Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

A Brief History of Phishing, and Other Forms of Social Engineering

Oct 23, 2023 10:23:52 AM By Stu Sjouwerman
Social engineering attacks have a very long history, though the Internet has made it easier to launch these attacks en masse, according to Sean McNee at DomainTools. McNee points to an ...
Continue Reading

QR Code Phishing on the Rise: The Alarming Findings From the Hoxhunt Challenge

Oct 20, 2023 1:46:05 PM By Stu Sjouwerman
As the digital landscape continues to evolve, so do the tactics of cybercriminals. The Hoxhunt Challenge, a comprehensive study conducted across 38 organizations spanning nine industries ...
Continue Reading

Phishing-as-a-Service: As Simple As Uploading A Logo

Oct 19, 2023 10:36:00 AM By Stu Sjouwerman
Researchers at Fortra are tracking “Strox,” one of the most popular phishing operations of the past two years. Users of Strox phishing kits can easily create phishing campaigns by simply ...
Continue Reading

CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance

Oct 19, 2023 9:56:01 AM By Stu Sjouwerman
October 18, 2023, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State ...
Continue Reading

Phishing Attacks Surge By 173% In Q3, 2023; Malware Threats Soar By 110%

Oct 18, 2023 2:30:05 PM By Stu Sjouwerman
A new report from Vade Secure has found that phishing attacks rose by 173% in the third quarter of 2023, while malware threats have increased by 110%.
Continue Reading

Summit Sabotage: Malicious Phishing Campaign Hits Female Political Leaders Using Social Engineering

Oct 17, 2023 2:40:52 PM By Stu Sjouwerman
A threat actor dubbed “Void Rabisu” used social engineering to target attendees of the Women Political Leaders (WPL) Summit that was held in Brussels from June 7 to 8, 2023, Trend Micro ...
Continue Reading

Phishing Tests Start The Virtuous Cycle Of A Strong Security Culture

Oct 17, 2023 7:00:06 AM By Stu Sjouwerman
Phishing tests are the catalyst to achieve a sustainable security culture within your organization. They are actually the start of a virtuous cycle that helps you move up to the highest ...
Continue Reading

9 in 10 CISOs Report at Least One Disruptive Cyberattack in the Last Year

Oct 13, 2023 4:52:41 PM By Stu Sjouwerman
A new report sheds light on whether CISOs have been the victim of a cyber attacks, if they're every paid a ransom, their greatest cyber concerns, and much more.
Continue Reading

53% of Organizations Experienced Cyber Attacks

Oct 13, 2023 4:52:30 PM By Stu Sjouwerman
As increasing percentages of businesses experience cyberattacks, new data provides details on where the most organizational risk lies.
Continue Reading

Should You Use Controversial Simulated Phishing Test Emails?

Oct 13, 2023 1:34:39 PM By Roger Grimes
The Wall Street Journal recently published an article about using highly-emotionally charged, “controversial”, subjects in simulated phishing tests. Controversial topic examples include ...
Continue Reading

New Research: Phishing Remains the Most Popular Technique for Bad Actors

Oct 12, 2023 12:11:26 PM By Stu Sjouwerman
A report from Trustwave notes that phishing remains one of the most popular and effective techniques for attackers to gain access to organizations.
Continue Reading

Harvested Credentials Are Put Up for Sale Monthly on the Dark Web at a Rate of 10,000 a Month

Oct 12, 2023 8:01:59 AM By Stu Sjouwerman
Credential harvesting has become a business in and of itself within the cybercrime economy. New insight from Microsoft details the types of attacks your organization should watch out for.
Continue Reading

[INFOGRAPHIC] KnowBe4’s SecurityCoach: Top 10 Integrations

Oct 12, 2023 8:00:00 AM By Stu Sjouwerman
Real-time security coaching helps improve your organization’s security culture by enabling real-time coaching of your users in response to risky security behaviors.
Continue Reading

Smishing Triad Threat Actor Sets Its Sights on the UAE

Oct 10, 2023 4:05:50 PM By Stu Sjouwerman
Resecurity warns that the Smishing Triad threat actor has “vastly expanded its attack footprint” in the United Arab Emirates (UAE).
Continue Reading

One Out of Five Organizations Must Improve Their Security Posture to be Eligible for Cyber Insurance

Oct 9, 2023 8:16:12 AM By Stu Sjouwerman
As insurers become more educated on what a “secure organization” looks like, they are tightening their requirements that puts the onus on organizations to be more secure.
Continue Reading

Energy Sector Experiences Three Times More Operational Technology Cybersecurity Incidents Than Any Other Industry

Oct 9, 2023 8:14:04 AM By Stu Sjouwerman
While industries like financial services and healthcare tend to dominate in IT attacks, the tables are turned when looking at Operational Technology (OT) cyber attacks – and the energy ...
Continue Reading

Stay a Step Ahead of your #1 Downtime Threat - Business Email Compromise

Oct 9, 2023 5:00:00 AM By Stu Sjouwerman
A new report from Secureworks has found that business email compromise (BEC) remains “one of the most financially damaging online crimes overall for orgs” in 2023. The security firm’s ...
Continue Reading

[Risky New Data] More than Half of Phishing Scams Now Use Obfuscation

Oct 5, 2023 3:26:33 PM By Stu Sjouwerman
A new report shows staggering phishing trends using obfuscation techniques that should make any organization feel worried.
Continue Reading

Senior Executives Beware: The Rise of EvilProxy Phishing Campaigns

Oct 5, 2023 8:20:01 AM By Stu Sjouwerman
Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial ...
Continue Reading

Malicious URLs In Phishing Emails: Hover, Click and Inspect Again

Oct 5, 2023 8:19:48 AM By Roger Grimes
The most often recommended piece of anti-phishing advice is for all users to “hover” over a URL link before clicking on it. It is great advice.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews