Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

How to Protect Your Business from Scattered Spider's Latest Attack Methods

May 13, 2025 3:32:36 PM By KnowBe4 Team
Mandiant warns that the Scattered Spider cybercriminal group is using “brazen” social engineering attacks to target large enterprise organizations in a wide range of sectors.
Continue Reading

The Clock Is Ticking: Why Phishing Remains The Fastest-Moving Cyber Threat in 2025

May 13, 2025 3:32:19 PM By KnowBe4 Team
Cybersecurity professionals face an increasingly aggressive phishing threat landscape, and the 2025 KnowBe4 Phishing By Industry Benchmarking Report makes one thing crystal clear: ...
Continue Reading

Cybercriminals Use Telegram Bots to Exfiltrate Data In Phishing Kit Campaign

May 12, 2025 4:02:03 PM By KnowBe4 Threat Lab
KnowBe4 ThreatLabs has identified and analyzed a sophisticated cross-platform phishing campaign that utilizes Telegram as its primary exfiltration channel. The campaign uses a combination ...
Continue Reading

Phishing Kits Are Growing More Sophisticated; Focused on Bypassing MFA

May 8, 2025 5:12:21 PM By KnowBe4 Team
Researchers at Cisco Talos warn that major phishing kits continue to incorporate features that allow them to bypass multi-factor authentication (MFA).
Continue Reading

Talos Report: Phishing Attacks Surged in Q1 2025

May 7, 2025 2:09:19 PM By Cindy Zhou
Phishing was the initial access vector in 50% of attacks during the first quarter of 2025, according to a new report from Cisco Talos.
Continue Reading

Warning: Phishing Campaign Impersonates the US Social Security Administration

May 7, 2025 2:08:58 PM By Cindy Zhou
Researchers at Malwarebytes warn that phishing emails are impersonating the US Social Security Administration (SSA) to trick users into installing the ScreenConnect remote access tool.
Continue Reading

Email Remains the Top Attack Vector for Cyberattacks

May 1, 2025 4:29:20 PM By Stu Sjouwerman
Email is still the most common attack vector for cyber threats, according to a new report from Barracuda.
Continue Reading

Cybercriminals Impersonate DHS Amid Deportation Efforts

Apr 30, 2025 4:42:18 PM By Stu Sjouwerman
Researchers at INKY warn that criminals are impersonating the US Department of Homeland Security to launch phishing scams.
Continue Reading

Researchers Warn of Surge in Infostealers Delivered Via Phishing

Apr 30, 2025 4:41:26 PM By Stu Sjouwerman
The number of infostealers delivered via phishing emails increased by 84% last year, according to a new report from IBM’s X-Force researchers. Threat actors are using these malware ...
Continue Reading

Half of Organizations Lack Protection Against Email Spoofing

Apr 24, 2025 3:38:15 PM By Stu Sjouwerman
A new report from Valimail has found that 50% of organizations lack effective protection against email spoofing.
Continue Reading

Warning: Ransomware Remains a Top Threat for SMBs

Apr 23, 2025 3:26:08 PM By Stu Sjouwerman
A new report from Sophos found that ransomware attacks accounted for over 90% of incident response cases involving medium-sized businesses in 2024, as well as 70% of cases involving small ...
Continue Reading

Breaking the Stigma: 90% of Employees Agree that Phishing Simulations Improve their Security Awareness

Apr 23, 2025 3:25:42 PM By Stu Sjouwerman
According to our independent survey of individuals across the UK, USA, Netherlands, France, Denmark, Sweden, the DACH region, and Africa who use a laptop as part of their work, 90.1% find ...
Continue Reading

Threat Actors Are Increasingly Abusing AI Tools to Help With Scams

Apr 22, 2025 9:01:39 AM By Stu Sjouwerman
Cybercriminals are increasingly using AI tools to assist in malicious activities, according to Microsoft’s latest Cyber Signals report.
Continue Reading

China Cybercriminals Behind Toll-Themed Smishing Attacks Surge in the US and UK

Apr 18, 2025 4:32:52 PM By Stu Sjouwerman
Resecurity warns that a China-based cybercriminal gang dubbed the “Smishing Triad” is launching a wave of road toll-themed SMS phishing (smishing) attacks against users across the US and ...
Continue Reading

Lack of Security Awareness Tops List of Obstacles to Cyber Defense

Apr 17, 2025 1:37:19 PM By Stu Sjouwerman
Most organizations cite low security awareness among employees as the biggest barrier to defending against cyberattacks, according to a new survey by CyberEdge Group.
Continue Reading

The Continued Abuse of Legitimate Domains: A Spike in the Exploitation of Google Drive to Send Phishing Attacks

Apr 17, 2025 1:36:59 PM By KnowBe4 Threat Lab
First QuickBooks, then Microsoft, and now Google—will the hijacking of legitimate third-party platform communications stop escalating in 2025? Our Threat Labs researchers predict the ...
Continue Reading

How Does Human Risk Management Differ from Security Awareness Training?

Apr 16, 2025 12:13:48 PM By Stu Sjouwerman
In today's cybersecurity landscape, organizations face an ever-present and often underestimated threat: human risk. Despite significant advancements in technological defenses, human error ...
Continue Reading

AI-Powered Spear Phishing Can Now Outperform Human Attackers

Apr 16, 2025 12:13:09 PM By Stu Sjouwerman
Researchers at Hoxhunt have found that AI agents can now outperform humans at creating convincing phishing campaigns.
Continue Reading

UK Organizations Cite Phishing as the Most Disruptive Type of Cyberattack

Apr 15, 2025 11:03:55 AM By Stu Sjouwerman
Phishing was the most prevalent and disruptive type of attack experienced by UK organizations over the past twelve months, according to the British government’s Cyber Security Breaches ...
Continue Reading

Warning: QuickBooks Phishing Campaign Targets Taxpayers

Apr 11, 2025 6:49:55 PM By Stu Sjouwerman
Cybercriminals are capitalizing on tax season by launching phishing campaigns targeting QuickBooks users, Malwarebytes reports.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews