Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

‘Support’ Tops the List of Combosquatted Domains Used in Phishing Attacks

Apr 13, 2023 9:14:11 AM By Stu Sjouwerman
A method used in domain impersonation attacks, combosquatting aids the threat actor by using a modified domain name to further increase the credibility of an attack.
Continue Reading

Recent Artificial Intelligence Hype is Used for Phishbait

Apr 12, 2023 8:51:10 AM By Stu Sjouwerman
Curiosity leads people to suspend their better judgment as a new campaign of credential theft exploits a person’s excitement about the newest AI systems not yet available to the general ...
Continue Reading

Alarming Tax Phishing Campaign Targets US with Malware

Apr 10, 2023 10:21:40 AM By Stu Sjouwerman
Researchers at Securonix are tracking an ongoing phishing campaign dubbed “TACTICAL#OCTOPUS” that’s been targeting users in the US with tax-related phishing emails.
Continue Reading

Recently Exposed North Korean Threat Actor APT43 Targeting Organizations With Spear Phishing

Apr 6, 2023 9:02:08 AM By Stu Sjouwerman
Google’s Threat Analysis Group (TAG) has published a report describing the activities of “ARCHIPELAGO,” a subset of the North Korean state-sponsored threat actor APT43. ARCHIPELAGO’s ...
Continue Reading

New Emotet Phishing Campaign Pretends to be the IRS Delivering W-9 Forms

Apr 6, 2023 8:33:39 AM By Stu Sjouwerman
A newly documented phishing campaign demonstrates how timely themes can be impactful in creating a successful attack that gets the recipient to engage with malicious content.
Continue Reading

1 in 8 Email Threats Now Make It Past Email Security Solutions

Apr 6, 2023 8:33:33 AM By Stu Sjouwerman
Phishing attacks that can evade detection by email scanners are improving their chances of reaching the inbox, thanks to an increase in the use of one specific attachment type.
Continue Reading

Fake ChatGPT Scam Turns into a Fraudulent Money-Making Scheme

Apr 3, 2023 8:16:05 AM By Stu Sjouwerman
Using the lure of ChatGPT’s AI as a means to find new ways to make money, scammers trick victims using a phishing-turned-vishing attack that eventually takes victim’s money.
Continue Reading

Artificial Intelligence Makes Phishing Text More Plausible

Mar 30, 2023 8:58:09 AM By Stu Sjouwerman
Cybersecurity experts continue to warn that advanced chatbots like ChatGPT are making it easier for cybercriminals to craft phishing emails with pristine spelling and grammar, The ...
Continue Reading

The Dangers of Vishing Campaigns and How To Protect Yourself

Mar 24, 2023 8:00:00 AM By Javvad Malik
In recent years, cybercrime has evolved to become more sophisticated than ever before. One of the up and coming methods used by criminals is vishing (voice phishing). This is where an ...
Continue Reading

Users Clicking on Multiple Mobile Phishing Links Increases 637% in Just Two Years

Mar 23, 2023 8:13:58 AM By Stu Sjouwerman
New data shows that phishing mobile devices as an attack vector is growing in popularity – mostly because it’s increasingly working... in exponential terms.
Continue Reading

Facebook and Microsoft Top the List of Most Impersonated Brands in 2022

Mar 23, 2023 8:13:49 AM By Stu Sjouwerman
As scammers continue to see massive returns on their phishing attacks, the use of impersonation with well-known brands continues to circle around the dominant players.
Continue Reading

Identifying AI-Enabled Phishing

Mar 22, 2023 9:52:28 AM By Stu Sjouwerman
Users need to adapt to an evolving threat landscape in which attackers can use AI tools like ChatGPT to craft extremely convincing phishing emails, according to Matthew Tyson at CSO.
Continue Reading

Report Shows Business Email Compromise (BEC) Attacks Increase and Phishing Used as Initial Attack Vector in the Last Year

Mar 20, 2023 10:08:42 AM By Stu Sjouwerman
Secureworks has published a report looking at cybercrime over the course of 2022, finding that business email compromise (BEC) attacks nearly doubled last year. Additionally, attacks in ...
Continue Reading

Warning Customers About Social Engineering.

Mar 18, 2023 1:58:48 PM By Stu Sjouwerman
It’s a familiar story: scam artists impersonate a trusted brand, a trusted business or a trusted authority in emails and on bogus sites designed to exploit that very trust to commit ...
Continue Reading

Phishing Attacks Top List of Initial Access Vectors with Backdoor Deployment as Top Objective

Mar 17, 2023 2:19:15 PM By Stu Sjouwerman
New data looking back at the cyber attacks observed in 2022 shows that phishing continues to dominate as initial access brokers seem to be growing their business using backdoors.
Continue Reading

92% of Organizations Have Fallen Victim to Phishing as Nearly Every Org is Concerned with Email Security

Mar 17, 2023 2:19:05 PM By Stu Sjouwerman
New data shows that not only has just about every organization experienced a successful phishing attack, but that they are also paying the price in a number of impactful ways.
Continue Reading

Understanding DMARC Better

Mar 16, 2023 10:30:19 AM By Roger Grimes
I talk and present often about DMARC (and SPF and DKIM), including here. A lot of people who think they understand how DMARC works, do not really understand it as well as they think they ...
Continue Reading

[FREE RESOURCE KIT] New Phishing Security Resource Kit Now Available!

Mar 16, 2023 9:06:29 AM By Stu Sjouwerman
Phishing emails increase in volume every month and every year, so we created this free resource kit to help you defend against attacks. Request your kit now to learn phishing mitigation ...
Continue Reading

A 240% Rise in Dynamic Phishing

Mar 16, 2023 8:44:16 AM By Stu Sjouwerman
Attackers are increasingly using techniques to prevent their phishing pages from being detected by security firms, a new report from BlueVoyant has found. The report found that in 2022 ...
Continue Reading

Three-Quarters of Organizations Have Experienced an Increase in Email-Based Threats

Mar 15, 2023 1:43:42 PM By Stu Sjouwerman
New data on the state of email security shows that nearly every organization has been the target of a phishing attack as attacks increase in sophistication.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews