KnowBe4

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

UK publishers warn of global phishing scams targeting manuscripts

A succession of global phishing scams targeting publishers and agents has prompted responses from several global publishers, reports the Bookseller.
Continue Reading

Organizations Need to Prepare for the Aftermath of Phishing Attacks

Phishing campaigns are growing more sophisticated as industries become increasingly aware of the threat they pose. Some of these attacks are so clever and meticulously crafted that many ...
Continue Reading

KnowBe4's Phish Alert Button Now Works With Outlook Mobile!

Do your users know what to do when they receive a suspicious email? Should they call the help desk, or forward it? Should they forward to IT including all headers? Delete and not report ...
Continue Reading

Bleeding Edge Phishing Attack Uses Decoy PDF with Microsoft-issued SSL Cert

TL,DR: A recent phishing attack posing as a PDF decoy from a Denver law firm was stealing clients' Office 365 credentials. The phishing bait was hosted in Azure blob storage and contained ...
Continue Reading

Worry About Phishing, Not Malware!

With so many security strategies revolving around the detection of malware, organizations forget the primary source of all their worries – phishing.
Continue Reading

Kevin Mitnick weighs in on Facebook's big security breach

It was all over the news, and CNBC interviewed KnowBe4's very own Chief Hacking Officer Kevin Mitnick (note the StreetCred box on the right).
Continue Reading

Targeted Attacks Replace Spam Campaigns

Spam campaigns are all but dead. But lucrative targeted low-risk, high-yield cyber-attacks have risen to take their place, according to the European Union law enforcement agency Europol.
Continue Reading

Brand-New Tool: Domain Doppelgänger Identifies Evil Twin Domains

I gave you a heads-up a few days ago, and now I'm excited to announce the actual release of a new tool to help protect your organization from the bad guys.
Continue Reading

Ewww. Password managers can be tricked into believing that malicious Android apps are legitimate

Ewww. Something else to watch out for. Will it ever stop?. Ummm, no.
Continue Reading

Highly Targeted Email Attacks Are on the Rise!

New data shows a surge in attacks, what industries are targets, which users are at risk, and what you can expect to see in the future.
Continue Reading

As Predicted, Hurricane Florence Phishing Scams are Circulating

We’ve noted in other posts that events like natural disasters are inevitably used as phishbait by scammers. The Atlantic hurricane season, which breeds storms like the recent and very ...
Continue Reading

It Only Takes One Phish to Spoil Your IPO

The recent data breach of pre-IPO biotech firm Guardant Health shows how much impact a single successful phishing attack can have on an organization.
Continue Reading

The Evolution Of "Friendly Name" Spoofing During Phishing Attacks

Our friends at Bleepingcomputer had a great article written by Ionut Ilascu I think you will like: "While phishing continues to be the prevalent threat in malware-less email-based ...
Continue Reading

WATCH IT - Current Events Will Be Misused for Phishing...AGAIN

Here are the latest Current Events phishes from the KnowBe4 team over the past few days, some prompted by warnings from US-CERT.
Continue Reading

Colleges Become Phishing Targets with Student Loans as the Payoff

Anytime there’s a transaction involving money, cybercriminals look for ways to hack in and intercept funds. Student Loans are the latest target.
Continue Reading

Phishing from Beyond the Grave...

By Eric Howes,  KnowBe4 Principal Lab Researcher. It's no secret that the threat of phishing emails has been growing at an alarming rate for a number of years. Indeed, ZDNet recently ...
Continue Reading

Details of North Korea Attacks Highlight Email’s Role in Attacks

When you think of cyber-espionage, you might be surprised it’s far less “Mission: Impossible” and a lot more basic phishing tactics.
Continue Reading

Phishing Scammers are Planning Well into 2020

Cybercriminals are already looking to take advantage of the 2020 Tokyo Olympics. Are you thinking years out? The bad guys are.
Continue Reading

New York State Universities Targeted by Phishing Scams

Students from Plattsburgh State and SUNY Adirondack were targeted by several types of scams over the summer, causing Plattsburgh State officials to send out warnings to the student body. ...
Continue Reading

Phishing warning: One in every one hundred emails is now a hacking attempt

And just one mistake can compromise an entire organisation. Danny Palmer at ZDNet wrote: "One in every one hundred emails sent round the globe has malicious intent, likely to deliver ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews