Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

The Deceptive Media Era: Moving Beyond "Real vs. Fake"

As society grapples with the rapid advancement of AI and synthetic media, we've been asking the wrong question. The focus on whether content is "real or fake" misses the more crucial ...
Continue Reading

Attackers Abuse DocuSign to Send Phony Invoices

Threat actors are abusing DocuSign’s API to send phony invoices that appear “strikingly authentic,” according to researchers at Wallarm.
Continue Reading

BlackBasta Ransomware Gang Uses New Social Engineering Tactics To Target Corporate Networks

ReliaQuest warns that the BlackBasta ransomware gang is using new social engineering tactics to obtain initial access within corporate networks.
Continue Reading

Attackers Abuse Eventbrite to Send Phishing Emails

Attackers are abusing Eventbrite’s scheduling platform to send phishing emails, according to researchers at Perception Point. These attacks increased by 900% between July and October 2024.
Continue Reading

Celebrating 5 Million Learners: The Evolution of KnowBe4's Compliance Plus

When you think of KnowBe4, you might immediately picture phishing simulations, password security modules, or other security awareness training topics.
Continue Reading

Phishing Alert: Cybercriminals Impersonating KnowBe4 Training Emails

In the ever-evolving landscape of cybersecurity threats, we've recently encountered a sophisticated phishing attempt targeting one of our valued KnowBe4 customers. This incident serves as ...
Continue Reading

Threat Actors Abuse LinkedIn to Target Job Seekers

Threat actors are targeting people who have recently lost their jobs with employment scams on LinkedIn, according to researchers at Malwarebytes.
Continue Reading

QR Code Phishing is Growing More Sophisticated

Sophos describes a QR code phishing (quishing) campaign that targeted its own employees in an attempt to steal information.
Continue Reading

75% of Organizations Have Experienced a Deepfake-Related Attack

As generative AI evolves and becomes a mainstream part of cyber attacks, new data reveals that deepfakes are leading the way.
Continue Reading

Crooks are Sending Halloween-Themed Phishing Emails

Halloween-themed spam and phishing emails have surged over the past two months, with a significant increase beginning in October, according to researchers at Bitdefender.
Continue Reading

4 out of 10 Phishing Emails Are Sent From a Compromised Email Account

Analysis of phishing emails in the second quarter of this year paints a picture of what security teams and vigilant recipients should expect from modern phishing attacks.
Continue Reading

Threat Actors Compromise Valid Accounts Via Social Engineering

Phishing remains a top initial access vector for cyberattacks, according to researchers at Cisco Talos.
Continue Reading

Cyber Attack Tools Now Being Used To Help Phishing Pages Avoid Detection

Cybercriminals are offering tools to help phishing pages avoid detection by security tools, according to researchers at SlashNext.
Continue Reading

Cybersecurity Budgets Are Increasing, but Security Leaders Don’t Think It’s Enough

Despite the belief that today’s SOC should be doing the lion’s share of protecting an organization, new data shows reliance on more than just security teams is needed.
Continue Reading

New Research: 140% Increase in Callback Phishing

Researchers at Trustwave observed a 140% increase in callback phishing attacks between July and September 2024. Callback phishing is a social engineering tactic that involves emails and ...
Continue Reading

More Than 33,000 People in the UK Have Been Hacked Over the Past Year

Action Fraud, the UK’s national fraud and cyber crime reporting service, warns that more than 33,000 people have reported that their online accounts have been hacked over the past year.
Continue Reading

Nearly Two-Thirds of IT Leaders Have Fallen For Phishing Attacks

Sixty-four percent of IT leaders have clicked on phishing links, a new survey by Arctic Wolf has found. Despite this, 80% of these same professionals are confident their organization ...
Continue Reading

Cyber Attackers are Adopting a “Mobile First” Attack Strategy

With 16+ billion mobile devices in use worldwide, new data sheds light on how bad actors are shifting focus and tactics to put attacks into the victim’s hands.
Continue Reading

KnowBe4's Cybersecurity Experts Shine at Barnes & Noble in New York City

New York City's iconic Barnes & Noble on 5th Avenue recently featured the newly released books of two of KnowBe4's leading cybersecurity experts: Chief Human Risk Management Officer ...
Continue Reading

Phishing Attacks Are Abusing Legitimate Services to Avoid Detection

Microsoft warns that threat actors are abusing legitimate file-hosting services to launch phishing attacks. These attacks are more likely to bypass security filters and appear more ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews