Cybercriminals Go to College with New Phishing Attacks

Aug 8, 2022 9:23:42 AM By Stu Sjouwerman

The summer is winding up, and the traditional academic year is approaching. And amid the welcomes from the deans of students, the activities coordinators, the academic advisors and so on, ...

LinkedIn Continues its Reign as the Most-Impersonated Brand in Phishing Attacks

Aug 4, 2022 1:09:44 PM By Stu Sjouwerman

As cybercriminals look for novel and effective ways to gain entrance to a victim network, LinkedIn is proving to be fruitful enough to keep the attention of phishing scammers.

Open Redirects Exploited for Phishing

Aug 4, 2022 11:21:34 AM By Stu Sjouwerman

Attackers are exploiting open redirects to distribute links to credential-harvesting sites, according to Roger Kay at INKY. The attackers are exploiting vulnerable American Express and ...

On-Demand Webinar: New 2022 Phishing By Industry Benchmarking Report: How Does Your Organization Measure Up

Aug 3, 2022 11:28:49 AM By Stu Sjouwerman

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to ...

New Data Breach Extortion Attack Begins with a Fake Duolingo or MasterClass Subscription Scam

Aug 3, 2022 8:50:01 AM By Stu Sjouwerman

The cybercriminal gang, dubbed ‘Luna Moth’ uses a sophisticated mix of phishing, vishing, remote support sessions, and remote access trojans to gain control of victim endpoints.

Phishing-Based Data Breaches Take 295 Days to Contain and Breach Costs Soar to $4.91 Million

Jul 28, 2022 12:33:36 PM By Stu Sjouwerman

Fresh data on data breach costs from IBM show phishing, business email compromise, and stolen credentials take the longest to identify and contain.

Microsoft 365 Users are Once Again the Target of Phishing Scams using Fake Voice Mail Messages

Jul 28, 2022 9:04:04 AM By Stu Sjouwerman

Using a simple email containing a voice mail attachment, an ingenious phishing attack captures credentials while keeping track of the domains being attacked.

Hackers Use Free Email Accounts from QuickBooks to Launch Spoofed Phishing Attacks

Jul 28, 2022 9:04:00 AM By Stu Sjouwerman

A new attack uses one brand email domain to increase the chances of reaching an Inbox, while spoofing another brand to trick users into transitioning to a vishing attack.

Spear Phishing Campaign Targets Facebook Business Accounts

Jul 28, 2022 9:03:57 AM By Stu Sjouwerman

Researchers at WithSecure have discovered a spear phishing campaign targeting employees who have access to Facebook Business accounts. The attackers are targeting specific employees, and ...

IBM: Phishing is the Most Common Way to Gain Access to Victim Networks

Jul 28, 2022 8:55:52 AM By Stu Sjouwerman

New research from IBM shows four reasons why phishing attacks are still effective and remains the primary attack vector in 41% of cyberattacks.

KnowBe4 Top-Clicked Phishing Email Subjects for Q2 2022 [INFOGRAPHIC]

Jul 27, 2022 12:16:19 PM By Stu Sjouwerman

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally clicked on in ...

Nearly Half of Organizations Have Experienced Vishing

Jul 27, 2022 8:50:32 AM By Stu Sjouwerman

Forty-seven percent of organizations have experienced voice phishing (vishing) attacks over the past year, according to researchers at Mutare. Additionally, the researchers found that ...

[BEWARE] Microsoft and Facebook are the Most Abused Brands for Phishing Attempts

Jul 26, 2022 11:39:59 AM By Stu Sjouwerman

We all know that big brands can be exploited by bad actors in order to execute successful phishing attacks. Now a new study is showing phishing attacks leveraging big brands Microsoft and ...

Copyright Claim Email is a LockBit Ransomware Phishing Attack in Disguise

Jul 19, 2022 8:16:00 AM By Stu Sjouwerman

The latest iteration in Copyright Claim scams is an evolution of this repeated attack method that has proven to get the attention – and response – of victims over the last few years.

Phishing Kit Imitates PayPal

Jul 18, 2022 10:32:56 AM By Stu Sjouwerman

Researchers at Akamai have discovered a PayPal phishing kit that attempts to steal victims’ identities as well as their financial information. The phishing page looks identical to ...

New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials

Jul 15, 2022 3:25:55 PM By Stu Sjouwerman

A new wave of social media phishing attacks are now using scare tactics to lure victims into sending their logins.

Phishing Attacks are the Most Prevalent Source of Identity-Related Breaches

Jul 14, 2022 4:27:06 PM By Stu Sjouwerman

Cybercriminals almost always need to leverage credentials as part of just about any kind of cyberattack. To no surprise, phishing and social engineering play a dominant role.

Facebook-Themed Scam Aims to Steal Your Credentials

Jul 14, 2022 4:27:03 PM By Stu Sjouwerman

A creative mix of phishing emails, solid social engineering, use of Facebook Messenger, brand and site impersonation, and a sense of urgency all add up to a believable attack.

QuickBooks Phishing Scam is Back

Jul 14, 2022 8:39:27 AM By Stu Sjouwerman

Scammers are continuing to abuse the QuickBooks tax accounting software to send phishing scams, according to Roger Kay at INKY.

[On-Demand Webinar] Hacks That Bypass Multi-Factor Authentication and How to Make Your MFA Solution Phishing Resistant

Jul 13, 2022 1:17:58 PM By Stu Sjouwerman

The average person believes using Multi-Factor Authentication (MFA) makes them significantly less likely to be hacked. That is simply not true! Hackers can bypass 90-95% of MFA solutions ...

Security Awareness Training Blog

Phishing Blog

View Topics