New Adversary in the Middle Platform Circumvents MFA Protections “At Scale”

Sep 1, 2023 10:21:34 AM By Stu Sjouwerman

As Phishing as a Service (PhaaS) kits continue to evolve, news like recent attacks using the Greatness toolkit demonstrate how easy it is for novice attackers to access accounts despite ...

Labor Day Alert: Mobile Phishing Attacks on the Rise for Remote Employees

Aug 31, 2023 1:59:58 PM By Stu Sjouwerman

A recent survey by Lookout, Inc. warns for a specific attack vector as Labor Day approaches. The study shows that 85% of enterprise employees capable of remote work plan to do so on ...

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

Aug 31, 2023 12:18:44 PM By Stu Sjouwerman

Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.

Customers of Cryptocurrency FTX are Target of Phishing Emails

Aug 31, 2023 11:06:04 AM By Stu Sjouwerman

Customers of the bankrupt cryptocurrency exchange FTX are already receiving phishing emails following a breach of personal data held by several crypto companies, CoinDesk reports.

Open Redirect Flaws: The Newest Phishing Trick

Aug 30, 2023 3:45:49 PM By Stu Sjouwerman

No surprise: phishing attacks are on the rise, and an old technique is now--again--getting increasingly popular: open redirect flaws. These flaws allow attackers to redirect victims to ...

Quishing: QR Codes as Phishbait

Aug 30, 2023 9:12:55 AM By Stu Sjouwerman

Researchers at Trustwave are tracking an increase in the use of QR codes to spread phishing links.

Use KnowBe4’s New Callback Phishing Feature to Boost Your Organization's Security Awareness

Aug 25, 2023 8:20:17 AM By Stu Sjouwerman

What's the Deal with Callback Phishing?

Duolingo Users Should Be on the Lookout for Targeted Phishing Attacks

Aug 24, 2023 8:58:30 AM By Stu Sjouwerman

Users of the language learning app Duolingo should be wary of targeted phishing attacks following a recent data leak, according to Anthony Spadafora at Tom’s Guide. Criminals scraped the ...

Phishing Tops the List as the Most Costly Initial Attack Vector in Data Breaches

Aug 23, 2023 8:59:37 AM By Stu Sjouwerman

After you come to grips with the massive average cost of a data breach to an enterprise organization measured in the millions, it’s time to look at the factors that increase – and lower – ...

Deceptive Links, Brand Impersonation, and Identity Deception Top the List of Phishing Attack Tactics

Aug 23, 2023 8:58:43 AM By Stu Sjouwerman

As phishing attacks continue to dominate as an initial attack vector, new data shows that attackers maintain the use of tried-and-true techniques as the means to successful attacks.

Phishing Campaigns Targeting Microsoft Login Credentials Jump an Unprecedented 6100%

Aug 23, 2023 8:58:36 AM By Stu Sjouwerman

Monitoring of traffic to phishing pages hosted on the free hosting service Cloudflare R2 show an unheard of spike of 6100%, many going undetected by many security solutions due to the ...

Scammers Impersonate the Australian Tax Office

Aug 23, 2023 8:55:31 AM By Stu Sjouwerman

The Australian Taxation Office (ATO) has warned of an increase in SMS and email phishing attacks targeting taxpayers, News.com.au reports. The scams attempt to steal credentials or ...

[Eye-Opening] Increase of Phishing Attacks in Australia Should Alarm Organizations

Aug 21, 2023 9:12:47 AM By Stu Sjouwerman

Phishing attacks are on the rise in Australia, the Australian Broadcasting Corporation (ABC) reports.

Bloomberg Reports: Stealth QR Code Phishing Attack On Major US Energy Company

Aug 18, 2023 8:41:06 AM By Stu Sjouwerman

During my two years as the CEO of a Public Company, Bloomberg became one of my go-to sources for financial news. I am still subscribed and today found an interesting story from Drake ...

Not Another Voter Registration Scam (But It Looks Like One)

Aug 16, 2023 2:00:38 PM By Stu Sjouwerman

The UK government’s voter registration website is causing confusion again, according to Ax Sharma at BleepingComputer. The site, hosted at a “.com” address, often makes users wonder if ...

Social Media Platforms Become Half of all Phishing Attack Targets

Aug 16, 2023 2:00:08 PM By Stu Sjouwerman

Social platforms are the current favorite target of cybercriminals, displacing financial institutions, providing cybercriminals with credentials to be used as launch points for further ...

Beware of Clickbait PDF Phishing Attacks Lurking in Search Results

Aug 14, 2023 2:51:18 PM By Martin Kraemer

We previously reported independently on PDF-based phishing attacks skyrocketing and the rise of SEO attacks. A recent research study found that the combination of both is quite common. ...

[Live Demo] Boost Your Email Security Defense - PhishER Plus to the Rescue!

Aug 11, 2023 4:09:16 PM By Stu Sjouwerman

Now there's a super easy way to keep malicious emails away from all your users through the power of KnowBe4 PhishER Plus!

Salesforce Becomes the Latest Platform to Unwittingly Aid Phishing Scammers

Aug 11, 2023 8:21:43 AM By Stu Sjouwerman

Cybercriminals used the legitimacy of Salesforce’s email gateway to bypass security scanners and target Meta customers in an effort to steal Facebook credentials.

Comcast: 9 out of 10 Attempts to Breach Customer Networks Start with a Phish

Aug 11, 2023 8:21:30 AM By Stu Sjouwerman

The latest data from Comcast Business’ analysis of over 23.5 billion cyber attacks on their business customers shows the importance and role of phishing in attacks.

Security Awareness Training Blog

Phishing Blog

View Topics