Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Men Are Twice As Likely To Fall For Phishing Attacks

In an analysis done by KnowBe4 of 201,755 phishing emails sent over the past 30 days, it was found men appear to be more prone to clicking on a phishing email than women. In further ...
Continue Reading

KnowBe4 got a CEO Fraud phishing attack. Wrong Mark!

KnowBe4 has been warning against "CEO Fraud" emails for a few months now, the FBI also calls them "Business Email Compromise" (BEC). I had been hoping we would get one of these ourselves, ...
Continue Reading

Report: Phishing costs average organization $3.7 million per year

If you extrapolate the total annual cost of phishing for the average organization it comes to more than $3.7 million. You could shave that down by $1.8 million though, with the right ...
Continue Reading

What Is Worse Than Ransomware? Business Email Compromise

You are getting your Scam Of The Week early. Yesterday, the FBI via their Internet Crime Complaint Center announced some shocking numbers. There is a 270 percent spike in victims and cash ...
Continue Reading

Phishing Alert: Warn Your Users Against Ashley Madison Scams Now

Your end-users saw this in the news yesterday, or will read about it today. The hackers who stole more than 36 million records from the Ashley Madison site (which makes it easy to cheat ...
Continue Reading

Tech Firm Ubiquiti Suffers $46M Cyberheist

Brian Krebs just reported on a massive $46M Cyberheist. Networking firm Ubiquiti Networks Inc. disclosed this week that cyber thieves recently stole $46.7 million using an increasingly ...
Continue Reading

Scam Of The Week: Microsoft Windows 10 Upgrade Installs Ransomware.

Major Operating System upgrades are usually a cause of confusion among end-users and the current Windows 10 upgrade is no exception. The bad guys exploit these confusions in several ways, ...
Continue Reading

AshleyMadison: Second Nightmare Phishing Problem

8/19/2015 UPDATE: Yesterday the full 10 Gigabyte database was released on the Internet, with all records including confidential files related to the company itself. People that registered ...
Continue Reading

Aggressive New Tech Support Social Engineering Scam

The Tech Support Scams are getting worse by the month. Here is a horror story that was just shared today. I suggest you read it, and keep alert for Red Flags like these! "My dad almost ...
Continue Reading

Spear Phishing Attack Results In $5.3 Million Bitcoin Cyberheist

"Newly leaked, confidential documents have revealed details into a cyberattack aimed at Bitstamp, a company that fundamentally deals as a cryptocurrency trader, according to a report in ...
Continue Reading

OPM Phishing Attack: "Your Data Was Hacked, How To Protect Yourself"

And yes, as we predicted, there are now phishing attacks that mimic Office of Personnel Management (OPM) data breach notifications. The breach has expanded to millions more records. It ...
Continue Reading

Magazine publisher loses $1.5M in phishing scam

Cyber-criminals have social engineered magazine publisher Bonnier Group out of at least $1.5m after hacking the CEO’s email. The total damage could be as much as $3.0 million. Bonnier ...
Continue Reading

Ransomware Resume Phishing Security Test Gets Monster Open Rate

Now here is a real IT Horror Story. A brand new KnowBe4 customer which had not yet trained their employees decided to test their staff with one of the new templates we had just released.
Continue Reading

LastPass Hacked. Be Alert For Phishing Attacks

LastPass, the popular online password management service has been hacked and data was stolen, including the password hints, which is why you need to be alert for scams trying to exploit ...
Continue Reading

Gone phishing: How I taught my users to stop clicking everything

Familiar with SpiceWorks? It's the world's largest IT Admin community. One user wrote the 392nd entry in their Spotlight on IT. This is the story. There is a link at the end to the ...
Continue Reading

The Truth About The Massive OPMgate Hacking Scandal

The recent U.S. Government Office of Personnel Management hack is getting worse by the day. In Saturday's Wall Street Journal they revealed that apart from more than 4 million personal ...
Continue Reading

Adult Friend Finder Hack Is Nightmare Phishing Problem

Guys, we have a real phishing problem with this Adult Friend Finder (AFF) hack. This particular adult site is one of the most heavily-trafficked websites in the U.S. and has 40 million ...
Continue Reading

Researchers Observe SVG Files Being Used To Distribute Ransomware

Researchers with AppRiver have observed attackers sending out phishing emails with SVG files attached – these files, when downloaded and executed, open up websites that download what ...
Continue Reading

Phishing in the C-Suite: 96% of Executives Vulnerable to Attacks

According to a recent survey, 96% of executives failed to tell the difference between a real email and a phishing email 100% of the time.
Continue Reading

How Phishing Malware Rombertik Kills Your Hard Drives

InfoSec researchers at Cisco's TALOS group discovered a strain of malware that spreads through phishing. Attackers use social engineering tactics to entice users to download, unzip, and ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews