KnowBe4's Templates Mistress Katie has been busy again adding a new batch of phishing templates to the collection of "System Templates" available to active subscribers.
First, there is a new selection of real world phishes culled from the previous seven days of malicious emails delivered to us via the Phish Alert Button (PAB):
REPORTED PHISHES OF THE WEEK
"Account report": Phish prompts reader to open attachment to view information on cash account problems.
"Alert: Your [[domain]] Email is at Risk!": Fake GoDaddy email asks users to log in to upgrade account.
"Booking confirmation": Phish prompts readers to open attachment to view booking/confirmation information.
"Booking information -- Conf. No. 87415": Fake Lufthansa email baits readers to click link to check flight information.
"Budget Report": Phish invites readers to view budget report by clicking link.
"Confirmation letter": Phish asks users to click on link to review load confirmation letter.
"Invoice 80521": Fake medical center invoice baits users to click link to view more information.
"Status Alert": Fake Amazon email prompts user to log in to update account information.
"TT COPY": Malicious email attachment purports to contain information on wire transfer.
"Your account was restricted - Urgent": Fake LinkedIn email requests users to verify account by clicking link.
In the past week Katie also added six additional phishing templates in other categories:
CURRENT EVENTS
"Conspiracy Theory Proven: Hillary Clinton Hired Body Double": Fake news story baits users to click link for more information.
"New login from Firefox on Windows 8.1": Fake Dropbox email invites users to click link for login information.
"You've sent a payment on Venmo": Fake Venmo email provides malicious link for information on alleged payment.
BANKING
"You have a secure message from American Express": Fake secure message from Amex invites users to click malicious link.
SOCIAL NETWORKING
"Please add me to your LinkedIn Network": Fake LinkedIn invite provides malicious link to click.
ONLINE SERVICES
"Invitation: Performance Review": Fake google Calendar invitation baits users to click on malicious link.
Did you know that 91% of successful data breaches started with a spear-phishing attack?
Find out what percentage of your employees are Phish-prone™ with your free phishing security test.
Over the last few years, thousands of organizations in the U.S have started to phish their own users. IT pros have realized that doing this is urgently needed as an additional security layer. Today, phishing your own users is just as important as having antivirus and a firewall.
Why? If you don't do it yourself, the bad guys will. Take the first step now to significantly improve your organization’s defenses against cybercrime.
PS, do not like redirected buttons? Cut & Paste this link in your browser: