Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Mailsploit Bypasses DMARC And Lets Attackers Send Spoofed Phishing Emails on Over 33 Email Clients

Dec 5, 2017 10:56:55 AM By Stu Sjouwerman
Our friends at Bleepingcomputer reported on something that should cause anyone concern. German security researcher Sabri Haddouche has discovered a set of vulnerabilities that he ...
Continue Reading

Scam Of The Week: Phishers Target PayPal Users With Fake “Failed Transaction” Emails

Dec 4, 2017 2:59:18 PM By Stu Sjouwerman
Scammers are pushing out fake PayPal emails that use the premise of an unverified transaction to phish for customers’ personal and financial information. With the end-of-the-year holidays ...
Continue Reading

Phishing campaigns and malware infections are both up more than 40% since Q2 ‘17

Dec 3, 2017 7:28:13 AM By Stu Sjouwerman
The NTT Security Global Threat Intelligence Center (GTIC) 2017 Q3 Threat Intelligence Report provides a glimpse inside the research conducted by NTT Security researchers over the last ...
Continue Reading

Yahoo Hacker Arrested And Admits Working for The Russians

Nov 29, 2017 9:42:02 AM By Stu Sjouwerman
The Kazakhstan-born Canadian citizen Karim Baratov (22) has pleaded guilty to massive 2014 Yahoo hack that affected three billion accounts. He admitted that he generally spearphished his ...
Continue Reading

Baffling FBI silence about Russian phishing attacks on US officials

Nov 27, 2017 6:59:05 AM By Stu Sjouwerman
WASHINGTON – The Associated Press revealed a baffling FBI silence about spear phishing attacks by Russian hackers on US officials like the former head of cybersecurity for the U.S. Air ...
Continue Reading

Massive Phishing Attack On Businesses with Evil New Ransomware Strain

Nov 25, 2017 11:02:08 AM By Stu Sjouwerman
The Scarab ransomware strain is updated again and spreads via Necurs botnet in a massive 12.5 million campaign, mostly targeting .com domains. Scarab was spotted June 2017 for the first ...
Continue Reading

Uber Total Loss: 57 Million Records Stolen But Data Breach Was Hidden For A Year

Nov 22, 2017 7:37:46 AM By Stu Sjouwerman
Oh boy. Uber is known for pushing the limits of the law and has dozens of lawsuits pending against it, but this one went too far and now comes the reckoning. Bloomberg was first to report ...
Continue Reading

[ALERT] Zombie Remote Access Phishing Trojan Kills Antivirus

Nov 20, 2017 10:00:00 AM By Stu Sjouwerman
Almost two years ago we took note of two different write-ups on the Adwind (aka AlienSpy) remote access trojan (RAT), one by McAfee and the other by Fidelis Security. Those pieces caught ...
Continue Reading

[VIDEO] New Smart Groups Put Your Phishing, Training And Reporting On Autopilot.

Nov 11, 2017 9:29:21 AM By Stu Sjouwerman
Automate the path your employees take to smarter security decisions. With the powerful new Smart Groups feature, you can use each employees’ behavior and user attributes to tailor ...
Continue Reading

[ALERT] This Scary New Phishing Attack Is Very Hard To Detect

Nov 11, 2017 7:57:49 AM By Stu Sjouwerman
You need to know about a new phishing attack vector reported by our friends at Barkly. It utilizes a new technique that's just plain nasty. This week, users at one of their customers ...
Continue Reading

Google: Our hunt for hackers reveals phishing is far deadlier than data breaches

Nov 10, 2017 11:47:25 AM By Stu Sjouwerman
The study finds that victims of phishing are 400 times more likely to have their account hijacked than a random Google user, a figure that falls to 10 times for victims of a data breach. ...
Continue Reading

[On-Demand Webinar] Phishing and Social Engineering in 2018

Nov 9, 2017 10:37:48 AM By Stu Sjouwerman
Ransomware has tipped the 1 billion mark and damages are expected to be around 5 billion before the year is out. Use of ransomware has evolved throughout the year with a 600% rise in URL ...
Continue Reading

Fancy Bear Goes Phishing For DC Cybersecurity Conference Attendees

Oct 24, 2017 10:49:52 AM By Stu Sjouwerman
Want to target a large swath of cybersecurity professionals in one go? Just crash their "cyber" party with a decoy document. So goes the modus operandi for an advanced persistent threat ...
Continue Reading

Seagate Gets Initial OK For 5.7 Million Employee W-2-Phishing Settlement

Oct 22, 2017 10:47:14 AM By Stu Sjouwerman
A California federal judge gave his initial blessing Thursday to Seagate Technology LLC’s settlement that includes services valued at 5.75 million dollars and resolves class-action ...
Continue Reading

Mobile Phishing Attacks Jump, Financial Industry Is Biggest Target

Oct 17, 2017 1:07:04 PM By Stu Sjouwerman
Jason Koestenblatt at Enterprise Mobility Exchange wrote: "Thanks to the amount of time employees are spending online to get work done, hackers have a veritable treasure trove of ...
Continue Reading

Watch Out For This New Amazon Phishing/Phone Password Scam

Oct 15, 2017 10:25:46 AM By Stu Sjouwerman
So here’s a new one: a spoofed Amazon email claiming that Amazon has detected an unauthorized attempt to reset the password on the recipient’s account. A six digit code is provided along ...
Continue Reading

Third Quarter 2017 Top-Clicked Phishing Email Subjects [INFOGRAPHIC]

Oct 11, 2017 5:16:00 PM By Stu Sjouwerman
KnowBe4 customers run millions of phishing tests per year, and we report quarterly on the latest top-clicked phishing email subjects in 3 separate categories: subjects related to social ...
Continue Reading

New Phishing Report: 90% of IT Execs Worry Most About Email Threats

Oct 7, 2017 11:33:19 AM By Stu Sjouwerman
Our colleagues at Phishme released the results of their US Phishing Response Trends Report, which looked at the phishing response strategies of two hundred senior IT security ...
Continue Reading

New Locky Ransomware Strain Evades Machine Learning Security Software

Sep 29, 2017 7:18:56 AM By Stu Sjouwerman
Here is the latest tactic in the cat-and-mouse game between cybercrime and security software vendors. The bad guys have come up with new a ransomware phishing attack, tricking users to ...
Continue Reading

Data points from Risk IQ Q2 Phishing Roundup

Sep 28, 2017 11:57:50 AM By Stu Sjouwerman
Threat Management Provider Risk IQ released data comparing the use of top 10 brands names in Phishing attacks from Q1 and Q2, 2017. The report doesn’t name the top ten brands favored by ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews