Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

[ALERT] This Scary New Phishing Attack Is Very Hard To Detect

You need to know about a new phishing attack vector reported by our friends at Barkly. It utilizes a new technique that's just plain nasty. This week, users at one of their customers ...
Continue Reading

Google: Our hunt for hackers reveals phishing is far deadlier than data breaches

The study finds that victims of phishing are 400 times more likely to have their account hijacked than a random Google user, a figure that falls to 10 times for victims of a data breach. ...
Continue Reading

[On-Demand Webinar] Phishing and Social Engineering in 2018

Ransomware has tipped the 1 billion mark and damages are expected to be around 5 billion before the year is out. Use of ransomware has evolved throughout the year with a 600% rise in URL ...
Continue Reading

Fancy Bear Goes Phishing For DC Cybersecurity Conference Attendees

Want to target a large swath of cybersecurity professionals in one go? Just crash their "cyber" party with a decoy document. So goes the modus operandi for an advanced persistent threat ...
Continue Reading

Seagate Gets Initial OK For 5.7 Million Employee W-2-Phishing Settlement

A California federal judge gave his initial blessing Thursday to Seagate Technology LLC’s settlement that includes services valued at 5.75 million dollars and resolves class-action ...
Continue Reading

Mobile Phishing Attacks Jump, Financial Industry Is Biggest Target

Jason Koestenblatt at Enterprise Mobility Exchange wrote: "Thanks to the amount of time employees are spending online to get work done, hackers have a veritable treasure trove of ...
Continue Reading

Watch Out For This New Amazon Phishing/Phone Password Scam

So here’s a new one: a spoofed Amazon email claiming that Amazon has detected an unauthorized attempt to reset the password on the recipient’s account. A six digit code is provided along ...
Continue Reading

Third Quarter 2017 Top-Clicked Phishing Email Subjects [INFOGRAPHIC]

KnowBe4 customers run millions of phishing tests per year, and we report quarterly on the latest top-clicked phishing email subjects in 3 separate categories: subjects related to social ...
Continue Reading

New Phishing Report: 90% of IT Execs Worry Most About Email Threats

Our colleagues at Phishme released the results of their US Phishing Response Trends Report, which looked at the phishing response strategies of two hundred senior IT security ...
Continue Reading

New Locky Ransomware Strain Evades Machine Learning Security Software

Here is the latest tactic in the cat-and-mouse game between cybercrime and security software vendors. The bad guys have come up with new a ransomware phishing attack, tricking users to ...
Continue Reading

Data points from Risk IQ Q2 Phishing Roundup

Threat Management Provider Risk IQ released data comparing the use of top 10 brands names in Phishing attacks from Q1 and Q2, 2017. The report doesn’t name the top ten brands favored by ...
Continue Reading

Scam of The Week: "Fake-tortion" Phishing Attacks

OK, this is a heads-up about a new aggressive form of email attack that you need to warn your employees, friends and family about. The bad guys have beta-tested and refined it in ...
Continue Reading

Equifax appears to be training recipients to fall for phishing scams

Brian Krebs wrote: "More than a week after it said most people would be eligible to enroll in a free year of its TrustedID identity theft monitoring service, big three consumer credit ...
Continue Reading

Nearly 1.5 Million New Phishing Sites Created Each Month

The September 2017 Webroot Quarterly Threat Trends Report showed that 1.385 million new, unique phishing sites are created each month, with a high of 2.3 million sites created in May. The ...
Continue Reading

Barracuda Advanced Technology Group Tracks 20 Million Ransomware Phishing Attack

Barracuda Advanced Technology Group says it’s tracking a ransomware threat that has so far spawned about 20 million phishing emails sent to unsuspecting users around the world in the last ...
Continue Reading

Aaaaand... You're fired (thanks to phishing)

The BBC has a cautionary tale for pretty much everyone who uses email. It’s the story of a finance director who was sacked after falling for a phishing scam disguised as a message from ...
Continue Reading

Phishing attacks use undocumented MS Office feature to leak system profile data

An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by sending a phishing email and social engineering victims ...
Continue Reading

VEVO Data Breach Caused By LinkedIn Phishing Attack

A Vevo spokesperson told Gizmodo that the company “can confirm that Vevo experienced a data breach as a result of a phishing scam via Linkedin. We have addressed the issue and are ...
Continue Reading

Scam Of The Week: Equifax Phishing Attacks

You already know that a 143 million Equifax records were compromised. The difference with this one is that a big-three credit bureau like Equifax tracks so much personal and sometimes ...
Continue Reading

Phishing Attack With PowerPoint Attachment Bypasses User Access Control

Fortinet researchers discovered a malicious PowerPoint file which currently is used to attack diplomats, United Nations- and government organizations worldwide. This will soon filter down ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews