10 Incredible Ways You Can Be Hacked Through Email & How To Stop The Bad Guys
Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware!
Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist and security expert with over 30-years of experience, for this webinar where he will explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious code to run. Plus, he'll share a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick.
Roger will teach you:
•How silent malware launches, remote password hash capture, and how rogue rules work
•Why rogue documents, establishing fake relationships and getting you to compromise your ethics are so effective
•Details behind clickjacking and web beacons
•Actionable steps on how to defend against them all
If all you were worried about were phishing attempts, think again!
RecordedJun 14 201968 mins
Your place is confirmed, we'll send you email reminders
As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to be a race between effective technology and ever evolving attack strategies from the bad guys. However, there’s an often-overlooked security layer that can significantly reduce your organization’s attack surface: New-school security awareness training.
Join Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, and Joanna Huisman, KnowBe4's Senior Vice President of Strategic Insights and Research, for a review of our 2020 Phishing By Industry Benchmarking Report, a data set of nearly four million users across 17,000 organizations.
You will learn more about:
- New phishing benchmark data for 19 industries
- Understanding who’s at risk and what you can do about it
- Actionable tips to create your “human firewall”
- The value of new-school security awareness training
Do you know how your organization compares to your peers? Watch this webinar to find out!
You know that "security awareness" is key to a comprehensive security strategy. But just because someone is aware doesn't mean they care. So how can you design programs that work with, rather than against, human nature? Here's the great news. Creating a security awareness strategy that not only educates, but reinforces good behaviors can be achieved and we'll show you how.
In this webinar, Perry Carpenter, Chief Evangelist and Strategy Officer for KnowBe4, and David Littman of TruthInIT unpack a number of key elements from his new book Transformational Security Awareness. What Neuroscientists, Storytellers, and Marketers can Teach Us About Driving Secure Behaviors. Drawn from his experience as an awareness practitioner, CISO mentor, researcher, and author, Perry will dive into ideas like how to use "Trojan Horses for the Mind," how to leverage social dynamics to drive behavior and shape culture, and will unveil some exciting new behavior models that will help you stop the bad guys in their tracks.
This presentation will take a deep (and practical) dive into:
· How to understand and design for behavioral segments
· How to successfully debug bad behaviors
· How to influence motivation in three different ways
· And why it is important to live your awareness program through the eyes of your audience
There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.
Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and TruthInIT's David Littman as they dive into:
Why data backups (even offline backups) won’t save you
Evolved threats from data-theft, credential leaks, and corporate impersonation
Why ransomware isn’t your real problem
How your end users can become your best, last line of
Quickly evolving travel and social requirements in response to COVID-19 mean that, like it or not, many organizations like yours are asking traditional office-based employees to work from home. Today's technology allows that to happen in many cases with relative ease; however, are your employees prepared with the necessary knowledge to keep themselves and your network safe under these circumstances?
Listen to Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, and, Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, to find out the most important items you need to know now to prepare your employees for today's new risks.
In this on-demand webinar you'll learn:
- Top considerations for safely connecting to your corporate network
- Scams the bad guys are using right now to target your employees
- Advice for improving social media security awareness
Even the world’s most successful organizations have significant weaknesses in their IT security defenses, which today’s determined hackers can exploit at will. There’s even a term for it: Assume Breach.
But assuming you’ll be hacked isn’t an option for you. Your organization can’t afford a loss of assets or downtime.
Join Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, for this informative webinar where you’ll learn not only the most common reasons for data breaches in organizations like yours but how you can determine your specific weaknesses.
You’ll walk away from this understanding:
- What most organizations are doing wrong and how to fix it
- How to build an action plan to improve your IT security effectiveness
- Why security awareness training is a security layer you can’t afford to skip
Roger Grimes, Data-Driven Defense Evangelist, KnowBe4
Cyber crime has become an arms race where the bad guys constantly evolve their attacks while you, the vigilant defender, must diligently expand your know how to prevent intrusions into your network. Staying a step ahead may even involve becoming your own cyber crime investigator, forensically examining actual phishing emails to determine the who, the where, and the how.
In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will show you how to become a digital private investigator!
- How to forensically examine phishing emails and identify other types of social engineering
- What forensic tools and techniques you can use right now
- How to investigate rogue smishing, vishing, and social media phishes
- How to enable your users to spot suspicious emails sent to your organization
- Get inside the mind of the hacker, learn their techniques, and how to spot phishing attempts before it’s too late!
Only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But even when they are enabled and your domain is more secure, 81% of phishing attacks still continue to sail right through to the end-user.
In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, and David Littman of TruthInIT will teach you how to enable DMARC, SPF, DKIM the right way! Then, learn the six reasons why phishing still might get through to your inbox and what you can do to maximize your defenses. You'll learn:
- How to enable DMARC, SPF, and DKIM
- Common configuration mistakes
- How to best configure DMARC and other defenses to fight phishing
- Techniques to empower your users to identify and avoid phishing attempts that make it through your surface-level defense
Your customer data, intellectual property, and financials are the lifeblood of your organization. If lost or leaked, there could be significant implications to the viability of your business. Maintaining control of that data, especially with third-party services, can be extremely challenging and requires that you ask the right questions and enforce stringent security policies.
In an environment of increased outsourcing, cloud computing adoption, and regulatory requirements, how do you manage vendor risk and ensure you have a consistent evaluation life cycle
Join James McQuiggan, KnowBe4's Security Awareness Advocate, to get actionable steps you can use now to better manage your third-party vendor risk. You'll learn:
The importance of securing your organization's critical data
How to determine Supplier Security Proficiency
Why it’s important to understand the source of third-party products
The impact Vendor Questionnaires have on your Security Posture
How leveraging a GRC platform can ease the burden of risk assessments and audits
Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't!
Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, a security expert with over 30-years experience, and David Littman of TruthInIT for this video webinar where they will explore 12 ways hackers can and do get around your favorite MFA solution.
The on-demand webinar includes a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security.
You'll learn about the good and bad of MFA, and become a better computer security defender in the process, including:
- 12 ways hackers get around multi-factor authentication
- How to defend your multi-factor authentication solution
- The role humans play in a blended-defense strategy
You know that Security Awareness Training (SAT) is a critical step in managing the ongoing problem of social engineering. It may be a compliance requirement your organization needs to meet but a comprehensive SAT program can do much more for you than check the box. Creating and implementing an effective program can seem daunting for someone with a million plates in the air (a.k.a. YOU!) but with the help of a vendor that specializes in a new-school approach to training and testing, you can create a security culture that saves you time, money and headaches.
Listen to this on-demand webinar as KnowBe4’s Perry Carpenter, Chief Evangelist and Strategy Officer, and Joanna Huisman, SVP of Strategic Insights and Research, discuss:
•The benefits of partnering with an experienced provider
•The critical importance of integrated reporting
•What to look for as you evaluate Security Awareness Training vendors
You don’t have to go it alone. Learn how you can leverage new-school Security Awareness Training to enable your users to make smarter security decisions, every day.
There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.
After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.
Join us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:
- Why data backups (even offline backups) won’t save you
- Evolved threats from data-theft, credential leaks, and corporate impersonation
- Why ransomware isn’t your real problem
- How your end users can become your best, last line of defense
Whether you're creating a new product, going through a merger & acquisitions, or significantly changing a process in your organization, new processing activities can present high risk to your organization. As we can see from Marriott’s acquisition of Starwood, not undergoing a full security and privacy assessment can present huge problems for your organization and now Marriott faces a $123.6 million dollar fine due to lack of due diligence.
One way to reduce risks and identify security/privacy risk is to conduct a data protection impact assessment. Not only will this assessment help you reduce business risk, but it also helps identify new processes in your organization to maintain compliance with GDPR, LGPD, CCPA and other global privacy laws.
Join Lecio DePaula Jr., KnowBe4’s Data Privacy Director, for this webinar to hear about creating a robust data protection impact assessment to analyze new processes, workflows, and products to identify problems before they happen.
In this webinar you’ll learn:
- Best practices for conducting a robust DPIA
- The privacy and security risks of M&A, creating new software products, other initiatives
- How conducting a DPIA aligns with global privacy requirements
- Common DPIA mistakes and how to avoid them
- Tools that help manage and streamline your DPIA process
Most companies have huge gaps in their computer security defenses and can be compromised at will by a determined hacker. The industry even has a term for it: “Assume Breach”.
But it doesn’t have to be that way!
Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, and David Littman of TruthInIT for this webinar where he explores the latest research on what’s wrong with current network defenses and how they got this way. Roger will teach you what most organizations are doing wrong, why, and how to fix it. You’ll leave this webinar with a fresh perspective and an action plan to improve the efficiency and effectiveness of your current computer security defenses.
Roger will teach you:
· What most companies are doing wrong, why, and how to fix it
· An action plan to improve the effectiveness of your computer security defenses
· How to create your “human firewall”
Ransomware is back with a vengeance, impacting healthcare organizations like yours around the globe. While it appeared ransomware cases might be decreasing for a brief time, these incidents rose dramatically over the past year. This increase in malicious activity has serious business ramifications — from increasing downtime to causing revenue loss. Ransomware attacks also can impact an organization's' ability to treat patients.
In this webinar, the American Hospital Association’s Senior Advisor for Cybersecurity and Risk will share an overview of cybersecurity. KnowBe4’s James McQuiggan will cover some of the emerging trends in ransomware. You’ll learn about the recent highly targeted attack vectors and what you can do to prepare before an attack.
Attendees Will Learn:
- The new ways offenders are using ransomware to take control of your network.
- Best practices for defending against and recovering from ransomware attacks.
- How to detect potentially threatening phishing and social engineering emails.
- Actionable steps to take if your organization does become a victim.
- How to create a “human firewall.”
Tax season is upon us, which makes this prime time for hackers to target your unsuspecting users with the latest Business Email Compromise (BEC) scams. From evolved W2 fraud to tax-related spear phishing, cybercriminals capitalize on the first quarter of each new year with smarter, craftier attacks designed to convince your users to provide confidential information, authorize wire transfers, or enable malicious files.
In this webinar Erich Kron and James McQuiggan, KnowBe4 Security Awareness Advocates, discuss the new types of BEC scams you can expect to see, what your users should be on alert for this tax season, and how to protect your organization from these evolved threats.
You will learn:
- Real-world examples of the latest BEC attacks
- Common targets within your organization and techniques used to trick them
- Red flags your users need to know now to spot BEC attacks
- How to educate your organization so you don’t fall victim
Don't let your organization become a statistic this tax season! Join our experts to find out how to stop the bad guys before it's too late.
It is estimated that a business falls victim to a ransomware attack every 40 seconds, adding up to a projected $11.5 billion in damages for this year. As ransomware attacks become more targeted and damaging, your organization faces increased risk that can have your networks down for days or even weeks.
So, how can your organization avoid getting held hostage? Join us and Erich Kron CISSP, Security Awareness Advocate at KnowBe4 we look at scary features of new ransomware strains, give actionable info that you need to prevent infections, and provide tips on what to do when you are hit with ransomware.
Cyber security and security awareness landscapes are constantly changing. IT Professionals, like you, always need to know what is coming next in order to build (and maintain) effective security cultures and programs at your organization. Policy changes, evolving technologies, and even world events all play a part in attack vectors and how you respond to threats.
To help you master the challenges ahead, KnowBe4 Evangelists, Roger Grimes, Javvad Malik and Erich Kron, share their top predictions for the coming year and discuss where the future of security awareness is heading in 2020.
You'll want to watch this video to see their predictions for:
•The future of privacy and data protection policies around the world
•Changes to voting procedures and factors impacting election security
•How the Internet of Everything and evolved spear phishing will make spotting attacks even harder
•How you can prepare your users now to identify the threats of tomorrow
Don’t get caught by surprise - watch their predictions now!
Ever wonder how hackers, spies, and con-artists gather such detailed and convincing intel on their targets? Kevin Mitnick, the world's most famous hacker and KnowBe4's Chief Hacking Officer, knows.
The truth is that it is shockingly easy to gather detailed intelligence on individuals and organizations. Everything the bad guys need to specifically target your end users is out there for the taking. Banking and credit card accounts, driver's license numbers, geolocation details and even IT secrets can be found easily and through public resources! There’s even a name for it: Open Source Intelligence (OSINT).
In this mind-blowing webinar, Kevin and Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, give you an inside look into some of Kevin’s most prized, underground OSINT secrets and how the bad guys use those techniques to target your users and your organizations.
Find out what to watch out for and learn how to strengthen your end-user “human firewall” against OSINT-fueled attacks before it's too late!
The scary fact is that human error is a contributing factor in more than 90% of breaches. With so many technical controls in place hackers are still getting through to your end users, making them your last line of defense. How are they so easily manipulated into giving the bad guys what they want? Well, hackers are crafty. And the best way to beat them is to understand the way they work.
In this webinar Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will take you through the "Cyber Kill Chain" in detail to show you how a single email slip up can lead to the total takeover of your network.
Roger will show you:
- How detailed data is harvested using public databases and surprising techniques
- Tricks used to craft a compelling social engineering attack that your users WILL click
- Cunning ways hackers deliver malicious code to take control of an endpoint
- Taking over your domain controller and subsequently your entire network
But not all hope is lost. Roger will also share actionable strategies you can put in place now to greatly reduce your risk. Find out how to protect your organization before it's too late.
Endpoint security, firewalls, VPNs, authentication systems… we’ve all got them. But do they really provide the comprehensive level of security your organization needs to keep the bad guys out? The unfortunate reality is that each of these security layers can provide hackers with a back-door right into your organization. And we're going to show you how.
In this exclusive webinar Kevin Mitnick, the World's Most Famous Hacker and KnowBe4's Chief Hacking Officer, and Perry Carpenter, KnowBe4's Chief Evangelist and Strategy Officer, show you shocking examples of significant vulnerabilities that social engineers and hackers use to circumvent these traditional security layers.
There is no need for a false sense of security. Better defend your network by learning:
- The 3 most common causes of data breaches
- Significant vulnerabilities recently discovered in common technologies
- Kevin’s top tips for security defenders
- Why security awareness training is a security layer you can’t afford to skip
Kevin shares new hacking demos that will scare the daylights out of you. Find out how to mitigate these risks before it’s too late!
KnowBe4 is the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. Realizing that the human element of security was being seriously neglected, KnowBe4 was created to help organizations manage the problem of social engineering, spear phishing, and ransomware attacks, through a comprehensive new-school awareness training approach. KnowBe4 trains employees to make smarter security decisions.