KnowBe4

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Executives are Out and Employees are In as Cybercriminals Change Their Primary Targets for Cyberattack

Phishing and Social Engineering scammers are shifting tactics, focusing efforts on low-level employees using a variety of methods as a means to cast a wider net within a targeted ...
Continue Reading

Phishing Attacks See Massive Increases and Improvements in Execution with Social Engineering at the Helm

With 98% of malicious emails that hit inboxes containing no malware, the evolution and future of the phish lies squarely in the hands of effective social engineering.
Continue Reading

Spearphishing Boils Down to Basic Social Engineering

While spearphishing attacks may employ various tactics and tools, they all rely on the same underlying human weaknesses to achieve their goals, according to Asaf Cidon from Barracuda ...
Continue Reading

Social Engineers Earn a First

A study by nonprofit research company Jisc and the UK’s Higher Education Policy Institute (HEPI) found that 100 percent of spear phishing tests against universities were able to gain ...
Continue Reading

Florida Spearphishing: Meddle Globally, Phish Locally

Russian intelligence services sent spearphishing emails to more than 120 email accounts used by Florida election officials in November 2016, according to Special Counsel Robert Mueller’s ...
Continue Reading

U.K. Government: "80% Of Organizations Experience Phishing Attacks"

Despite maintaining an improved security posture over last year, 2019 brings additional attacks with a higher price tag, causing the U.K. government to urge organizations to do more.
Continue Reading

Ohio Becomes the Third U.S. State to Adopt the NAIC’s Insurance Data Security Model Law

Ohio joins South Carolina and Michigan to create cybersecurity legislation modeled after the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law.
Continue Reading

Phishing Continues to be the Source of Health Data Breaches Totaling Over 1M Breached Records

The beginning of 2019 has proven that data breaches in the health industry aren’t going anywhere. And from the intel on the breaches, phishing is playing a predominant role.
Continue Reading

Here are few Game of Thrones phishing scams you should know about and how to avoid them

With the Game of Thrones (GoT) Season 8 finally airing, bad guys are using a variety of social engineering tactics to trick your end-users.
Continue Reading

[Heads-up] A GA County School System Only Just Escaped A 2 Million Dollar Cyber Attack

Armor, a leading global cloud security solutions provider, read the news about a recent cyberattack, where hackers targeted the payroll department of the city of Tallahassee, FL and ...
Continue Reading

Over 80% of All Phishing Attacks Targeted U.S. Organizations

  U.S. entities remained the most attractive targets of phishing attacks throughout 2018, with an estimated 84% of the total volume of millions of incidents analyzed during the last year ...
Continue Reading

Phishing Attack Spoofs Email Security Firm

Ray Shultz at MediaPost's EmailINSIDER wrote about a nasty new way that the bad guys are trying to establish trust: spoofing the return path and received email headers of Barracuda in an ...
Continue Reading

Staff and Students Put School Districts at the Greatest Risk of Cyber Attack

Inadvertent sharing, phishing attacks, and ransomware top the list of attack vectors, with teachers, students, and vendors all contributing to the risk of breach.
Continue Reading

What's The Best Name? ThreadJacking or Man-in-the-Inbox Attacks?

We are seeing a new type of attack popping up more and more. Bad guys send a phishing attack and steal the credentials of your employee. But they stay under the radar and lurk for a while ...
Continue Reading

Ottawa City Treasurer sends $128,000 to fraudsters in email phishing scam

The treasurer of the city of Ottawa, Marian Simulik, fell for a business email compromise (BEC) scam and sent $100,000 to a scammer, the city’s auditor general revealed this week. Simulik ...
Continue Reading

[Heads-up] Survey Finds 82% Of You Are Impacted By Payment Fraud

Payment fraud continues to soar, as a record 82 percent of organizations reported incidents in 2018, according to the 2019 AFP Payments Fraud & Control Survey, underwritten by J.P. Morgan.
Continue Reading

Organizations Face a 63% Likelihood of Being the Victim of Successful Cyberattack in Next 12 Months

The latest data from 1,200 IT organizations shows organizations seeing attacks as inevitable and, for some industries, successful compromise as even more a given.
Continue Reading

The Latest in Phishing Tackle

Phishing kits are using increasingly sophisticated techniques to avoid detection and make their scams more convincing, according to Prakhar Shrotriya at Zscaler.
Continue Reading

New Phishing Attacks Make 2FA Useless

These latest attacks are designed to proxy login requests that incorporate SMS-based authentication as a way to seamlessly bypass 2FA protection without being noticed.
Continue Reading

90 Percent Of Critical Infrastructure Hit By Cyberattacks

  A new survey of professionals in industries using industrial control systems (ICS) and operational technology (OT) finds 90 percent of respondents say their environment has been damaged ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews