Verizon: Pretexting Now Tops Phishing in Social Engineering Attacks

Jun 8, 2023 7:10:48 AM By Stu Sjouwerman

The New Verizon DBIR is a treasure trove of data. As we covered here, and here, people are one of the most common factors contributing to successful data breaches. Let’s drill down a bit ...

Smishing Campaign Expands to the Middle East

Jun 7, 2023 1:27:54 PM By Stu Sjouwerman

A Chinese-speaking phishing gang has expanded its targeting from the Asia-Pacific region to the Middle East, researchers at Group-IB have found. The gang, which the researchers call ...

Why Do You Still Need Security Awareness Training If You Use Phishing-Resistant MFA?

Jun 7, 2023 10:21:14 AM By Roger Grimes

For years, KnowBe4 has been a long-time proponent of everyone using PHISHING-RESISTANT multi-factor authentication (MFA) whenever possible.

North Korean Phishing Campaign Targeting Think Tanks, Academics and Media

Jun 6, 2023 6:28:01 PM By Stu Sjouwerman

The U.S. and South Korean governments have issued a joint advisory outlining a North Korean phishing campaign, The Register reports. The threat actor, known as “Kimsuky,” is targeting ...

New Phishing Campaign Uses Hyperlinked Images for Fake Gift Cards and Promotions

Jun 5, 2023 1:35:02 PM By Stu Sjouwerman

A phishing campaign is using hyperlinked images in order to trick users into visiting malicious sites, according to Jeremy Fuchs at Avanan. The emails contain images that offer gift cards ...

Protecting Patient Data: The Importance of Cybersecurity in Healthcare

Jun 1, 2023 1:37:09 PM By Javvad Malik

As digital transformation continues to shape the healthcare industry, it is crucial for healthcare organizations to prioritize cybersecurity. These organizations are entrusted with ...

[Wake-Up Call] It's Time to Focus More on Preventing Spear Phishing

May 31, 2023 2:22:02 PM By Roger Grimes

Fighting spear phishing attacks is the single best thing you can do to prevent breaches.

“Magic Link” Phishing Attacks Scamming Users With Fake McAfee Renewals

May 30, 2023 9:08:34 AM By Stu Sjouwerman

Threat actors are using encoded phishing links to evade security filters, according to Jeremy Fuchs at Avanan. The phishing emails purport to be notifications from McAfee informing the ...

Verizon Sends New Smishing Warning

May 25, 2023 2:38:23 PM By Stu Sjouwerman

Verizon has renewed its warnings to customers about the threat of smishing, a social engineering approach that relies upon texts as opposed to other communication channels like the email ...

Financial Fraud Phishing Attacks Increase 72% In One Year; Financial Industry Takes the Brunt

May 24, 2023 8:52:51 AM By Stu Sjouwerman

With attackers knowing financial fraud-based phishing attacks are best suited for the one industry where the money is, this massive spike in attacks should both surprise you and not ...

BatLoader Malware is Now Distributed in Drive-By Attacks

May 24, 2023 8:52:37 AM By Stu Sjouwerman

Malign persuasion can take many forms. We tend to hear the most about phishing (malicious emails) or smishing (malicious texts). Other threats are also worth some attention, like the risk ...

More Than Half of all Email-Based Cyberattacks Bypass Legacy Security Filters

May 24, 2023 8:52:19 AM By Stu Sjouwerman

New data shows that changes in cybercriminals’ phishing techniques are improving their game, making it easier to make their way into a potential victim user’s inbox.

[New & Improved] QR Code Phishing with Snail Mail Postcards

May 22, 2023 2:25:51 PM By Stu Sjouwerman

One of KnowBe4's long-term employees just send me a picture this morning of a postcard that sure looks like it's phishing, the good old-fashioned way: snail mail ! Here is the picture and ...

[Free Tool] Find out who falls victim to QR code phishing attacks with our QR Code Phishing Security Test

May 22, 2023 11:00:00 AM By Stu Sjouwerman

According to QRTIGER, an online QR code generator company, dynamic QR code scans increased 433% globally from 2021 to 2022. In 2022, the FBI released a warning that QR codes may be ...

New Top-Level Domains as Potential Phishing Risk

May 22, 2023 10:25:18 AM By Stu Sjouwerman

Google has recently introduced a set of new top-level domains: .dad, .esq, .prof, .phd, .nexus, .foo, .zip and .mov. They’re now available for purchase, and it’s the last two that are ...

Phishing Tops the List Globally as Both Initial Attack Vector and as part of Cyberattacks

May 18, 2023 4:22:37 PM By Stu Sjouwerman

A new report covering 13 global markets highlights phishing prevalence and its role in cyber attacks when compared to other types of attacks.

New “Greatness” Phishing-as-a-Service Tool Aids in Attacks Against Microsoft 365 Customers

May 18, 2023 4:22:33 PM By Stu Sjouwerman

This new phishing toolkit is rising in popularity for its effective realism in impersonating not just Microsoft 365, but the victim organization as well.

Large-Scale "Catphishing" that Targets Victims Looking for Love

May 18, 2023 10:40:39 AM By Stu Sjouwerman

For all the recent focus on artificial intelligence and its potential for deepfake impostures, the boiler room is still very much active in the criminal underworld.  WIRED describes the ...

The Number of Phishing Attacks Continues to Grow at a Rate of 150% Per Year

May 16, 2023 1:08:10 PM By Stu Sjouwerman

The latest Phishing Activity Trends Report from the Anti-Phishing Working Group (APWG) shows an unrelenting upward trend in the number of phishing attacks per quarter.

FTC Warns of MetaMask and PayPal Phishing Campaigns

May 15, 2023 9:40:03 AM By Stu Sjouwerman

The US Federal Trade Commission has issued an alert warning of phishing campaigns that are impersonating PayPal and the MetaMask cryptowallet.

Security Awareness Training Blog

Phishing Blog

View Topics