Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Financial Fraud Phishing Attacks Increase 72% In One Year; Financial Industry Takes the Brunt

With attackers knowing financial fraud-based phishing attacks are best suited for the one industry where the money is, this massive spike in attacks should both surprise you and not ...
Continue Reading

BatLoader Malware is Now Distributed in Drive-By Attacks

Malign persuasion can take many forms. We tend to hear the most about phishing (malicious emails) or smishing (malicious texts). Other threats are also worth some attention, like the risk ...
Continue Reading

More Than Half of all Email-Based Cyberattacks Bypass Legacy Security Filters

New data shows that changes in cybercriminals’ phishing techniques are improving their game, making it easier to make their way into a potential victim user’s inbox.
Continue Reading

[New & Improved] QR Code Phishing with Snail Mail Postcards

One of KnowBe4's long-term employees just send me a picture this morning of a postcard that sure looks like it's phishing, the good old-fashioned way: snail mail ! Here is the picture and ...
Continue Reading

[Free Tool] Find out who falls victim to QR code phishing attacks with our QR Code Phishing Security Test

According to QRTIGER, an online QR code generator company, dynamic QR code scans increased 433% globally from 2021 to 2022. In 2022, the FBI released a warning that QR codes may be ...
Continue Reading

New Top-Level Domains as Potential Phishing Risk

Google has recently introduced a set of new top-level domains: .dad, .esq, .prof, .phd, .nexus, .foo, .zip and .mov. They’re now available for purchase, and it’s the last two that are ...
Continue Reading

Phishing Tops the List Globally as Both Initial Attack Vector and as part of Cyberattacks

A new report covering 13 global markets highlights phishing prevalence and its role in cyber attacks when compared to other types of attacks.
Continue Reading

New “Greatness” Phishing-as-a-Service Tool Aids in Attacks Against Microsoft 365 Customers

This new phishing toolkit is rising in popularity for its effective realism in impersonating not just Microsoft 365, but the victim organization as well.
Continue Reading

Large-Scale "Catphishing" that Targets Victims Looking for Love

For all the recent focus on artificial intelligence and its potential for deepfake impostures, the boiler room is still very much active in the criminal underworld.  WIRED describes the ...
Continue Reading

The Number of Phishing Attacks Continues to Grow at a Rate of 150% Per Year

The latest Phishing Activity Trends Report from the Anti-Phishing Working Group (APWG) shows an unrelenting upward trend in the number of phishing attacks per quarter.
Continue Reading

FTC Warns of MetaMask and PayPal Phishing Campaigns

The US Federal Trade Commission has issued an alert warning of phishing campaigns that are impersonating PayPal and the MetaMask cryptowallet.
Continue Reading

Spain’s National Police Take Down a Phishing Gang

A phishing (by email) and smishing (by SMS text) operation in Madrid, Seville and Guadalajara has been taken down by the National Police of Spain. Over 40 arrests have been made on ...
Continue Reading

U.K. Advance Fee Scams Increase by Over 600% in Less Than Two Years

New data from the U.K.’s Office of National Statistics shows that this often overlooked scam has grown significantly in interest – likely because it pays off.
Continue Reading

King Charles Coronation Results in a Surge in Themed Scam Sites

The once-in-a-lifetime royal occurrence sparked countless websites designed to steal personal information and credit card details, causing security experts to issue warnings.
Continue Reading

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

The Five Eyes member nations' cybersecurity and intelligence agencies dismantled the infrastructure of the Snake cyber-espionage malware that was operated by Russia's Federal Security ...
Continue Reading

Q1 2023 Top-Clicked Phishing Report [INFOGRAPHIC]

KnowBe4's latest reports on top-clicked phishing email subjects have been released for Q1 2023. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally ...
Continue Reading

More InterPlanetary File System Services Use Also Means Phishing Abuse by Cybercriminals

The InterPlanetary File System (IPFS), a distributed file-sharing system that represents an alternative to the more familiar location-based hypermedia server protocols (like HTTPS), is ...
Continue Reading

[Eye Opener] HTML Phishing Attacks Surge by 100% in 12 Months

The Cyberwire reported: "Barracuda released a study this morning indicating that HTML attacks have doubled since last year.
Continue Reading

[On-Demand] A Master Class on IT Security: Roger Grimes Teaches You Phishing Mitigation

Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap ...
Continue Reading

Walmart Jumps to Top of the List of the Worlds Most Impersonated Brands Used in Phishing Attacks

Walmart’s rise to become the brand most likely to be impersonated in Q1 of this year is a real problem.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews