More Than 33,000 People in the UK Have Been Hacked Over the Past Year

Oct 22, 2024 2:56:57 PM By Stu Sjouwerman

Action Fraud, the UK’s national fraud and cyber crime reporting service, warns that more than 33,000 people have reported that their online accounts have been hacked over the past year.

Nearly Two-Thirds of IT Leaders Have Fallen For Phishing Attacks

Oct 22, 2024 2:56:53 PM By Stu Sjouwerman

Sixty-four percent of IT leaders have clicked on phishing links, a new survey by Arctic Wolf has found. Despite this, 80% of these same professionals are confident their organization ...

Cyber Attackers are Adopting a “Mobile First” Attack Strategy

Oct 21, 2024 2:06:23 PM By Stu Sjouwerman

With 16+ billion mobile devices in use worldwide, new data sheds light on how bad actors are shifting focus and tactics to put attacks into the victim’s hands.

KnowBe4's Cybersecurity Experts Shine at Barnes & Noble in New York City

Oct 21, 2024 11:16:40 AM By Stu Sjouwerman

New York City's iconic Barnes & Noble on 5th Avenue recently featured the newly released books of two of KnowBe4's leading cybersecurity experts: Chief Human Risk Management Officer ...

Phishing Attacks Are Abusing Legitimate Services to Avoid Detection

Oct 18, 2024 2:17:30 PM By Stu Sjouwerman

Microsoft warns that threat actors are abusing legitimate file-hosting services to launch phishing attacks. These attacks are more likely to bypass security filters and appear more ...

AI-Enhanced Cyber Attacks Tops the List of Data Security Threats

Oct 17, 2024 1:37:18 PM By Stu Sjouwerman

AI is quickly becoming the basis for more cyber attacks, leading organizations to realize the risk it presents. A new report now shows that AI-enhanced cyber attacks are now the top ...

Chinese Threat Actor Targets OpenAI With Spear-Phishing Attacks

Oct 16, 2024 3:47:17 PM By Stu Sjouwerman

OpenAI has disclosed that its employees were targeted by spear-phishing attacks launched by a suspected Chinese state-sponsored threat actor.

The Number of Malicious Emails Reaching Inboxes Is Declining

Oct 16, 2024 3:47:14 PM By Stu Sjouwerman

New research shows that less malicious emails are getting past security scanners to the inbox, but also provides details about how phishing emails are becoming increasingly dangerous.

"Operation Kaerb" Takes Down Sophisticated Phishing-as-a-Service Platform “iServer”

Oct 14, 2024 8:51:36 AM By Stu Sjouwerman

A partnering of European and Latin American law enforcement agencies took down the group behind the mobile phone credential theft of 483,000 victims.

Sextortion Scammers Attempt to Hit “Close to Home”

Oct 14, 2024 8:51:32 AM By Stu Sjouwerman

We live in a world where, despite the sharing of information online, we feel like those interactions will never reach home. But a new scam – covered on WTSP Tampa Bay’s Channel 10 news – ...

Google App Scripts Become the Latest Way to Establish Credibility and Automate Phishing Attacks

Oct 11, 2024 8:37:52 AM By Stu Sjouwerman

Cybercriminals have found a new way of leveraging legitimate web services for malicious purposes, this time with the benefit of added automation of campaign actions.

Attackers Abuse URL Rewriting to Evade Security Filters

Oct 8, 2024 10:19:48 AM By Stu Sjouwerman

Attackers continue to exploit URL rewriting to hide their phishing links from email security filters, according to researchers at Abnormal Security.

Free Phishing Platform Has Created More than 140,000 Spoofed Websites

Oct 7, 2024 2:00:22 PM By Stu Sjouwerman

A free phishing-as-a-service (PhaaS) platform named Sniper Dz has assisted in the creation of more than 140,000 phishing sites over the past year, according to researchers at Palo Alto ...

Financial Services Industry Experiences a Massive Increase in Brand Abuse

Oct 4, 2024 3:37:43 PM By Stu Sjouwerman

Industry analysis of the domains used behind phishing and brand impersonation attacks show financial institutions are being leveraged at an alarming rate.

New VPN Credential Attack Goes to Great Lengths to Obtain Access

Oct 3, 2024 11:58:12 AM By Stu Sjouwerman

A new “so-phish-ticated” attack uses phone calls, social engineering, lookalike domains, and impersonated company VPN sites to gain initial access to a victim network.

Dick’s Sporting Goods Cyber Attack Underscores Importance of Email Security and Internal Controls

Oct 2, 2024 3:09:58 PM By Stu Sjouwerman

The recent cyber attack on Dick's Sporting Goods makes it clear that email played a critical role and emphasizes the need for better security controls.

Scammers Use QR Code Stickers to Target UK Motorists

Sep 27, 2024 11:17:01 AM By Stu Sjouwerman

Netcraft warns that scammers are posting QR code stickers on parking meters in the UK and other European countries.

Election-Themed Phishing Threats Are on the Rise

Sep 25, 2024 1:54:49 PM By Stu Sjouwerman

Researchers at ReliaQuest have published a report looking at cyber threats surrounding the upcoming US presidential election, warning that election-related phishing will continue to ...

McAfee Discovers New Phishing Campaign Targeting GitHub Users

Sep 24, 2024 10:35:59 AM By Stu Sjouwerman

A phishing campaign is targeting GitHub users with phony CAPTCHA pages, according to researchers at McAfee. The phishing emails ask users to address a security vulnerability in a GitHub ...

Half of all Financial Services Cyber Attacks Start with a Very Costly Phish

Sep 23, 2024 3:18:45 PM By Stu Sjouwerman

New analysis of attacks on the financial sector shows that the combination of phishing emails and compromised credentials is a recurring — and financially impactful — threat.

Security Awareness Training Blog

Phishing Blog

View Topics