Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Threat Actors are Using Image-Based Phishing Emails to Lure Victims

Jul 6, 2023 7:30:00 AM By Stu Sjouwerman
Attackers are increasingly using images in phishing to evade text-based security filters, according to researchers at INKY.
Continue Reading

The Better Business Bureau Warns of Process-Server Phishbait

Jul 3, 2023 10:51:41 AM By Stu Sjouwerman
The Better Business Bureau (BBB) has warned of a scam in which attackers pose as process servers in order to steal information and commit identity theft.
Continue Reading

The face of 2023's cyber-threat landscape was an alarming surge in ransomware and phishing attacks

Jun 29, 2023 6:46:30 AM By Stu Sjouwerman
When KnowBe4 went public in April 2021, I got to know a select group of analysts that served as co-managers on our IPO. These professionals all know our industry very well and we spoke ...
Continue Reading

Newly Discovered Phishing Attacks Target Bank Customers

Jun 28, 2023 11:16:49 AM By Stu Sjouwerman
First National Bank has warned of an increase in phishing and smishing attacks, IT-Online reports.
Continue Reading

National Cyber Security Centre Notes UK Law Firms are Main Target for Cybercriminals

Jun 28, 2023 11:16:46 AM By Stu Sjouwerman
In the most recent Cyber Threat report from the National Cyber Security Centre (NCSC), it is clear that UK law firms are a gold mine for cybercriminals.
Continue Reading

Massive Impersonation Phishing Campaign Imitates over 100 Brands and Thousands of Domains

Jun 28, 2023 8:24:49 AM By Stu Sjouwerman
A year-long phishing campaign has been uncovered that impersonates 100+ popular clothing, footwear, and apparel brands using at least 10 fake domains impersonating each brand.
Continue Reading

Russian Threat Actor Targets Ukraine Government And Military With Spear Phishing Emails

Jun 27, 2023 8:54:25 AM By Stu Sjouwerman
Russia’s APT28 (also known as “Fancy Bear” or “BlueDelta”) is using spear phishing to compromise Ukrainian government and military entities, according to researchers at Recorded Future. ...
Continue Reading

New Cryptocurrency Coinbase Phishing Campaign Uses Social Engineering

Jun 26, 2023 9:12:26 AM By Stu Sjouwerman
A phishing campaign is impersonating cryptocurrency trading platform Coinbase, Tech.co reports. Crypto trader Jacob Canfield described the campaign in a Twitter thread, stating that the ...
Continue Reading

Want To Stop All Scams? Here Is How!

Jun 23, 2023 2:25:52 PM By Roger Grimes
There are many ways to be socially engineered and phished, including email, websites, social media, SMS texts, chat services, phone calls and in-person. These days, it is hard to sell ...
Continue Reading

“Picture in Picture” Phishing Attack Technique Is So Simple, It Works

Jun 23, 2023 11:35:38 AM By Stu Sjouwerman
Using credibility-building imagery and creating a need for the user to click what may or may not be perceived as an image is apparently all it takes to engage potential phishing victims.
Continue Reading

Banking and Retail Top the List of Industries Targeted by Social Media Phishing Attacks

Jun 23, 2023 11:35:31 AM By Stu Sjouwerman
Using an external platform trusted by potential victims is proving to be a vital tool in the cybercriminal’s arsenal. New data shows the state of the threat and who’s at risk.
Continue Reading

Extremely Persistent Threat Group Demonstrates a Strong Understanding of the Modern Incident Response Frameworks

Jun 22, 2023 9:44:42 AM By Stu Sjouwerman
A threat actor tracked as “Muddled Libra” is using the 0ktapus phishing kit to gain initial access to organizations in the software automation, business process outsourcing, ...
Continue Reading

Is AI-Generated Disinformation on Steroids About To Become a Real Threat for Organizations?

Jun 21, 2023 9:49:39 AM By Martin Kraemer
A researcher was alerted to a fake website containing fake quotes that appeared to be written by himself. The age of generative artificial intelligence (AI) toying with our public ...
Continue Reading

[Eyes Open] The FTC Reveals The Latest Top Five Text Message Scams

Jun 21, 2023 8:53:16 AM By Stu Sjouwerman
The U.S. Federal Trade Commission (FTC) has published a data spotlight outlining the most common text message scams. Phony bank fraud prevention alerts were the most common type of text ...
Continue Reading

KnowBe4’s 2023 Phishing By Industry Benchmarking Report Reveals that 33.2% of Untrained End Users Will Fail a Phishing Test

Jun 20, 2023 9:07:42 AM By Joanna Huisman
Cybercriminals still know that the easiest way to successfully infiltrate an organization is through its people.
Continue Reading

New Survey Shows 40% of People Searching for a Job Encountered a Scam

Jun 15, 2023 8:47:35 AM By Stu Sjouwerman
A survey by PasswordManager.com has found that one in three job seekers has fallen for, and responded to, fake job scams over the past two years.
Continue Reading

[INFOGRAPHIC] KnowBe4’s SecurityCoach: Top 10 Risky Behaviors

Jun 14, 2023 4:08:25 PM By Stu Sjouwerman
Real-time security coaching helps improve your organization’s security culture by enabling real-time coaching of your users in response to risky security behaviors.
Continue Reading

Microsoft Describes a Sophisticated Phishing Campaign that Targeted Several Financial Organizations

Jun 13, 2023 9:56:43 AM By Stu Sjouwerman
Microsoft describes a sophisticated phishing campaign that targeted several financial organizations.
Continue Reading

[SCAM OF THE WEEK] Summer Scams Your Users Should Watch Out For

Jun 8, 2023 2:27:41 PM By Stu Sjouwerman
While your users are getting ready for their next beach vacation, cybercriminals are preparing for their opportunity to strike. Check Point Research warns about this and common phishing ...
Continue Reading

Why Companies Have Great Success Training Employees With Simulated Phishing Tests

Jun 8, 2023 1:25:15 PM By Stu Sjouwerman
We occasionally learn of articles and papers that claim that security awareness training and/or simulated phishing campaigns are not effective. We don’t want to disparage what these ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews