Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Scammers Use Milanote App to Host Phishing Content and Avoid Detection by Secure Email Gateways

The “Evernote for creatives” collaborative platform is being used to legitimately host malicious links that point victims to phishing links, bypassing detection mechanisms.
Continue Reading

The World’s Most Impersonated Brand in Phishing Attacks Is… (and it’s NOT Microsoft!)

Despite so much news surrounding phishing attacks pretending to be from Microsoft’s Office 365 platform, a new report from Vade Secure provides a global perspective to impersonation.
Continue Reading

Cybercriminals Are Growing More Organized

The cybercriminal underground is becoming increasingly organized, according to researchers at HP. The criminal underground functions like a regular economy, with people selling goods and ...
Continue Reading

Phishing Attacks Surged in Q2 2021

Phishing activity increased dramatically in the second quarter of 2021, according to a recent report by Vade. The company observed 4.2 billion phishing emails in June alone.
Continue Reading

Milanote Exploited to Host Phishing Content

Researchers at Avanan warn that attackers are exploiting the collaboration and note-taking app Milanote to host phishing links.
Continue Reading

[HEADS UP] 2021 Tokyo Olympics Mean Olympic-Themed Phishing Attacks

Last year, we reported that authorities warned of the Tokyo Olympics phishing attacks. Then the global pandemic occurred, and the games were postponed. Well, now the games have ...
Continue Reading

Microsoft Continues to be the Top Impersonated Brand in Phishing Attacks

New data from CheckPoint identifies those brands being used by threat actors to trick victims into opening attachments, clicking links, providing credentials, and giving up personal ...
Continue Reading

The Cost and Impact of Cybercrime Can Now Be Measured in a Single Minute

With the number of threat actors growing rapidly, along with an increased frequency of attacks, RiskIQ has put together a sobering perspective of how cybercrime impacts us in just 60 ...
Continue Reading

[INFOGRAPHIC] New Report Shows Users Are Falling for Security and HR-Related Phishing Attacks

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...
Continue Reading

Nearly Every Organization Has Had an Insider-Caused Data Breach in the Last Year

Whether it’s from an accidental leak of data or falling victim to a phishing attack, new data from email security vendor Egress puts the insider’s role in breaches into critical ...
Continue Reading

[On-Demand Webinar] 2021 Phishing By Industry Benchmarking Report

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to ...
Continue Reading

84% of Organizations Experienced Ransomware and Phishing-Related Security Events in the Last 12 Months

New research from Trend Micro and Osterman Research highlights where organizations are strongest and weakest at stopping phishing attacks resulting in ransomware.
Continue Reading

Phishing Campaign Uses Novel Technique to Deliver Malware

Researchers at McAfee warn that a phishing campaign is delivering malware via Word documents that don’t contain any malicious code. When a user opens the document and enables content, the ...
Continue Reading

Year-Long Phishing Campaign Targets Energy, Oil & Gas Companies Using Spoofed B2B Correspondence

Uncovered by the research team at cloud protection vendor Intezer, this new phishing campaign seeks to steal information and position each victim as the foothold to spear phish additional ...
Continue Reading

Spear Phishing Campaign Targets Energy Companies

Researchers at Intezer have spotted a phishing campaign that’s targeting energy companies in South Korea, the United States, the United Arab Emirates, and Germany. Most of the targets are ...
Continue Reading

Phishbait Follows Current Events

Crisis draws opportunistic criminals, and the Kaseya ransomware incident is no different. Kaseya’s updates on the incident have included repeated warnings not to be taken in by emails or ...
Continue Reading

The Pandemic’s Paradigm Shift with Cybersecurity

Just over a year ago, a much-prized perk – the ability to work from home – became an everyday reality for many. ITWeb, in partnership with KnowBe4, conducted a survey to gain insight into ...
Continue Reading

[On-Demand Webinar] Implement DMARC the Right Way to Keep Phishing Attacks Out of Your Inbox

DMARC, SPF, and DKIM are global anti-domain-spoofing standards, which can significantly cut down on phishing attacks. Implemented correctly they allow you to monitor email traffic, ...
Continue Reading

Social Engineering and Organizational Culture

Consistent awareness training is necessary to fend off phishing attacks, according to Keatron Evans, a principal security researcher, instructor, and author with Infosec. In an interview ...
Continue Reading

KnowBe4’s 2021 Phishing By Industry Benchmarking Report Reveals that 31.4% of Untrained End Users Will Fail a Phishing Test

Guess what? Over the past several months, the KnowBe4 elves have been working around the clock analyzing billions of rows of data to uncover meaningful insights. Their latest offering is ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews