KnowBe4

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

DNS Hijacking Almost Always Starts With A Successful Spear Phishing Attack

On Jan. 22, 2019, the Cybersecurity and Infrastructure Security Agency (CISA), which is a part of the U.S. Department of Homeland Security (DHS), issued Emergency Directive 19-01. The ...
Continue Reading

Report: Phishing Attacks in 2018 Resulted in Massive Jumps in Credential Compromise and Loss of Data

The latest State of the Phish report from Proofpoint highlights the effectiveness of phishing, making it the threat vector to focus on as you begin 2019.
Continue Reading

Experts Warn to Expect More Targeted and Effective Ransomware and Phishing Attacks in 2019

While attack types do not appear to be changing in the coming year, experts see cybercriminals getting better at their craft, making it easier to separate you from your money and ...
Continue Reading

Social Oversharing, Online Quizzes, and Prizes are the Makings of a New Form of Phishing

Phishing is moving beyond the Inbox to your online experience in an effort to collect personal details and share out the attack on social networks, according to a new report from Akamai ...
Continue Reading

[INFOGRAPHIC] Q4 2018 Top-Clicked Phishing Email Subjects from KnowBe4

KnowBe4 reports every quarter on the top-clicked phishing emails. Here we have the results for Q4 2018. We track three different categories: general email subjects, those related to ...
Continue Reading

EY UK: "We've seen a huge proliferation of very successful phishing attacks"

Bethan Moorcraft at InsuranceBusiness Mag UK wrote an excellent article about the current state of cyber insurance in Europe. Here is an extract with the link to the full article at the ...
Continue Reading

It Only Takes 1 Phish: Wichita State University Employees Get Fooled Into Losing Their Paychecks

Three employees of the university fell prey to a common phishing scam asking for their credentials, giving cybercriminals access to change banking details.
Continue Reading

Your Boss NEEDS To Read This WSJ Article About Our Power Grid And How The Russians Hacked It With Phishing

In a Jan 10, 2019 article, the Wall Street Journal reconstructed the worst known hack into the USA's power grid revealing attacks on hundreds of small contractors.
Continue Reading

Email Security Gap Analysis: Survey Finds Phishing Is The No. 1 Attack That Worries IT Pros Most

There are a few companies that frequently report on so-called "email security gap analysis" numbers: Mimecast, Proofpoint and Cyren. They are all IT security companies that have email ...
Continue Reading

The Government may be shut down, but the bad guys are not

By Eric Howes, KnowBe4 Principal Lab Researcher.  Once again we are starting tax season, and malicious actors are spinning up phishing campaigns to exploit the myriad opportunities ...
Continue Reading

It Only Takes 1 Phish: “Unremarkable” Phishing Attack Results in a Breach in the European Union’s Diplomatic Communications Network

A three-year-long cyber-attack led to the successful breach of the all communications between all EU member states, putting countries and their futures at risk.
Continue Reading

Phishing Kit Uses Custom Font Files to Decode Text

Researchers at Proofpoint discovered a phishing template that uses a unique method for encoding text using web fonts. The researchers found that the source code of the landing page ...
Continue Reading

Air Force Targets Their Own Staff with a “Threat Emulation” to Understand Their Cyber Awareness and Readiness

The U.S. Air Force’s Cyber division used spear-phishing tactics to test whether airmen can proficiently recognize and avoid email-based attacks.
Continue Reading

New Clickbait Warning: "Captain America Star Hayley Atwell Nude Photos Hacked"

And another one... will these stars ever learn? We suggest you send a simulated phishing attack to inoculate your users. There is a new template available in our Controversial/NSFW ...
Continue Reading

The IRS Warns of a 60% Increase in Phishing Attacks Targeting Tax Professionals

As part of National Tax Security Awareness Week this month, the IRS notes a surge in phishing scams aimed at stealing money or tax-related data.
Continue Reading

Gartner's Neil Wynne: "Email Phishing is a Growing Threat"

Email phishing is a top threat to organizations because it works so well, according to Neil Wynne, principal and analyst for secure business enablement at Gartner. Wynne told Stephanie ...
Continue Reading

93% of Phishing Sites Leverage Encryption to Establish Credibility and Improve Attack Success

The site safety and credibility represented by the green padlock in your browser is being taken advantage of by cybercriminals looking to lull users into a false sense of security.
Continue Reading

APWG: Phishing Remains a Constant and Effective Means of Attack

The latest report from the Anti-Phishing Working Group (APWG) highlights the prevalence of phishing and how it’s changing to remain an effective attack method.
Continue Reading

How Wellcome Trust Executives Got Whaled By Oldest Trick In The Phishing Playbook

Forbes contributor Davey Winder wrote an excellent comment: "It hasn't been the greatest week for the non-profit sector with the revelation that two well-known charities have fallen ...
Continue Reading

[NEW] LIVE DEMO: Identify & Respond to Email Threats Faster with PhishER

We are excited to announce the release of PhishER™, a new product that’s a huge time-saver for your Incident Response team. Because phishing remains the most widely used cyber attack ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews