Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

300+ New Ways to Stop Your Users from Clicking on Everything!

You now really have 300+ new ways to make sure your users Think Before They Click!
Continue Reading

Scam Of The Week: Locked PDF Phishing Attack

Wednesday Jan 4th, the SANS Internet Storm Center warned about an active phishing campaign that has malicious PDF attachments in a new scam to steal email credentials. The SANS bulletin ...
Continue Reading

Adobe's New VoCo Is PhotoShop For Audio - The Potential For Voice Phishing Is Horrendous

Our friends at www.Social-Engineer.org sent me some interesting news in their January newsletter: "Adobe recently announced Project VoCo at the November Adobe Max conference.
Continue Reading

Russia Hacking America Started With Phishing Attacks

As one of his last actions in office, President Obama expelled 35 Russian diplomats spies in retaliation for Russia interfering with the U.S. election process, after intelligence agencies ...
Continue Reading

Disk-Killer Malware Adds Ransomware Feature And Charges $200,000+ 

Talk about adding insult to injury with this new KillDisk version. Here is how social engineering can cost you dearly. The Sandworm cybercrime gang has upped its game. They were initially ...
Continue Reading

You Need To Know The Top 10 IT Security Trends For 2017

I have been looking at the coming year and what trends you will probably see actually deployed in your network. These trends are the practical things that will help you to keep your ...
Continue Reading

Scam Of The Week: George Michael Dies At 53. Watch out for phishing attacks

Today, news broke that George Michael was found dead on Sunday at his home in Goring in Oxfordshire, England. He was 53. A police statement said: “Thames Valley Police were called to a ...
Continue Reading

L.A. County Phishing Attack: 750,000 record data breach

Confidential health data or personal information of more than 750,000 people may have been accessed in a cyberattack on Los Angeles County employees in May that led to charges this week ...
Continue Reading

Scam Of The Week: The 1 Billion Yahoo Hack

This is getting old. It's all over the press... again. Here is a Reuters article where I am quoted, which covers the most recent billion-record Yahoo hack. Some people asked me after our ...
Continue Reading

KnowBe4 and Barracuda Team Up to Educate and Protect Users Against Phishing Attacks

KnowBe4, the most popular security awareness training and simulated phishing platform, and Barracuda Networks, Inc. (NYSE: CUDA), a leading provider of cloud-enabled security and data ...
Continue Reading

And Another Billion More Yahoo Accounts Hacked

In the September/ October timeframe this year it became clear that Yahoo had lost more than 500 million records which was the biggest hack of the year. Who knew that they would top ...
Continue Reading

Phishing from the Middle: Social Engineering Refined

By Eric Howes, KnowBe4 Principal Lab Researcher. Phishing attacks have long been associated with malicious emails that spoof well-known institutions in order to trick users into coughing ...
Continue Reading

Phishing Reply Tracking Is Now Available for All KnowBe4 Customers

Two of the big cybersecurity attacks are the CEO Fraud (aka Business Email Compromise) which has caused $3.4 billion in damages as well as the W-2 Scams which social engineer ...
Continue Reading

Kaspersky: DDoS Often Smokescreen For Phishing Attack

Distributed denial of service attacks, also known as DDoS, are becoming a major threat. They can bring websites and networks down, and generally make a lot of noise demanding attention. ...
Continue Reading

Phishing Attack Hits Saudi Govt Networks With Disk-Wiping Malware

Hackers penetrated six Saudi Arabian government agencies including its General Authority of Civil Aviation, and bricked thousands of computers with the well-known Shamoon disk-wiper ...
Continue Reading

10 Ways To Avoid Holiday Scams

With the biggest cybercriminal hacking holidays of the year upon us, it's time for a reminder of red flags to pay attention to when shopping either online or in brick-and-mortar stores.
Continue Reading

New Phishing Category: Controversial/NSFW*Offensive Language*

We get thousands of real phishing emails in, reported to us by customers using the free KnowBe4 Phish Alert Button. On a daily basis, these reported phishing emails get analyzed by the ...
Continue Reading

KnowBe4’s Phish Alert Button Now Works With G Suite!

Do your users know what to do when they receive a suspicious email? Should they call the help desk, or forward it? Should they forward to IT including all headers? Delete and not report ...
Continue Reading

The LinkedIn Phishing Attack: How They Did It

by Eric Howes (Principal Lab Researcher) & Ryann Falke (Sales Development Representative) Last week we documented several interesting credentials phishes delivered through LinkedIn ...
Continue Reading

City Of El Paso Victim Of 3 Million Dollar Phishing Scam

During a news conference Wednesday afternoon, city officials revealed that cybercriminals pretending to be a vendor scammed the city's Accounts Receivable Department out of about $3 ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews