Since December 2019, there has been a coordinated campaign of phishing attempts targeting Office 365 users. Cyber criminals have sent spoofed email, gathering the login credentials and payment details of Microsoft accounts in over 62 countries. According to one report, despite a 42% reduction in phishing attempts in 2019, scams like this Microsoft Office 365 campaign remain a significant threat...

Less than a week ago, Twitter fell victim to a monumental security breach that saw hackers successfully orchestrate a social engineering attack and take over high-profile Twitter user accounts, including world-renowned companies like Apple and business magnates like Bill Gates and Elon Musk. The cybercriminals used that access to launch a bitcoin scam that generated over $120,000. The attack is...

(7 min read) Hint: It has everything to do with effective mobile learning. The past decade’s explosion of smartphone and tablet usage has magnified the importance of well-designed mobile responsive content as a vital part of any training program. Recent studies echo clear mobile learning preference statistics, including how: 70% of learners feel more motivated when training on a mobile device...

Security awareness training is indispensable to ensure that your users have the knowledge they need to protect your organization’s sensitive data from cyber threats. These training initiatives also help create a strong cyber-secure organizational culture that emphasizes engaged, aware employees. On July 7th, Terranova Security will host the 2020 edition of the Security Awareness Virtual Summit,...

Know how to identify and prevent a spoofing attack Spoofing attacks are the ultimate form of cybercriminal trickery and deception. Cybercriminals disguise themselves and rely on trust to steal confidential information, install ransomware, and commit other cybercrimes. Spoofing comes down to trust. Cybercriminals hide behind trusted people, domains, URLs, and the technical elements that make up a...

COVID-19 is rapidly changing how we work, communicate, and interact with one another. Some private companies, public institutions, and government departments are mandating that all employees who can, must work from home. For many users this is the first time they have worked from home. Not only is there the stress of the uncertainties around COVID-19 but also an adjustment period for people...

Adult Learners Need Relevant and Relatable Training Using intelligent social engineering techniques, cybercriminals know how to tailor their cyber attacks to their recipients. An employee in HR receives a very different phishing email than the customer service representative in a call center or the salesperson who is traveling and accessing the network remotely. And this is exactly why...

Cyber Monday is right around the corner and this means employees will be shopping online at work. To prepare for the busiest online shopping day of the year, companies need to remind employees of how to be safe online. It’s very easy for even the most cyber-aware employees to get caught up in the rush of online holiday sales and promotions. Retailers know that shoppers want deals and start their...

The lessons learned from cyber security training for employees must extend beyond the office doors. It’s important that employees understand that cyber security awareness matters at the office and at home. We know that many people relax their cyber security practices when they’re using their home computers, laptops, and personal mobile devices. You want to give your staff, your users actionable...

Leveraging a spirit of competition to drive engagement and create a security culture Gamification is a popular concept these days, and for good reason. With gamification, you can develop a game for learning more about a serious topic while also getting the learner to approach winning that game with the same fervor they would when playing for entertainment. So what happens when you integrate...

The MINDSPACE framework: What factors influence human behavior? Even when your company has the best technology and the most efficient security controls, it still has to invest in the human factor. Regardless of the methods a company adopts, nothing can be accomplished unless users of the technology are motivated and able to apply the methods effectively. According to a recent study, a...

Social networking overlaps corporate and personal lives, and so should the mission to create a culture of security awareness. It’s true. There was little – if nothing – any Facebook user could have done to prevent their passwords from getting exposed earlier this spring. Just look at the facts of the case, said Theo Zafirakos, Chief Information Security Officer and Security Awareness Coach at...

You can have the most powerful, cutting-edge security technology in the world, but if a user clicks on the link in a malicious email, lets a stranger tailgate into your building or uses 1234 as their login password, they unwittingly open your organization up to a cyber security breach. The fact is that the human risk factor remains your greatest point of vulnerability when it comes to cyber...

We know that the human factor and employee engagement are critical when talking about raising cyber security awareness. You’ve invested a lot in technologies or highly sophisticated processes, but your employees will still be the last line of defense in thwarting a cyberattack. On the other hand, they’re the ones who are hardest to mobilize! In 2017, a major study was conducted among...

Make Your Passwords Secure Again! In connection with the most recent security breaches, let's take a few minutes to highlight the importance of talking with your employees about password safety. Cyber criminals strive to infiltrate our networks and weak passwords are a way in. Empowering your employees with cyber security awareness training is an excellent way to teach best practices for...

Security Awareness Professionals! This Is Day 3 of Gartner Security and Risk Management Summit 2018. Join Terranova at booth 119! We have been exchanging numerous ideas with participants about raising security awareness effectively and user training initiatives. Consequently, we are focusing our discussion on security awareness. We ask the following question: “How do you measure employees’...