KnowBe4 gets thousands of phishing attacks reported weekly through our free Phish Alert Button, and we pick the 10 most tricky ones, defang them, and put these into a phishing campaign you can send to your users. The template category is called Reported Phishes of the Week. Here are this week's ten most dangerous phishes to inoculate your users:
"Microsoft: Closure of your Microsoft Account" - Spoofed Microsoft email threatens account shutdown unless user opens malicious PDF.
"Amazon: You've Entered An Incorrect Password Too Many Times" - Spoofed Amazon security notice asks users to click malicious link.
"INTERAC e-Transfer: Bell Mobility Sent You Money (Refund for $200.00)" - Fake refund email invites users to click malicious link.
"Making changes to Payroll system" - Fake HR email regarding payroll changes asks users to click malicious link.
"Microsoft: Office Account Security Info Verification" - Spoofed Microsoft Office email requests users click malicious link to verify account.
"Microsoft: Password Reset of Office 365" - Spoofed Microsoft asks users to click malicious link to prevent password reset.
"Quotation still valid?" - Phishing email pushes users to open malicious attachment in order to answer questions.
"TD Canada Trust: Security Alert" - Fake TD Canada Trust security notice requests users click malicious link to protect account.
"PayPal: You Added A New Email Address To Your Account" - Fake Paypal account notification invites users to click malicious link.
"PayPal: Your Account Summary Is Available" - Spoofed Paypal email offers users malicious link to review account update.
We strongly recommend to phish your own users to prevent these types of very expensive snafus. If you're wondering how many people in your organization are susceptible to phishing, here is a free phishing security test (PST):
