At KnowBe4, we continuously attempt to remain forward of rising threats and create coaching content material to warn customers concerning the newest ways utilized by cybercriminals.
One of many methods we do that is by way of our internally produced demo video productions, which used to star the unimaginable Kevin Mitnick and his legendary hacking demos. In these modules we showcase real-world assault eventualities and supply actionable insights on easy methods to defend in opposition to them.
Final 12 months my colleague Dr. Martin Krämer and I had the chance to current such a demo on QR code phishing and different image-based phishing strategies. Whereas we’re used to discussing cybersecurity threats, being in entrance of the digital camera was a complete new problem. And we did this in each English and German.
The Rising Menace of QR Code Phishing
QR codes have change into ubiquitous in our each day lives, used for the whole lot from accessing restaurant menus to creating funds. Nevertheless, cybercriminals have acknowledged their potential as a phishing vector. In our demo, we walked by way of a real-world instance of how attackers embed malicious hyperlinks into QR codes, tricking customers into scanning them and unwittingly getting into their credentials on fraudulent web sites.
One key takeaway from our demo was the significance of vigilance when encountering QR codes, particularly these acquired by way of e-mail or printed on stickers positioned in public areas. We highlighted purple flags to look at for, reminiscent of:
- Unsolicited QR codes in emails or messages claiming to be pressing
- QR codes that redirect to login pages asking for credentials
- Faux QR codes positioned over official ones in public areas
- A scarcity of contextual details about the place the QR code leads
Extra Than Only a Discuss—A Actual Demo in Motion
Whereas cybersecurity schooling is our ardour, moving into the position of each educators and on-camera presenters was a humbling expertise. Demonstrating an precise assault whereas concurrently explaining it to an viewers isn’t any small feat. The problem wasn’t simply in guaranteeing technical accuracy but in addition in engagingly presenting the knowledge whereas sustaining pure supply.
From coordinating with the manufacturing staff to nailing the timing of our explanations, we rapidly realized that video manufacturing is an artwork kind. The expertise gave us a newfound respect for skilled actors—conveying experience whereas staying composed underneath vivid lights and a number of takes isn’t any simple job.
Our QR code phishing demo is only one of a number of partaking modules we’ve labored on. Different latest productions featured our colleagues and safety consultants Roger Grimes, Javvad Malik and Colin Murphy tackling important cybersecurity threats, together with:
- Cloud Ransomware Assaults – How attackers exploit cloud environments and finest practices to stop breaches
- Slack Assault – hands-on demonstration of the ways concerned in a cyberattack utilizing Slack, a enterprise communication system
- Microsoft Groups – Demonstrating how cybercriminals infiltrate office communication instruments like MS Workforce to govern workers
Every of those demos brings cybersecurity ideas to life in a method that conventional coaching supplies typically can not. Seeing an assault in motion, step-by-step, makes it extra impactful than merely studying about it. They’re now all obtainable as standalone video modules within the ModStore and included into the core modules.
The Heroes Behind the Digital camera
An enormous shout-out goes to our unimaginable content material manufacturing staff, who made these modules doable. Creating high-quality coaching content material isn’t only a matter of pointing a digital camera at somebody and filming—it’s a fancy course of that takes months of planning, analysis, and the experience of many professionals. From crafting well-researched scripts to managing your complete manufacturing course of, and conserving us well-fed and energized, their dedication was instrumental. The digital camera crew, editors, and manufacturing managers labored tirelessly behind the scenes to carry these coaching modules to life, and their efforts actually deserve recognition.
Classes Realized and Trying Forward
These coaching modules are a part of our annual flagship sequence and can be found in 35 completely different languages. The German and English variations have been initially recorded, whereas the remaining languages have been professionally dubbed to make sure accessibility for a world viewers.
Whereas presenting in entrance of a digital camera was initially daunting, we stay up for producing extra of one of these coaching content material and serving to our buyer organisations be safer on-line. We’re already planning for the following set of hacking demos that can be recorded within the coming months so keep tuned for extra within the ModStore.