KnowBe4 Blog

Phishing

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Beware the Tax Trap: Seasonal Urgency Drives a Spike in Tax-Related Phishing Scams

Cybercriminals are quick to exploit seasonal events — and tax season is no exception. It’s a yearly honeypot for cybercriminals, who take advantage of heightened stress, tight deadlines, ...

Securing Employee Identities: Expert Tips for Identity Management Day 2025

With this week being Identity Management Day on April 8th, it's the perfect reminder for organizations to focus on protecting their employees' digital identities.

Russian Threat Actor Launches Spear-Phishing Campaign Against Ukrainians

The Russian threat actor Gamaredon is targeting Ukrainians with spear-phishing documents related to troop movements, according to researchers at Cisco Talos.

The Real Deal: How Cybercriminals Exploit Legitimate Domains

When it comes to secure email gateways (SEGs), the narrative is quite simple. For years, organizations have relied on SEGs as the foundation of their email security.

Upgraded Phishing-as-a-Service Platform Drives a Wave of Smishing Attacks

A phishing-as-a-service (PhaaS) platform dubbed ‘Lucid’ is driving a surge in SMS phishing (smishing) attacks, according to researchers at Prodaft.

Online Gaming Platform Steam Tops List of Most Imitated Brands For the First Time

Steam was the most impersonated brand in phishing attacks during the first quarter of 2025, according to a new report from Guardio. The researchers note that the gaming platform’s surge ...

Phishing Attacks Lead to Theft in the Shipping Industry

Phishing attacks are driving a surge in “double brokering” scams in the shipping industry, according to Christian Reilly, Cloudflare’s Field CTO for EMEA.

[Heads Up] QR Code Phishing is Getting More Stealthy Fast

Attackers are using new tactics in QR code phishing (quishing) attacks, according to researchers at Palo Alto Networks’ Unit 42.

Most Phishing Emails Rely Purely on Social Engineering

99% of phishing emails that reached inboxes last year did not contain malware, according to a new report from Fortra.

Report: Phishing Remains the Most Prevalent Cyber Threat

INKY has published its annual report on email security, finding that phishing accounted for 30% of all reported cybercrimes last year.