Security Awareness Training Blog

Social Engineering Blog

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

Consumer Reports: 9.2 Million Phishing Victims Last Year

Consumer Reports today came out with some numbers that should give you pause. 9.2 Million Americans fell victim to a phishing attack last year, and a whopping 58.2 Million had a malware ...
Continue Reading

Why We Need Security Awareness Training Programs

Continue Reading

$1Million Cyberheist From Leavenworth Hospital

Kevin Mitnick sent me an article that illustrates why it is needed to train all employees not to fall for hacker tricks: "Friday, April 26, 2013 - WENATCHEE — Hackers stole more than $1 ...
Continue Reading

10 Tips To Secure Funding For A Security Program

Over at the CSO site, Dominic Nessi, CIO for Los Angeles World Airports, outlines ten essential tips for getting your financial team on board with your security funding requests.
Continue Reading

Phishing Confusion Example

So, yesterday I received this email from my Identity Theft Provider. Been with them since 2008 so I know how their emails look. Normally I get the "all clear" signal once a month, but ...
Continue Reading

Knowbe4 - CyberheistNews Vol 3, #14

Continue Reading

Automated Twitter DM Spear Phishing

Automated Twitter DM Spear Phishing. It was to be expected. Cyber criminals now are able to scrape your followers from Twitter, and send you a Direct Message (DM) supposedly coming from ...
Continue Reading

Georgia Tech Researchers Try To Stop Spear-phishing

Georgia Tech correctly identified that the most challenging threat facing corporate networks today is “spear phishing.” “Spear phishing is the most popular way to get into a corporate ...
Continue Reading

Osterman Blogs About KnowBe4

Highly regarded IT Analyst Mike Osterman wrote: "Most will agree that despite the enormous amounts spent on secure Web gateways, anti-virus software, cloud-based malware filtering and the ...
Continue Reading

PDF 0-day Vulnerability Being Exploited In The Wild

Last week, Adobe warned customers that a few new exploits that target Acrobat Reader were being exploited in the wild. Keep an eye out for patches that are expected soon. The exploits are ...
Continue Reading

Which Antivirus Has The Best Phishing Protection? Surprise!

I ran across some very interesting research recently done by NSS Labs. They compared twelve of the most popular antivirus engines, they call them endpoint protection products (EPP) and ...
Continue Reading

Feb SANS Monthly Awareness Video

You may be familiar with our friends at SANS. For their 'Securing The Human' team, every month is security awareness month, same as here at KnowBe4. On the first of every month they post ...
Continue Reading

Fake Apple Invoices

Internet criminals are getting more and more inventive with their social engineering attacks. Here are two examples of fake Apple invoices. The first is an example from the Sophos blog ...
Continue Reading

Facebook Scams You Need To Watch Out For

Facebook is loved far and wide by scammers. It's a great pool of an almost unlimited amount of victims, most of whom are gullible enough to fall for the most simple scams. Shooting fish ...
Continue Reading

Upper Management Often Ignores IT Security Policy

Over the years I have had a nagging suspicion that only today was confirmed. I ran into a study done last year done by a company called Cryptzone who interviewed 300 IT Security ...
Continue Reading

Facebook Graph Search Is Social Engineering Bonanza

Zuck has come out with something new, and you always need to watch it when that happens. It's a combination of big data and social networking so that people can easily find new friends, ...
Continue Reading

How to Address Securitys Weakest Link

User Awareness Tops Security Leaders' List of Challenges Tom Field over at the Healthcare Infosecurity Site nails it:" Heading into 2013, security leaders across industry feel confident ...
Continue Reading

Here Are Your 13 Predictions For 2013

Here Are Your 13 Predictions For 2013 - First Quantity, Now Quality: In 2013, cybercrime will focus more on quality than before. They will opt for increasingly smart malware, and more ...
Continue Reading

One phishing email exposes millions of people to data theft in South Carolina cyberattack

NBC News reported: COLUMBIA, S.C. -- A single malicious email sent to workers at the South Carolina Department of Revenue last August enabled an international hacker to crack into state ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews