Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
By Eric Howes, KnowBe4 Principal Lab Researcher. Yesterday we spotted an unusual phishing email that we'd like to share with readers. If nothing else, it tells us that the increased ...
Microsoft recently came across a threat that uses social engineering but delivers a different payload than the usual Office document with macros. Its primary purpose is to change a user’s ...
Want someone's credentials? Just social engineer them. Phishing is still responsible for 91% of data breaches and has been for the last few years. A Russian cyber mafia has created a ...
The Wall Street Journal reported this morning that "A Russian hacking group linked to a series of computer intrusions at the Democratic National Committee and other organizations is now ...
'Just weeks after she started preparing opposition research files on Donald Trump’s campaign chairman Paul Manafort last spring, Democratic National Committee consultant Alexandra Chalupa ...
Score another one for the bad guys, who have yet again demonstrated their seemingly inexhaustible ability to concoct new methods to exploit legitimate services in order to bypass existing ...
You may not have heard of Atlanta-based Pindrop Labs. They have developed an innovative way to detect fraudulent phone calls called a "phone print", and their solutions reduce fraud ...
Over the past few weeks our Phishing Templates Mistress Katie and her team have added 17 new templates for use by customers in their simulated phishing campaigns.
The number of data breaches keeps going up. Last week it was more than 1,000 Wendy's where credit card records got ripped off. Fraudsters quickly use the news release of a high-profile ...
Executive boards need better cyber security training, given half of C-level execs fall victim to phishing attacks, according to research conducted by security firm AlienVault. The ...
Just when you think they cannot sink any lower, criminal internet scum is now exploiting the tragedy in Orlando. Unfortunately, from this spot I have been warning about these lowlifes ...
A member of the SpiceWorks IT forums reported he had received a new type of hybrid attack: first a phone call to his desk, followed up with a phishing email laced with malware, promoting ...
We all know that two-factor authentication (2FA) is much better than just simple user/password credentials. However, there is a nasty spoofing trick that bypasses 2FA if the user does not ...
We have created a new infographic for your users, as part of your ongoing security awareness training program. It's a few good reminders how to stay safe online, and to keep their ...
In its most recent Phishing Trends Report, the APWG noted a 250% increase in phishing sites between October 2015 and March 2016 — and the 2016 increase shows the never ending criminal ...
By Eric Howes, KnowBe4's Principal Lab Researcher Remember .PIF files? If you're like us, the extension probably rings a bell somewhere deep in the dustiest recesses of your mind -- the ...
It turns out that HR giant ADP, which provides payroll, tax and benefits administration for more than 640,000 companies, was vulnerable to an ID theft scam. The criminal hackers made off ...
Infragard warned that the FBI has identified two Android malware families, SlemBunk and Marcher, actively phishing for specified US financial institutions’ customer credentials. The ...
By Eric Howes, KnowBe4's Principal Lab Researcher Over the past six to nine months .DOC and .JS file attachments have dominated the news surrounding the rise in phishing attacks. The ...
Verizon yearly does a comprehensive report on security and data breaches. It is excellent ammo to get budget approval for new-school security awareness training. Why? Hundreds of security ...
