KnowBe4 Blog

Phishing

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Phishing Emails Use Invisible Hyphens to Avoid Detection

A phishing campaign is using invisible characters to evade security filters, according to Jan Kopriva at the SANS Internet Storm Center.

Microsoft Help Desk Phishing Attempt

I received this email the other day to my personal email account. It is a “Security Alert” from “Microsoft Helpdesk.” Oh, my!

LastPass Phishing Campaign Informs Users of Phony Death Notifications

A phishing campaign is targeting LastPass users with phony notifications informing users that someone has notified the company of the user’s death and is trying to gain access to their ...

Phishing Campaign Impersonates Google Careers Recruiters

A phishing campaign is impersonating Google Careers to target job seekers, according to researchers at Sublime Security.

Phishing Campaign Impersonates Password Managers

A phishing campaign is impersonating LastPass and Bitwarden with phony breach notifications, BleepingComputer reports.

Attackers Abuse Grok to Spread Phishing Links

Threat actors are abusing X’s generative AI bot Grok to spread phishing links, according to researchers at ESET. The attackers achieve this by tricking Grok into thinking it’s answering a ...

Alert: Watch Out For Phishing Attacks in the Wake of the AWS Outage

Cybernews warns that threat actors will likely take advantage of the recent AWS outage to launch phishing attacks against affected users.

Phishing Remains the Top Initial Access Vector in Cyberattacks Across Europe

Phishing was the initial access vector for 60% of cyberattacks across Europe between July 2024 and June 2025, according to the European Union Agency for Cybersecurity (ENISA).

Multitasking Employees Are Particularly Vulnerable to Phishing Attacks

Employees who multitask are significantly more vulnerable to phishing attacks, according to a study from the University at Albany published in the European Journal of Information Systems.

New Phishing Campaign Uses AI Tools to Evade Detection

Microsoft warns that a recent phishing campaign used AI technology to obfuscate its payload and evade security filters.