Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

[Heads Up] Ransomware and Phishing Attacks Are Not Going Away in 2021

According to three reports published last week, the bad guys have improved their popular tactics with phishing and ransomware attacks. The attacks involving fake COVID-19 scams and remote ...
Continue Reading

Phishing Catch of the Day: Your Inbox Will be Deactivated

In this series, our security experts will give a behind the scenes look at phishing emails that were reported to PhishER, KnowBe4's Security Orchestration, Automation and Response (SOAR) ...
Continue Reading

Phishing Targets Industrial Control Systems

Phishing continues to be a primary initial access vector in cyberattacks against industrial control systems, according to researchers at Dragos. Out of the fifteen threat groups tracked ...
Continue Reading

Bogus FedEx and DHL Phishbait

Researchers at Armorblox describe an ongoing phishing campaign that’s using phony FedEx and DHL shipping notifications as phishing lures.
Continue Reading

Running Headfirst Into a Breach

The pandemic changed the fortunes of many organisations. Perhaps none so much as Zoom, which has found itself becoming a noun synonymous with any form of video call.
Continue Reading

More NHS-Themed COVID-19 Vaccine Phishing

A phishing campaign spoofing the UK’s National Health Service has surged its output, Infosecurity Magazine reports. Researchers at Mimecast warn that the attackers behind the campaign are ...
Continue Reading

U.K. Phishing Attack Targets Those Seeking the COVID-19 Vaccine

This latest phishing scam impersonates the UK’s National Health Service, telling recipients that are eligible for the vaccine in order to collect valuable banking and credit card details.
Continue Reading

Be on the Watch for W-2 Phishing Scams!

With tax season just around the corner, this simple, yet effective social engineering theme is perfect to get users to respond to phishing attacks exactly the way the bad guys want.
Continue Reading

KnowBe4 Adds New Language Localization Options to its Security Awareness Training and Simulated Phishing Platform

We are excited to announce the availability of KnowBe4’s new localization options for the Admin Console and Learner Experience. You can now set your default language for three ...
Continue Reading

Phishing and Impersonated Brands

Microsoft is still the most impersonated brand for phishing campaigns, according to researchers at Vade Secure. The security firm spotted 30,621 unique Microsoft-related phishing URLs in ...
Continue Reading

New Phishing Scam Uses Fake PPP Loans to Trick Victims into Giving Up Personal Information

Taking advantage of people’s need for financial assistance, these scammers pose as a bank offering “forgivable business loans to individuals impacted by the pandemic.”
Continue Reading

Phishing for Love

Valentine’s Day-themed phishing campaigns are spiking, researchers at Check Point warn. There was a 29% increase in Valentine’s Day-related phishing domains last month, compared to a 6% ...
Continue Reading

[New E-Book] Comprehensive Anti-Phishing Guide

Spear phishing emails remain a top attack vector for the bad guys, yet most companies still don’t have an effective strategy to stop them.
Continue Reading

It’s Not Only About the URL

You have to look at the totality of an email to determine whether it is a phishing attack or not.
Continue Reading

[HEADS UP] NHS Issues Warning as UK COVID-19 Vaccine Scams Are Still Running Rampant

The National Health Service (NHS) in the UK recently sent a warning that cybercriminals are using social engineering tactics to target people wanting a COVID-19 vaccine email that is ...
Continue Reading

US Gmail Users Are Preferred Phishing Targets

Google has found that most phishing attacks (42%) target Gmail users in the US. Users in the UK were the second most targeted, with 10% of attacks. Japan came in third with 5% of phishing ...
Continue Reading

New Phishing Attack Uses Morse Code to Avoid Detection by Email Scanners

Yes – you read that right: Cybercriminals have found a way to use 1830’s technology to trick 2020s security solutions into not identifying phishing attachments as malicious.
Continue Reading

New Phishing Attack Uses Google Firebase to Trick Microsoft and Achieve a Spam Confidence Level of Just 1

This new phishing scam takes advantage of inherent trust in credible domains to get past the scrutiny of even Microsoft to trick Office 365 users into giving up their online credentials.
Continue Reading

[World Premiere] KnowBe4’s New Season 3 of Netflix-Style Security Awareness Video Series - ‘The Inside Man’

We’re excited to announce Season 3 of the award-winning KnowBe4 Original Series - ‘The Inside Man’. This network-quality video training series delivers an entertaining learning experience ...
Continue Reading

Three Tips to Stay Safe on the Road and the Information Superhighway

You surf the world wide web, you scroll through social media feeds, read articles, shop online, and respond to email through the incredible invention of the internet. We're all driving on ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews