Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage.
Continue Reading

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals.
Continue Reading

Most Phishing Emails Are After Credentials

57% of phishing emails in 2020 were designed for stealing credentials, according to Cofense’s most recent Annual State of Phishing Report. Meanwhile, just 12% of phishing attacks last ...
Continue Reading

POTRAZ Warns of Phishing Scams

The Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) has issued a warning regarding an increase in email and SMS phishing attacks, the Chronicle reports. Dr. Gift ...
Continue Reading

By Their Poor Idiomatic Control Shall Ye Know Them

A new phishing campaign is impersonating Zoom in order to steal users’ Outlook credentials, according to researchers at GreatHorn. The attackers are using phishing URLs that spoof Zoom’s ...
Continue Reading

[HEADS UP] New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no ...
Continue Reading

New York State Education Department Warns of Phishing Campaign

The New York State Education Department (NYSED) released an advisory warning that scammers are impersonating its employees in an attempt to steal social security numbers and money. The ...
Continue Reading

Phishing Attacks Double in 2020 While Carrying the Highest Month of Attacks on Record

The latest data from the Anti-Phishing Working Group (AWPG) shows massive gains in phishing attacks in Q4 of last year, quantifying the growth and setting the expectation of what’s to ...
Continue Reading

Microsoft Dominates as the Most Impersonated Brand in Phishing Attacks

New data from phishing detection vendor Inky highlights which brands are most often used by cybercriminals in phishing attacks that will give them the edge needed for a successful phish.
Continue Reading

[Heads Up] New Ryuk Ransomware Strain Now Worms Itself To All Your Windows LAN Devices

A new Ryuk strain has a worm-like feature that allows it to spread to all other devices on victims' local networks. It was discovered by the French CERT, their national cyber-security ...
Continue Reading

[Heads Up] Ransomware and Phishing Attacks Are Not Going Away in 2021

According to three reports published last week, the bad guys have improved their popular tactics with phishing and ransomware attacks. The attacks involving fake COVID-19 scams and remote ...
Continue Reading

Phishing Catch of the Day: Your Inbox Will be Deactivated

In this series, our security experts will give a behind the scenes look at phishing emails that were reported to PhishER, KnowBe4's Security Orchestration, Automation and Response (SOAR) ...
Continue Reading

Phishing Targets Industrial Control Systems

Phishing continues to be a primary initial access vector in cyberattacks against industrial control systems, according to researchers at Dragos. Out of the fifteen threat groups tracked ...
Continue Reading

Bogus FedEx and DHL Phishbait

Researchers at Armorblox describe an ongoing phishing campaign that’s using phony FedEx and DHL shipping notifications as phishing lures.
Continue Reading

Running Headfirst Into a Breach

The pandemic changed the fortunes of many organisations. Perhaps none so much as Zoom, which has found itself becoming a noun synonymous with any form of video call.
Continue Reading

More NHS-Themed COVID-19 Vaccine Phishing

A phishing campaign spoofing the UK’s National Health Service has surged its output, Infosecurity Magazine reports. Researchers at Mimecast warn that the attackers behind the campaign are ...
Continue Reading

U.K. Phishing Attack Targets Those Seeking the COVID-19 Vaccine

This latest phishing scam impersonates the UK’s National Health Service, telling recipients that are eligible for the vaccine in order to collect valuable banking and credit card details.
Continue Reading

Be on the Watch for W-2 Phishing Scams!

With tax season just around the corner, this simple, yet effective social engineering theme is perfect to get users to respond to phishing attacks exactly the way the bad guys want.
Continue Reading

KnowBe4 Adds New Language Localization Options to its Security Awareness Training and Simulated Phishing Platform

We are excited to announce the availability of KnowBe4’s new localization options for the Admin Console and Learner Experience. You can now set your default language for three ...
Continue Reading

Phishing and Impersonated Brands

Microsoft is still the most impersonated brand for phishing campaigns, according to researchers at Vade Secure. The security firm spotted 30,621 unique Microsoft-related phishing URLs in ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews