Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Mobile Phishing Attacks Use New Tactic to Bypass Security Measures

Dec 20, 2024 3:49:33 PM By Stu Sjouwerman
ESET has published its threat report for the second half of 2024, outlining a new social engineering tactic targeting mobile banking users.
Continue Reading

Attackers Abuse HubSpot’s Free Form Builder to Craft Phishing Pages

Dec 20, 2024 3:49:08 PM By Stu Sjouwerman
A threat actor is abusing HubSpot’s Free Form Builder service to craft credential-harvesting phishing pages, according to Palo Alto Networks’ Unit 42.
Continue Reading

No, KnowBe4 Is Not Being Exploited

Dec 18, 2024 11:57:49 AM By Roger Grimes
Some of our customers are reporting “Threat Alerts” from Mimecast stating hackers have exploited KnowBe4 or KnowBe4 domains to send email threats.
Continue Reading

AI-Powered Investment Scams Surge: How 'Nomani' Steals Money and Data

Dec 18, 2024 11:16:53 AM By Stu Sjouwerman
Cybersecurity researchers are warning about a new breed of investment scam that combines AI-powered video testimonials, social media malvertising, and phishing tactics to steal money and ...
Continue Reading

Phishing Campaign Targets YouTube Creators

Dec 18, 2024 11:16:19 AM By Stu Sjouwerman
An email phishing campaign is targeting popular YouTube creators with phony collaboration offers, according to researchers at CloudSEK. The emails contain OneDrive links designed to trick ...
Continue Reading

DarkGate Malware Distributed Via Microsoft Teams Voice Phishing

Dec 17, 2024 10:06:36 AM By Stu Sjouwerman
Threat actors are using voice phishing (vishing) attacks via Microsoft Teams in an attempt to trick victims into installing the DarkGate malware, according to researchers at Trend Micro.
Continue Reading

Critical Infrastructure Under Siege: 42% Spike in Ransomware Attacks on Utilities

Dec 17, 2024 10:05:27 AM By Stu Sjouwerman
Ransomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November ...
Continue Reading

94% of U.K. Businesses Aren’t Adequately Prepared for AI-Driven Phishing Scams

Dec 13, 2024 12:31:54 PM By Stu Sjouwerman
A new report makes it clear that U.K. organizations need to do more security awareness training to ensure their employees don’t fall victim to the evolving use of AI.
Continue Reading

Sophisticated Phishing Campaign Attempts to Bypass SEGs

Dec 13, 2024 12:31:28 PM By Stu Sjouwerman
A widespread phishing campaign is attempting to steal credentials from employees working at dozens of organizations around the world, according to researchers at Group-IB.
Continue Reading

Mobile Phishing Campaign Targets Job Seekers

Dec 12, 2024 11:39:42 AM By Stu Sjouwerman
Researchers at Zimperium warn that a phishing campaign is targeting Android phones to deliver the Antidot banking trojan.
Continue Reading

Nearly Half a Billion Emails in 2024 Were Malicious

Dec 11, 2024 10:29:07 AM By Stu Sjouwerman
A new report from Hornetsecurity has found that 427.8 million emails received by businesses in 2024 contained malicious content.
Continue Reading

Phishing Attacks Are Now Leveraging Google Ads to Hijack Employee Payments

Dec 10, 2024 10:22:34 AM By Stu Sjouwerman
Researchers at Silent Push warn that a phishing campaign is using malicious Google Ads to conduct payroll redirect scams.
Continue Reading

The 40% Rise of Phishing Attacks: How New Domain Extensions Are Fueling Cyber Crime

Dec 6, 2024 9:38:29 AM By Stu Sjouwerman
In recent years, the world of cybersecurity has witnessed a concerning trend: a significant increase in phishing attacks.
Continue Reading

IRS Warns of Holiday-Themed Shopping Scams

Dec 6, 2024 9:38:26 AM By Stu Sjouwerman
The US Internal Revenue Service (IRS) has issued an advisory warning taxpayers to be on the lookout for holiday-themed shopping scams.
Continue Reading

Why Controversial Phishing Emails Do Not Work

Dec 6, 2024 9:38:23 AM By Roger Grimes
Frequently, when a cybersecurity training manager sends out a controversial simulated phishing attack message that angers a bunch of employees and ends up making headlines, we get called ...
Continue Reading

Unwrapping Cybersecurity: A Festive "Die Hard" Guide

Dec 6, 2024 9:37:45 AM By Javvad Malik
It is the holiday season. Think twinkling lights, the scent of pine, and cyber threats lurking in the shadows, waiting to pounce quicker than Bruce Willis can say, “Yippee ki yay.”
Continue Reading

Phishing Attacks Impersonating Big Brands Start to Zero in on Just One Brand

Dec 3, 2024 2:43:22 PM By Stu Sjouwerman
The latest data on brand phishing trends shows one brand dominating quarter over quarter, but also continuing to take on a larger share of the brand impersonation.
Continue Reading

Cruel Year-End Twist: When Fake Firing Is A Real Phishing Attack

Dec 2, 2024 2:42:51 PM By Stu Sjouwerman
Cybercriminals are constantly evolving their tactics to exploit our vulnerabilities. A recent phishing campaign has taken this to a new low, preying on people's fear of job loss to trick ...
Continue Reading

Nearly Every Hacker Believes AI Tools Have Created a New Attack Vector

Nov 27, 2024 12:19:44 PM By Stu Sjouwerman
A new survey of hackers shows that AI is not only empowering hackers to be more effective, but that AI itself is “ripe for exploitation.”
Continue Reading

CISA Strongly Recommends Phishing-Resistant MFA

Nov 27, 2024 10:16:09 AM By Roger Grimes
We are excited to see the Cybersecurity Infrastructure Security Agency (CISA) and outgoing Director Jen Easterly strongly recommend PHISHING-RESISTANT multi-factor authentication (MFA).
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews