Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Report: Phishing Remains the Most Prevalent Cyber Threat

Mar 27, 2025 5:07:44 PM By Stu Sjouwerman
INKY has published its annual report on email security, finding that phishing accounted for 30% of all reported cybercrimes last year.
Continue Reading

Amount of Money Requested In BEC Attacks Nearly Doubled in Q4 2024

Mar 26, 2025 3:31:53 PM By Stu Sjouwerman
The average amount of money requested in business email compromise (BEC) attacks spiked to $128,980 in the fourth quarter of 2024, according to the Anti-Phishing Working Group’s (APWG’s) ...
Continue Reading

The Human Element: Addressing Cybersecurity Risk in Danish and Swedish Organizations

Mar 24, 2025 3:06:58 PM By Martin Kraemer
We recently conducted research in Denmark and Sweden to understand security culture in local organizations better.
Continue Reading

Act Now: Phishing-as-a-Service Attacks are on the Rise

Mar 24, 2025 3:05:34 PM By Stu Sjouwerman
Phishing-as-a-service (PhaaS) platforms drove a surge in phishing attacks in the first two months of 2025, according to researchers at Barracuda.
Continue Reading

Hundreds of Malicious Android Apps Received 60 Million Downloads

Mar 21, 2025 10:46:15 AM By Stu Sjouwerman
Bitdefender warns that a major ad fraud campaign in the Google Play Store resulted in more than 60 million downloads of malicious apps.
Continue Reading

Key Takeaways from the KnowBe4 2025 Phishing Threat Trends Report

Mar 20, 2025 10:28:47 AM By James Dyer
Our latest Phishing Threat Trends Report explores the evolving phishing landscape in 2025, from renewed tactics to emerging attack techniques.
Continue Reading

Phishing Attacks Abuse Microsoft 365 to Bypass Security Filters

Mar 20, 2025 10:27:20 AM By Stu Sjouwerman
Threat actors are abusing Microsoft’s infrastructure to launch phishing attacks that can bypass security measures, according to researchers at Guardz.
Continue Reading

The Cybersecurity Confidence Gap: Are Your Employees as Secure as They Think?

Mar 18, 2025 10:26:41 AM By Anna Collard
Our recent research reveals a concerning discrepancy between employees' confidence in their ability to identify social engineering attempts and their actual vulnerability to these attacks.
Continue Reading

Booking.com Phishing Scam Targets Employees in the Hospitality Sector

Mar 18, 2025 10:25:44 AM By Stu Sjouwerman
A phishing campaign is impersonating travel agency Booking.com to target employees in the hospitality industry, according to researchers at Microsoft.
Continue Reading

98% Spike in Phishing Campaigns Leveraging Russian (.ru) Domains

Mar 14, 2025 10:05:36 AM By KnowBe4 Threat Lab
A KnowBe4 Threat Lab publication Authors: Martin Kraemer, Jeewan Singh Jalal, Anand Bodke, and James Dyer EXECUTIVE SUMMARY: We observed a 98% rise in phishing campaigns hosted on Russian ...
Continue Reading

Make Your Real Emails Less Phishy

Mar 13, 2025 9:14:05 AM By Roger Grimes
I infrequently get emails from customers who are frustrated because their employer sent out some legitimate mass email to all employees that unfortunately had all the hallmarks of a ...
Continue Reading

245% Increase in SVG Files Used to Obfuscate Phishing Payloads

Mar 12, 2025 9:11:12 AM By KnowBe4 Threat Lab
A KnowBe4 Threat Labs Publication Authors: James Dyer and Cameron Sweeney The KnowBe4 Threat Research team has observed a sustained increase in the use of Scalable Vector Graphics (SVG) ...
Continue Reading

AI and AI-agents: A Game-Changer for Both Cybersecurity and Cybercrime

Mar 12, 2025 9:10:02 AM By Anna Collard
Artificial Intelligence (AI) is no longer just a tool—it is a game changer in our lives, our work as well as in both cybersecurity and cybercrime.
Continue Reading

Beware: Malvertising Campaign Hits Nearly a Million Devices

Mar 12, 2025 9:09:33 AM By Stu Sjouwerman
Microsoft warns that a widespread malvertising campaign hit nearly one million devices around the world. The campaign, which began on illegal streaming sites, impacted both consumer and ...
Continue Reading

Autonomous Agentic AI-Enabled Deepfake Social Engineering Malware is Coming Your Way!

Mar 10, 2025 9:17:27 AM By Roger Grimes
I’ve been in the cybersecurity industry for over 36 years. Surprisingly, hackers and malware haven't changed all that much.
Continue Reading

Invoice or Impersonation? 36.5% Spike in Phishing Attacks Leveraging QuickBooks’ Legitimate Domain in 2025

Mar 7, 2025 9:13:54 AM By KnowBe4 Threat Lab
A KnowBe4 Threat Lab Publication Authors: Martin Kraemer, James Dyer, and Lucy Gee Much like sending a phishing email from a compromised account, cybercriminals can boost the ...
Continue Reading

Data at Risk: 96% of Ransomware Attacks Involve Data Theft

Mar 6, 2025 9:54:08 AM By Stu Sjouwerman
A new report from Arctic Wolf has found that 96% of ransomware attacks now involve data theft as criminals seek to force victims to pay up.
Continue Reading

[Heads Up] Sophisticated Phishing Attack Uses New JavaScript Obfuscation Trick

Mar 5, 2025 9:11:50 AM By Stu Sjouwerman
Researchers at Juniper Threat Labs warn that phishing attacks are utilizing a new obfuscation technique to hide malicious JavaScript.
Continue Reading

Q&A with Martin Kraemer on Information Sharing in Cybersecurity

Mar 5, 2025 9:11:22 AM By Martin Kraemer
Recently, Dr. Martin J. Kraemer, Security Awareness Advocate at KnowBe4, and Dr. William Seymour, Lecturer in Cybersecurity at King’s College London released a Whitepaper called: ...
Continue Reading

Primary Refresh Tokens Aren’t Your Parent’s Browser Token

Mar 4, 2025 9:40:59 AM By Roger Grimes
If you haven’t been paying attention closely enough, a new type of access control token, like a super browser token on steroids, is becoming hackers' theft target of choice.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews