Spain’s National Police Take Down a Phishing Gang

May 11, 2023 9:09:46 AM By Stu Sjouwerman

A phishing (by email) and smishing (by SMS text) operation in Madrid, Seville and Guadalajara has been taken down by the National Police of Spain. Over 40 arrests have been made on ...

U.K. Advance Fee Scams Increase by Over 600% in Less Than Two Years

May 11, 2023 8:14:13 AM By Stu Sjouwerman

New data from the U.K.’s Office of National Statistics shows that this often overlooked scam has grown significantly in interest – likely because it pays off.

King Charles Coronation Results in a Surge in Themed Scam Sites

May 10, 2023 10:51:40 AM By Stu Sjouwerman

The once-in-a-lifetime royal occurrence sparked countless websites designed to steal personal information and credit card details, causing security experts to issue warnings.

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

May 9, 2023 4:43:09 PM By Stu Sjouwerman

The Five Eyes member nations' cybersecurity and intelligence agencies dismantled the infrastructure of the Snake cyber-espionage malware that was operated by Russia's Federal Security ...

Q1 2023 Top-Clicked Phishing Report [INFOGRAPHIC]

May 9, 2023 10:03:14 AM By Stu Sjouwerman

KnowBe4's latest reports on top-clicked phishing email subjects have been released for Q1 2023. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally ...

More InterPlanetary File System Services Use Also Means Phishing Abuse by Cybercriminals

May 9, 2023 9:01:02 AM By Stu Sjouwerman

The InterPlanetary File System (IPFS), a distributed file-sharing system that represents an alternative to the more familiar location-based hypermedia server protocols (like HTTPS), is ...

[Eye Opener] HTML Phishing Attacks Surge by 100% in 12 Months

May 7, 2023 11:57:55 AM By Stu Sjouwerman

The Cyberwire reported: "Barracuda released a study this morning indicating that HTML attacks have doubled since last year.

[On-Demand] A Master Class on IT Security: Roger Grimes Teaches You Phishing Mitigation

May 5, 2023 8:35:23 AM By Stu Sjouwerman

Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap ...

Walmart Jumps to Top of the List of the Worlds Most Impersonated Brands Used in Phishing Attacks

May 4, 2023 8:38:24 AM By Stu Sjouwerman

Walmart’s rise to become the brand most likely to be impersonated in Q1 of this year is a real problem.

Phishing Attack Frequency Rises Nearly 50% as Some Sectors Increase by as Much as 576%

May 1, 2023 10:31:33 AM By Stu Sjouwerman

New data provides a multi-faceted look at the changing face of phishing attacks. This data includes who’s being targeted, the tactics being used, and why phishing attacks continue to work.

Automate Reporting for Security Awareness Training Events and Suspicious Email Remediation Management with Cortex XSOAR and KnowBe4

May 1, 2023 8:00:00 AM By Stu Sjouwerman

Security teams face unique challenges in today’s rapidly-changing landscape of phishing, malware, and other social engineering and cybersecurity threats. Collaboration across disparate ...

Latest QBot Attacks Use a Mixture of PDF Attachments and Windows Scripting Host Files to Infect Victims

Apr 27, 2023 8:08:22 AM By Stu Sjouwerman

QBot malware seems to be outliving its competitors through innovative new ways to socially engineer victims into helping install it.

Scammers Impersonate Zelle via the Lure of “Getting Paid” to Get Paid Themselves

Apr 27, 2023 8:08:07 AM By Stu Sjouwerman

A new impersonation scam targets users of the popular pay platform under the guise of the victim having money coming to them and with the goal to obtain Zelle credentials.

Despite a Majority of Organizations Believing They’re Prepared for Cyber Attacks, Half Were Still Victims

Apr 27, 2023 8:07:48 AM By Stu Sjouwerman

A new survey points to an overconfidence around organization’s preparedness, despite admitting to falling victim to ransomware attacks – in some cases multiple times.

Organizations Have No Idea of a Data Breach’s Root Cause in 42% of Reported Cases

Apr 27, 2023 8:07:38 AM By Stu Sjouwerman

New data shows how poorly organizations are at identifying – let alone removing – an attacker's foothold, putting themselves at continued risk of further attacks and data breaches.

Fake Meta Tech Support Profiles for Fraud

Apr 26, 2023 8:06:56 AM By Stu Sjouwerman

Researchers at Group-IB have found an extensive campaign in which criminal operators have created a large number of fake Facebook profiles that repost messages in which the scammers ...

Another Perspective on ChatGPT's Social Engineering Potential

Apr 24, 2023 3:54:51 PM By Stu Sjouwerman

We’ve had occasion to write about ChatGPT’s potential for malign use in social engineering, both in the generation of phishbait at scale and as a topical theme that can appear in lures. ...

Phishing for Credentials in Social Media-Based Platform Linktree

Apr 21, 2023 8:14:44 AM By Stu Sjouwerman

Social media is designed of course to connect, but legitimate modes of doing so can be abused. One such case of abuse that’s currently running involves Linktree, a kind of meta-medium for ...

Phishing Email Volume Doubles in Q1 as the use of Malware in Attacks Slightly Declines

Apr 20, 2023 8:21:53 AM By Stu Sjouwerman

New data shows that cybercriminals started this year off with a massive effort using new techniques and increased levels of attack sophistication.

Affinity Phishing Attacks Use Social Engineering Tactics to Prey on Victims

Apr 13, 2023 9:14:14 AM By Stu Sjouwerman

Affinity phishing scams are ones in which criminals cultivate trust in their prospective victims by trading on common background, either real or feigned. Thus a fraudster might claim a ...

Security Awareness Training Blog

Phishing Blog

View Topics