Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Obvious Phishbait, But Someone Will Bite

    Stu Sjouwerman | Mar 31, 2022

    facebook-messenger-phishing-scamA widespread phishing scam is circulating in Facebook Messenger, according to Jeff Parsons at Metro. The phishing messages simply contain the words, “Look what I found,” along with a link. If the user clicks the link, they’ll be taken to a spoofed Facebook login page that will steal their credentials. Notably, the attackers send the messages from compromised accounts of the target’s Facebook friends, which increases the appearance of legitimacy.

    “Chances are the message will come from a friend or other contact who has had their account compromised,” Parsons says. “So while it seems to come from a trusted source, it’s actually a sneaky way to try and gain access to your data. Clicking on the link will take you through to a malicious webpage that asks for your Facebook log-in details. If you put them in, the scammers running the site will be able to scrape your personal data and, in some cases, install malware directly onto your phone. Not good if you’ve got any kind of sensitive or financial information stored on there.”

    Parsons adds that this scam isn’t new, and most phishing attacks use similar social engineering techniques. Users can recognize these attacks if they know what to look for.

    “The most well-known form of phishing involves the mimicry of official emails or text messages from trusted companies including Amazon, Paypal, all UK banks, Netflix, delivery companies, mobile phone providers, eBay and so on,” Parsons writes. “Phishing emails can also masquerade as messages from a council authority, HMRC, the Government, the police or a hospital. The phishers replicate to the best of their abilities, the exact logo of the company and then compose a phony email. Usually, the phishing messages explain that you need to update your billing details / address, employment record, your bank card details and so on, or they urge you to check up on a delivery tracking number. So it always pays to check your messages carefully to avoid falling for the trick.”

    New-school security awareness training can give your employees a healthy sense of suspicion so they can avoid falling for social engineering attacks.

    Topics: Phishing Security Awareness Training

    Stop Being a Target for Social Media Exploits

    Social media is the new frontier for targeted spear phishing and credential theft. Use our Free Social Media Phishing Test to identify which users are likely to click malicious links or leak data on platforms like LinkedIn and X, and get your results in just 24 hours.

    Get Your Free Test

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All