Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Hackers: Social Engineering is Easier

Oct 2, 2018 5:15:41 PM By Stu Sjouwerman
Despite the presence of application and OS vulnerabilities – both new and old – hackers prefer to leverage social engineering as their preferred attack method.
Continue Reading

[Heads-up] Now In The Wild: New Super Evil Rootkit Survives Even "Nuke From Orbit" And HD Swap

Sep 30, 2018 7:56:38 AM By Stu Sjouwerman
This thing is a nightmare that escaped into daylight. The Russian GRU—aka Fancy Bear—probably was riveted reading the Wikileaks CIA Vault 7 UEFI Rootkit docs (PDF) and built one of these ...
Continue Reading

Kevin Mitnick weighs in on Facebook's big security breach

Sep 29, 2018 9:58:59 AM By Stu Sjouwerman
It was all over the news, and CNBC interviewed KnowBe4's very own Chief Hacking Officer Kevin Mitnick (note the StreetCred box on the right).
Continue Reading

[InfoGraphic] 20 Ways to Block Mobile Attacks

Sep 28, 2018 5:14:43 PM By Stu Sjouwerman
To start your National Cyber Security Awareness Month (NCSAM) here is a goodie for your users to kick things off.
Continue Reading

The Cybercrime Economy Makes It Impossible to Stop

Sep 28, 2018 12:33:29 PM By Stu Sjouwerman
The operation run by botnet author Peter Levashov demonstrates how easy it is for would-be criminals to get into the business.
Continue Reading

Holiday Threat No. 1: Evil Twin Domains With A "Trusted" SSL/TSL Certificate

Sep 27, 2018 11:38:19 AM By Stu Sjouwerman
As the holiday season approaches, cybercriminals are set to scam your users out of their personal money but also your organizational budget.
Continue Reading

Brand-New Tool: Domain Doppelgänger Identifies Evil Twin Domains

Sep 27, 2018 10:56:40 AM By Stu Sjouwerman
I gave you a heads-up a few days ago, and now I'm excited to announce the actual release of a new tool to help protect your organization from cybercriminals.
Continue Reading

Phone Scam Impersonates Sheriff’s Office Using Judge’s Name

Sep 26, 2018 5:42:04 PM By Stu Sjouwerman
The US Marshals Service has stated that a new phone scam is targeting residents of Marshall, Texas. The scammer claims to be from the local sheriff’s office and tells residents that the ...
Continue Reading

Reminder: In Spite of Windows Flaws, Hackers Prefer Social Engineering

Sep 24, 2018 7:13:06 AM By Stu Sjouwerman
Nearly half of hackers surveyed at the recent Black Hat conference in Las Vegas admitted easily compromising both Windows 8 and 10 in the past year.
Continue Reading

Looking at Cyber Attacks From the Inside Out, It’s All About Social Engineering

Sep 21, 2018 2:14:56 PM By Stu Sjouwerman
Frances Zelazny, Vice President of BioCatch, gave a recent Tech Republic interview to share some insight into how hackers can access your passwords. It's familiar but worth reviewing, ...
Continue Reading

Social Engineering, Just a Call Away

Sep 19, 2018 5:38:50 PM By Stu Sjouwerman
An email arrives, and you think it’s from your boss. Because it has your boss’s name on it, there's a huge psychological response, and you tend do what is requested. After a cordial ...
Continue Reading

When Does Effective Persuasion Become Manipulation and Social Engineering?

Sep 18, 2018 1:43:05 PM By Stu Sjouwerman
There’s a fine but clear line between ethical and unethical persuasion, says Joe Gray, a security consultant from the “Advanced Persistent Security” blog and podcast. Gray recently ...
Continue Reading

Your Users May Be Too Embarrassed to Report Email Scams

Sep 14, 2018 9:47:38 AM By Stu Sjouwerman
New research shows 25% of users falling victim to impersonation fraud were so ashamed they chose not to report it. Even worse, many don’t know how to spot the scam.
Continue Reading

Universities Are Still Targeted With Phishing Attacks By Iranian Hackers

Aug 25, 2018 9:06:51 AM By Stu Sjouwerman
Secureworks® Counter Threat Unit™ (CTU) researchers reported that despite indictments in March 2018, the Iranian threat group is likely responsible for a large-scale campaign that ...
Continue Reading

Black Hat Puts Long-Term Social Engineering on Display

Aug 20, 2018 1:59:30 PM By Stu Sjouwerman
Continue Reading

Hackbusters - Where Can You Discuss All Things Social Engineering?

Aug 19, 2018 2:48:33 PM By Stu Sjouwerman
The KnowBe4 Hackbuster’s Forum is an online community dedicated to stopping the bad guys that use social engineering to hack your organization.
Continue Reading

[On-Demand Webinar] Exposing the Dirty Little Secrets of Social Engineering, Featuring Kevin Mitnick

Aug 14, 2018 4:11:53 PM By Stu Sjouwerman
In this rare event, Kevin Mitnick, the world's most famous hacker and KnowBe4's Chief Hacking Officer, along with Perry Carpenter, KnowBe4’s Chief Evangelist and Strategy Officer, will ...
Continue Reading

Is IT Even Trying to Thwart Social Engineering Attacks?

Aug 13, 2018 11:18:42 AM By Stu Sjouwerman
With so much else on their plate, are today’s IT organizations doing enough to protect the organization against social engineering and phishing attacks?
Continue Reading

Yes, Google's Security Key Is Hackable

Jul 26, 2018 2:22:03 PM By Roger Grimes
Here is an article by Roger Grimes, Data-Driven Defense Evangelist at KnowBe4 Ever since Google told the world that none of its 85,000 employees had been successfully hacked since they ...
Continue Reading

Effective Social Engineering Matters More than Zero-Days

Jul 20, 2018 12:07:51 PM By Stu Sjouwerman
There's an interesting criminal campaign in progress against government targets in Ukraine. Note that we usually first see them there, and then they spread out to Western Europe and the ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews