster. Three Major US Antivirus Companies Breached? ***UPDATED

May 12, 2019 10:09:57 AM By Stu Sjouwerman

ARSTECHNICA is getting me worried here. We were all at KB4-CON in Orlando the last few days, and during the conference word got to me that security researchers found out that high-profile ...

[Spoiler!] That Free Avengers: Endgame Download You Found Online? It’s a Scam!

May 12, 2019 8:11:09 AM By Stu Sjouwerman

The lure of watching the latest Avengers movie is enough motivation for some to fall for this scam aimed at collecting your credit card data.

IT and Executives are (Mostly) in Alignment and Both Fear the Phish

May 6, 2019 8:00:00 AM By Stu Sjouwerman

According to the latest from AT&T Cybersecurity, enterprise IT and boardrooms largely see eye-to-eye… and those eyes are watching some very common, yet pervasive, threats.

Brunswick Church Falls For Phishing Scam Of Almost $2 Million

Apr 30, 2019 10:32:59 AM By Stu Sjouwerman

Staff at St. Ambrose Roman Catholic Church in Brunswick say the church was scammed out of nearly $2 million. The church said a phishing email led it to believe that a construction firm ...

PSA: How To Recognize Disinformation

Apr 30, 2019 6:49:28 AM By Stu Sjouwerman

One of the skills everyone needs to prevent social engineering attacks is to recognize disinformation. False information that is intended to mislead people has become an epidemic on the ...

Evil TeamViewer Attacks Under the Guise of the U.S. State Department

Apr 23, 2019 11:43:25 AM By Stu Sjouwerman

A targeted, email-borne attack against embassy officials and government finance authorities globally is making use of a malicious attachment disguised as a top-secret U.S. document. It ...

Spearphishing Boils Down to Basic Social Engineering

Apr 23, 2019 7:13:50 AM By Stu Sjouwerman

While spearphishing attacks may employ various tactics and tools, they all rely on the same underlying human weaknesses to achieve their goals, according to Asaf Cidon from Barracuda ...

Social Engineers Earn a First

Apr 23, 2019 7:09:17 AM By Stu Sjouwerman

A study by nonprofit research company Jisc and the UK’s Higher Education Policy Institute (HEPI) found that 100 percent of spear phishing tests against universities were able to gain ...

Scammers Impersonate Big UK Law

Apr 18, 2019 7:02:45 AM By Stu Sjouwerman

The UK’s Solicitors Regulation Authority (SRA) warned that scammers are impersonating a London law firm, Linklaters LLP, using phony job offers. The documents purport to come from the ...

[SCAM OF THE WEEK]: Notre Dame Disaster Causes FireStorm Of Social Engineering And Misinformation

Apr 16, 2019 7:17:33 AM By Stu Sjouwerman

The Notre Dame Cathedral in Paris caught fire and was barely saved from total destruction. Millions of people visit every year and hundreds of millions feel a powerful, and personal, ...

Spycatching: Social Engineering and the FBI's Insider Threat Experience

Apr 15, 2019 5:11:52 PM By Stu Sjouwerman

We’ve recently shared a link to a podcast, “The Ghost and the Mole,” which revisits the infamous case of FBI Special Agent turned Russian spy Robert Hanssen. Before dismissing this as ...

Free Tool: Phishing Reply Test Identifies Users Likely to Fall Victim to Fraudsters

Apr 2, 2019 10:00:00 AM By Stu Sjouwerman

Highly targeted phishing attacks, known as Business Email Compromise or CEO fraud scams have exceeded $12.5 billion in total known losses worldwide (according to the FBI). These social ...

Kevin Mitnick Demos Password Hack: No Link Click or Attachments Necessary

Mar 25, 2019 10:28:22 AM By Stu Sjouwerman

In this shocking demonstration Kevin Mitnick, KnowBe4's Chief Hacking Officer, shows how hackers can steal a user’s password hash without the user having to click a hyperlink or open an ...

"Hacking Humans" Is The 2019 No. 1 Podcast Covering Social Engineering!

Mar 16, 2019 10:49:23 AM By Stu Sjouwerman

Each week the CyberWire’s Hacking Humans podcast looks behind the social engineering scams, phishing schemes, and criminal exploits that make headlines and take a heavy toll on ...

Credentials and Personal Data Continue to be the Primary Targets of Social Engineering Scams

Mar 14, 2019 1:14:49 PM By Stu Sjouwerman

Targeted attacks are increasing, with cybercriminals focused on stealing information that can be used to impersonate a user and perpetuate their scams.

RSA’s Best Social Engineering News

Mar 11, 2019 7:36:44 AM By Stu Sjouwerman

KnowBe4 was at RSA 2019 this year with two booths, in both the North and South Hall. The show was humongous as usual and a torrent of news was released. I was there and it was a challenge ...

Ins and Outs of Impersonation...and Kidnapping

Mar 5, 2019 3:18:19 PM By Stu Sjouwerman

Impersonation attacks and business email compromise (aka CEO fraud) can lead to far more dangerous consequences than monetary losses, according to Matt Devost from OODA LLC. Devost ...

Kevin Mitnick Demos Outlook Exchange Exploit

Feb 25, 2019 11:44:01 AM By Stu Sjouwerman

In a webinar last week Kevin Mitnick, KnowBe4's Chief Hacking Officer, shared a shocking demonstration of a recent Outlook Exchange exploit in which delegated access is allowed from any ...

[Last Chance] Get an Insider View Into the Methods and Exploits of the World's Most Famous Hacker, Kevin Mitnick

Feb 19, 2019 11:30:50 AM By Stu Sjouwerman

Business Email Compromise, Credential Theft, and Many Other Attack Vectors Surged as High as 5x in Q4 2018

Feb 14, 2019 11:30:32 AM By Stu Sjouwerman

The latest data from Proofpoint shows many types of cyberattacks making massive jumps in comparison to both previous quarters and years.

Security Awareness Training Blog

Social Engineering Blog

View Topics