KnowBe4

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Cybercriminals Use 1.7 Million Compromised PCs in Botnet Advertising Fraud Scam

The Russian-born, botnet-driven advertising fraud scam, 3ve, generated over $29 million in revenue using fileless malware variant Kovter, botnets, and unsuspecting users.
Continue Reading

[ALERT] Now The Bad Guys Are Phishing For Your Retirement Money

Eric Howes,  KnowBe4 Principal Lab Researcher observed: "Here is a screenshot of a phishing email that came in Friday. In it the bad guys attempt to apply the same modus operandi ...
Continue Reading

True Phishing Confessions From A Compromised Company. This One Has A Twist At The End

"The email you hope you never have to send to clients/customers" OK, so here is another horror story that you hope you can prevent from happening to your own organization. This is an ...
Continue Reading

When Does a Legitimate Password Reset Email Feel Like a Phishing Attack? Just Ask Citrix Users

A recent password reset email from ShareFile (a Citrix company) put some users on edge, questioning both the emails legitimacy and why the reset.
Continue Reading

GreyEnergy Malware Spreads Through Phishing Emails

The GreyEnergy APT primarily uses phishing emails as its initial infection method, according to analysis by Nozomi Networks. The malware has been targeting industrial control systems in ...
Continue Reading

Phishing Emails are Targeting Spotify Users

A phishing campaign is attempting to steal login credentials from Spotify users, according to researchers at AppRiver. The emails ask users to click a hyperlink to confirm their accounts, ...
Continue Reading

Hackers reportedly breached Republican campaign committee emails during 2018 elections

The National Republican Congressional Committee (NRCC) was hacked during the 2018 midterm elections, according to a report from Politico. Republican officials said that hackers had access ...
Continue Reading

That was fast! Bad Guys Are Using The Marriott Breach For Phishing Attacks

As predicted, the Marriott breach is heaven for bad guys. KnowBe4 customers are using the (free) Phish Alert Button to report in the wild phishing attacks using the recent news.
Continue Reading

[Heads-up] Bad Guys Love Marriott: 500 Million Data Breach Is Phishing Heaven

So I guess we have just reached the tipping point, it's "privacy game over" for business travelers.
Continue Reading

Reminder: That Padlock Doesn’t Mean It’s Secure

We’ve mentioned this before, but the misconception has surfaced again, and it’s worth mentioning again. Looking for the padlock as a sign of a secure legitimate website isn’t an accurate ...
Continue Reading

Attackers Rev Up Financial Phishing Campaigns in Preparation for the Holidays

Shoppers around the world face an unprecedented number of phishing attacks this holiday season, according to Andrey Kostin at Kaspersky Lab. With Single’s Day in China on November 11th, ...
Continue Reading

[Heads-up] Phishing Is Way Up And 65% Of Employees Plan To Do Holiday Shopping Online From Work

With users focused on holiday activities, cybercriminals take advantage of lowered defenses and holiday distractions to scam users into becoming victims.
Continue Reading

As You Read This, It's Cyber Monday. How To Avoid The Top 10 Security Threats

InfoSecBuzz asked a number of security experts for their advice on the top security threats and how to avoid them. These are specialists from Alienvault, Cylance, Cybereason, F5 Networks, ...
Continue Reading

[Heads-up] Bad Guys Are Now Taking Over Email Inboxes Without Phishing Attacks

I found a great article in SecurityWeek by Alastair Paterson, the CEO of Digital Shadows. Could not have said it better myself, and he alerted everyone about an attack vector that was ...
Continue Reading

Phishing Accounts for 50% of All Fraud Attacks [InfoGraphic]

According to the latest research from RSA, attacks intent on committing financial fraud most frequently begin with tried and true phishing.
Continue Reading

Now here is something new: Russian Banks Targeted by Sophisticated Phishing Emails

This does not happen too often, and these attackers must be outside of Russia. If hackers inside Russia attack their own country, the FSB is on their doorstep with a SWAT team in no time.
Continue Reading

Phishing Attacks Rose by 30 Million in Q3 2018

Kaspersky Lab blocked 137 million phishing attempts in the third quarter of 2018, a 28 percent increase compared to Q2 2018. A report by the anti-virus company reveals that phishing ...
Continue Reading

"Inception Attackers" Mix Old Exploit, New Backdoor, and Spear Phishing

SecurityWeek reported about a Palo Alto Networks warning: "A malicious group known as the “Inception” attackers has been using a year-old Office exploit and a new backdoor in recent ...
Continue Reading

Scam Of The Week: Fortnite And League of Legends Phishing Attacks

This is an excellent opportunity to sit down with your young'uns and explain the risks of online scams.
Continue Reading

Phishing Scam Is Targeting League of Legends Players

A phishing scam is using fake login pages to target League of Legends players, according to Avast Blog. At the moment, the attacks are taking place primarily in western Europe, mainly ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews