KnowBe4 Issues Alert: Social Engineering Threats Soaring
Tampa Bay, FL (Dec 3, 2014) KnowBe4 issued an alert today warning of a recent spate of high profile social engineering attempts targeted at prominent businesses. One such attack includes high profile financial advisors, officers and deal makers, thought to be an attempt to gain a Wall Street edge. The FBI also alerted private sector companies that targeting of their networks is a significant threat as reported by Reuters lateMonday. Not to be left out, small business and consumers are being targeted with fake IRS agents looking for a little extra dough for the holidays along with an uptick in phishing emails posing as Costco, Home Depot and a variety of shipping sources.
Stu Sjouwerman, KnowBe4 CEO said, “Hackers will use as many avenues to break in as they can dream up, but social engineering is one of the favored. We are hitting the season when online shipping is at a peak and employees become much more complacent. It is important to keep users alert and aware of how much a target they are, especially during scam season.” Furthermore, Sjouwerman warns, “I cannot think of a more urgent reason to step all employees through effective security awareness training to keep them on their toes with security top of mind.”
Similar to a magazine’s editorial calendar, hackers have a “scam calendar” that focuses on events and opportunities to take maximum advantage of unsuspecting users or lax employees. These malware campaigns don’t discriminate between home or office and use social engineering to trick users. Millions of such phishing emails are sent each day and just one user in a hurry clicking on something might take down a system or a company.
Sjouwerman offers this advice:
1) Be on the lookout for “Shipping Problem” emails from from FedEx, UPS or the US Mail, where the email claims they tried to deliver a package from (for instance Apple Computer) but could not deliver due to an incomplete address. “Please click on the link to correct the address and you will get your package.” If you do, your computer is likely to get infected with malware. Warn everyone in the family, especially teenagers.
2) Watch out for alerts via a TEXT to your smartphone that “confirm delivery” from FedEx, UPS or the US Mail, and then asks you for some personal information. Don’t enter anything. Think Before You Click!
3) Reiterating a warning KnowBe4 sent out a few weeks ago, there is a fake refund scam going on that could come from a big retailer. It claims there was a “wrong transaction” and wants you to “click for refund” but instead, your device may be infected with ransomware.”
If not a customer, KnowBe4 will allow IT managers to create a free account and send a simulated phishing test to 100 users to see what the Phish-prone percentage of your organization is.
For more information visit: www.KnowBe4.com
Reuters story: http://www.reuters.com/article/2014/12/01/us-sony-cybersecurity-malware-idUSKCN0JF3FE20141201
Social engineering: http://www.knowbe4.com/what-is-social-engineering/
Security Awareness Training: http://www.knowbe4.com/products/kevin-mitnick-security-awareness-training/
About Stu Sjouwerman and KnowBe4
Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, LLC, which provides web-based Security Awareness Training (employee security education and behavior management) to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training. KnowBe4 services hundreds of customers in a variety of industries, including highly-regulated fields such as healthcare, finance and insurance and is experiencing explosive growth with a surge of 427% in 2013 alone. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses.
About Kevin Mitnick
Kevin Mitnick is an internationally recognized computer security expert with extensive experience in exposing the vulnerabilities of complex operating systems and telecommunications devices. He gained notoriety as a highly skilled hacker who penetrated some of the most resilient computer systems ever developed. Today, Mitnick is renowned as an information security consultant and speaker, and has authored three books, including The New York Times best seller Ghost in the Wires. His latest endeavor is a collaboration with KnowBe4, LLC.
- Click to share on Twitter (Opens in new window)
- Share on Facebook (Opens in new window)
- Click to share on Google+ (Opens in new window)
- Click to share on Reddit (Opens in new window)
- Click to share on Tumblr (Opens in new window)
- Click to share on Pinterest (Opens in new window)
- Click to print (Opens in new window)
- Click to email (Opens in new window)
- How Call Tracking Can Optimize E-Commerce Conversion Rates 2017/03/24 Guy Levine
- Remember IRC? It's Still Around - And It's Still Worth Using 2017/03/22 David Delony
- What AI Can Do for the Enterprise 2017/03/20 Arthur Cole
- Software as a Service (SaaS) 2017/03/22
- Will Google Cloud Catch Up? 2017/03/21
- Data Privacy: 7 Trackers Collecting Your Personal Data 2017/03/20
- @kenbhessbbq They have the wrong Ken Hess, although I'll totally have a Ken Hess BBQ throwdown with you. twitter.com/snakeriverfarm… 1 day ago
- Hey, maybe Edward Snowden helped the Russians hack the election. 2 days ago
- Get your Unified Endpoint Management for Dummies ebook today. www-03.ibm.com/security/mobil… Scroll down to the bottom of the page. 3 days ago
- Someone referenced this article that I wrote in 2013: zd.net/2mptkPz I'd forgotten how great it was and how still daisy fresh it is 1 week ago
- RT @BeyondTrust: The Worst Cybersecurity Breaches of 2016 (Podcast) via the securityNOW show @kenhess @MoreyHaber #2016breaches https://t.c… 2 weeks ago