For most folks, social media has become integral to their daily lives in today's hyperconnected world. They use platforms like Facebook, Twitter and Instagram to share their thoughts, experiences and personal moments with friends and family. Being online has even become a business for content creators, who share their insights and thoughts of their daily lives, from “Getting Ready With Me” (GRWM) to recording video trends of jumping over your camera to the beach or the latest dance craze.

The long-awaited annual Verizon Data Breach Investigations Report is out, and it’s made very clear that users continue to be a problem in phishing attacks. I’ve said it before, if you only read one report each year, the Verizon Data Breach Investigations Report is one you shouldn’t miss. And this year’s report starts off with a topic close to our hearts here at KnowBe4: users engaging with phishing emails and clicking links.

Is "RogerLovesTaco$24" a strong password? No! Everyone has a ton of passwords. They should be strong and unique for every site and service you use. Everyone knows this. Note: The information and recommendations in this post are supported in detail by the KnowBe4 ebook,

Newly-released data highlights our worst fears about the prevalence of phishing, and some glimmer of hope that the good guys may be winning the fight. Every quarter, the Anti-Phishing Working Group puts out a Phishing Activity Trends Report to highlight the changes in phishing attacks, including the number of campaigns, attacks, targets, and brands impersonated. The focus of the report covering 4th Quarter 2023 was the significant dip in the number of attacks in Q3 of last year.

Suspected North Korean threat actors are attempting to trick software developers into downloading malware during phony job interviews, according to researchers at Securonix. The threat actors contact software developers with seemingly legitimate employment opportunities before scheduling virtual job interviews.

With all great power, there comes an equal potential for misuse. Among the sophisticated arsenal of threat actors, impersonation attacks have surged to the forefront, which questions our sense of trust.

For many fresh out of college, the drive to land that first professional role is a top priority. Yet, new graduates can be exposed to sophisticated scams that can jeopardize not just their finances but also their identities. Imagine receiving an email that mentions your former school dean or a professor, claiming they've personally recommended you for a fantastic job opportunity.

This blog was co-written by Javvad Malik and Erich Kron. Let’s dive into the cautionary world of phishing simulations gone wrong. You know, those attempts to train users not to fall for phishing that somehow end up setting off more alarms than a Hawaiian missile alert system. Let's explore why we need to phish our users, but more importantly, how not to phish them. We turn to two of our trusted security awareness advocates Javvad Malik (JM) and Erich Kron (EK) to shed some light on the matter.

Cyber activity by the group "The Com," which leverages (SIM) swapping, cryptocurrency theft, swatting, and corporate intrusions, is increasing. Security researchers at Intel471 have published an analysis of the threat group, “The Com” (short for “The Community”), providing details about their targets and tactics. Operating mostly from Canada, the U.S.

One of the best things you can teach yourself, your family, and your organization is how to recognize the common signs of phishing and how to mitigate and appropriately report it. Phishing messages can have many different looks, traits and narratives. What worked yesterday for the attackers eventually becomes blocked, recognized, and less profitable, and they move on to different tactics.