Image Cyber criminals are constantly evolving their methods, but their biggest leverage for growth will always be exploiting the human factor. Software and physical measures against cyber attacks have become so advanced that tricking workers is the only remaining attack vector criminals can reliably use. According to Verizon’s 2023...

QR codes have come a long way since being invented in 1994 by a subsidiary of Toyota. Initially introduced to address some limitations of barcodes during the car manufacturing process, QR codes have since become staples in people’s day-to-day lives. The introduction of high-powered cameras to most modern smartphones is what allowed these codes to gain new uses. QR codes,...

This year is seeing more phishing attacks in more places, having more detrimental impacts. One security messaging provider noted a 61% increase in phishing attacks between April and October 2022 compared to the same period the previous year. Another report observed that when phishing attacks were successful in 2022, financial losses from those incidents increased by 76%. In...

Employees come and go for a variety of reasons. If you’re lucky, they’ll be very cooperative with the offboarding process, but this isn’t always the case. And even if they are, you still have to take it with a grain of salt. Some say that calm and cooperative offboarding is often the most dangerous because people aren’t as diligent when the situation seems lax. If these...

Everyone wants to look good in front of their boss. Which is exactly why an urgent email from the CEO of your company is guaranteed to catch your attention. You’re more likely to act on the request immediately without questioning the details. But what if that email didn’t come from your boss? All it takes is one savvy email that encourages an employee to act on behalf of...

Everyone wants to impress their boss, which is exactly what scammers rely on nowadays to carry out sophisticated phishing attacks called CEO fraud. Examples of CEO fraud are becoming increasingly common, with attackers regularly sending out phishing emails to an organization's employees and impersonating the top executive. This often comes with a demand at the end of the day...

The way we think about data protection is changing. Cyber culture is emerging as the new norm, and organizations must adapt their strategies to stay ahead of the curve. Data protection has traditionally focused on preventing breaches and protecting sensitive information. However, cyber culture goes beyond this by encompassing all aspects of online life. It includes everything...

If you’re a company that uses email scanning technology as the first line of cyber defense, you should know about a recent slate of malicious Word document-based attacks. These attacks are designed to deliver malware and ransomware to targeted systems. Security researchers at Cisco Talos recently identified an attack where Word document files attached to emails were used to...

Phishing threats are everywhere, and if your employees don’t know how to spot them, you’re putting your information at risk. Knowing how to build a successful phishing simulation is vital for identifying how well employees can spot the latest threats and ensuring they know how to spot them independently. Unfortunately, many organizations fail to offer adequate security...

During the last week of January 2021, cyber security provider TrendMicro shared a blog post highlighting an Office-365 phishing campaign that criminals have targeted executives within manufacturing, tech, real estate, government, and finance since May 2020. As part of the scam, fraudsters sent the victims fake emails with links to a phishing site, where they harvested their...

Actionable security awareness tips on how employees can prevent insider threats  A misplaced USB drive with confidential data. An opportunistic employee sharing confidential information with a competitor. An employee who accidentally clicks a phishing email. These are all examples of insider threats to your organization. Insider threats unfortunately are not simply the stuff...

Robust, engaging security awareness training is an essential part of strong cyber security practices, especially given the accelerated digital transformation and shift by many organizations to remote workforces. It can also be a crucial value-added product for resellers, distributors, MSSPs, OEMs partners and technology partners, who are looking to expand their portfolio,...

Since December 2019, there has been a coordinated campaign of phishing attempts targeting Office 365 users. Cyber criminals have sent spoofed email, gathering the login credentials and payment details of Microsoft accounts in over 62 countries. According to one report, despite a 42% reduction in phishing attempts in 2019, scams like this Microsoft Office 365 campaign remain a...

(7 min read) Using online security awareness training to lower your click rate Recognizing a potential phishing email is the first step in avoiding falling victim to a cyber attack. The next and most important step is knowing what to do with this email. Ideally, you want your employees to report the phishing email to you and then delete the message. However, curiosity is...

Bringing the Best in Security Awareness Content to Microsoft Customers Terranova Security has announced that it has partnered with Microsoft Microsoft is leveraging our phishing, security awareness, social engineering, and cyber security content in Microsoft Office 365 Advanced Threat Capabilities (Office 365 ATP). “Microsoft’s technology and platform enriches us with...

You can have the most powerful, cutting-edge security technology in the world, but if a user clicks on the link in a malicious email, lets a stranger tailgate into your building or uses 1234 as their login password, they unwittingly open your organization up to a cyber security breach. The fact is that the human risk factor remains your greatest point of vulnerability when it...