Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Alert: Watch Out For Phishing Attacks in the Wake of the AWS Outage

    KnowBe4 Team | Oct 22, 2025

    iStock-1185282377 (3)Cybernews warns that threat actors will likely take advantage of the recent AWS outage to launch phishing attacks against affected users.

    Attackers frequently exploit high-profile events to carry out social engineering attacks while people are confused or stressed, as these users are more likely to act without careful consideration.

    “Phishing attacks have one thing in common—they prey on human emotion, and in the case of services going down or being unable to access an account for extended periods of time, take advantage of a victim’s sense of urgency, fear, and confusion,” Cybernews says.

    “With the help of AI tools, these hackers can easily create an email that appears to be sent directly from the impacted organization, complete with identical logos and structure, and often a spoofed email address or phone number that mimics the legitimate ones.”

    Attackers may impersonate Amazon or tech support services offering to help users recover connectivity or receive compensation for the downtime.

    “Users should be wary of emails or texts with ‘clickable links’ offering to provide outage updates, restore access to its services or app, or even offering to compensate users financially for time the service or app was down,” the researchers write. “Additionally, users should also watch out for scammers claiming to be from an app's tech support, another tried-and-true scheme used by cybercriminals worldwide.”

    Users can follow security best practices and maintain a healthy sense of suspicion to avoid falling for social engineering attacks.

    “In the aftermath of a significant outage or cyber event, to avoid targeted phishing attacks, users should always be skeptical of any emails, texts, or phone calls claiming to fix the outage or restore services,” Cybernews says.

    “Never click on any unsolicited links or pop-ups as these could install malware on your device for more invasive attacks, steal your personally identifiable information (PII) using a keystroke logger, or send you to a fake webpage asking the user to input their login credentials.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    Cybernews has the story.

    Topics: Social Engineering Phishing Human Risk Management

    See PhishER Plus in Action

    Keep users safe where the most dangers lie: their inboxes

    Request a Demo

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk and agent security best practices, compliance strategies and industry research to help organizations strengthen their digital defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog

    Posts By Topic

    View All