KnowBe4

Security Awareness Training Blog

Spear Phishing Blog

Learn about current spear phishing attacks, specific examples, and techniques the bad guys are currently using so your users don't fall for these attacks.

Hackers hit Monster Jobs users with Gameover Zeus malware

Companies that are recruiting new employees are being targeted through Monster Jobs. The bad guys are using malware called Gameover Zeus, security firm F-secure reported in a blog post ...
Continue Reading

Target Breach: Where The Weak Points Were

Dave Kearns posted March 18 that he's been fascinated by the information that keeps coming out of the Taget Stores data breach. He's got a great analysis, and he ends off with words that ...
Continue Reading

Phishing FaceBook: Malaysia Plane MH370 Has Been Spotted

Hackers jump on every opportunity they can to trick people. This time they hijacked to story about the missing Malaysian Airlines plane.
Continue Reading

New Phishing Scam Promises Bitcoins

Lily Newman at the Future Tense blog wrote this post for the slate site, after Slate's news editor Chad Lorenz received a new phishing email purportedly from coinbase, who happily ...
Continue Reading

Scam Of The Week: "You may have cancer" phishing email

Amy Stevens of the PR group Davies Murphy became part of the story when Eduard Kovacs at SoftPedia picked up on her tweet about a phishing email she just received.  If you recently had a ...
Continue Reading

When A Stranger Calls

Dr. Neal Krawetz posted something very useful over at the hackerfactor. Apart from that it's also very entertaining. He is legally recording various cold-calls he gets. Some of them are ...
Continue Reading

Inevitable: Phishing That Pretends To Be Salesforce.com

Just a heads-up, screen shot above. The lifehacker site in Australia warned about a phishing scam using a "salesforce" email as bait. The bad guys will use anything to get you to click, ...
Continue Reading

How to Test the Phishing Savvy of Your Staff

Continue Reading

41 Percent Of Infected Pay The Cryptolocker Ransom

I have warned about the Cryptolocker ransomware before, but now we have some hard numbers about the percentage of people that are forced to pay up when a workstation or server has been ...
Continue Reading

Hackers Used Spear Phishing Attack To Hack CNN Blogs

Security analysts at Intelligence firm InterCrawler published the details of the investigation on recent attack against CNN Blogs and social media accounts. Recently a few social media ...
Continue Reading

Kiss Your Old Security Awareness Training Program Goodbye!

Is Your Security Awareness Training Program Not Working? Are Users Still Clicking Phishing Links And Opening Infected Attachments?
Continue Reading

This Week Top 10 Phishing Scams

It's my job to keep an eye out for the most recent phishing scams and let everyone know. One of the newsletters I get as a source for this is called "hoaxslayer". They just reported some ...
Continue Reading

Cryptolocker Scrambles All Legal Files Of US Law Firm

WSOCTV in Charlotte, North Carolina's reports on a Goodson's, a small US law firm there which stepped forward and bravely admitted that their whole file server was scrambled by ...
Continue Reading

Why Cybercrime Pays Off

Continue Reading

FBI: The 10 Criminal Cyber Crime Professions

The Center for Cyber Forensics and Information Security (CCFIS) reported in a blog: "The FBI has recently classified the different 'professional positions' they have encountered in the ...
Continue Reading

Worst Phishing Scam Of The Week Yet: Cryptolocker

Why Security Awareness Training? Cryptolocker, That's Why... We here at KnowBe4 have been getting a lot of system admins calling us with the request for security awareness training ...
Continue Reading

Scam Of The Week: Funeral Notification Phishing Attack

Another one to warn your employees about. The bad guys do not hesitate to exploit the most basic fears of people; the sudden death of a loved one. The message claims to be from a funeral ...
Continue Reading

Arg The Cat O Nine Tails For Careless Clickers

Arg! The Cat O' Nine Tails For Careless Clickers!
Continue Reading

SHOCKER: Point-Of-Failure Phishing Training Does Not Work

The Govinfosecurity site just reported on some very interesting scientific research that finds so-called "embedded training" is ineffective. Let's quickly define "embedded", they chose ...
Continue Reading

WSJ: Did Hackers Got Into Target With Spear-phishing

Today (Jan 22, 2014) Wall Street Journal reporters Charles Levinson and Danny Yadron had a good summary of the current status of the Target Hack. 
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews