Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Hackers Use Free Email Accounts from QuickBooks to Launch Spoofed Phishing Attacks

A new attack uses one brand email domain to increase the chances of reaching an Inbox, while spoofing another brand to trick users into transitioning to a vishing attack.
Continue Reading

Spear Phishing Campaign Targets Facebook Business Accounts

Researchers at WithSecure have discovered a spear phishing campaign targeting employees who have access to Facebook Business accounts. The attackers are targeting specific employees, and ...
Continue Reading

IBM: Phishing is the Most Common Way to Gain Access to Victim Networks

New research from IBM shows four reasons why phishing attacks are still effective and remains the primary attack vector in 41% of cyberattacks.
Continue Reading

KnowBe4 Top-Clicked Phishing Email Subjects for Q2 2022 [INFOGRAPHIC]

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally clicked on in ...
Continue Reading

Nearly Half of Organizations Have Experienced Vishing

Forty-seven percent of organizations have experienced voice phishing (vishing) attacks over the past year, according to researchers at Mutare. Additionally, the researchers found that ...
Continue Reading

[BEWARE] Microsoft and Facebook are the Most Abused Brands for Phishing Attempts

We all know that big brands can be exploited by bad actors in order to execute successful phishing attacks. Now a new study is showing phishing attacks leveraging big brands Microsoft and ...
Continue Reading

Copyright Claim Email is a LockBit Ransomware Phishing Attack in Disguise

The latest iteration in Copyright Claim scams is an evolution of this repeated attack method that has proven to get the attention – and response – of victims over the last few years.
Continue Reading

Phishing Kit Imitates PayPal

Researchers at Akamai have discovered a PayPal phishing kit that attempts to steal victims’ identities as well as their financial information. The phishing page looks identical to ...
Continue Reading

New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials

A new wave of social media phishing attacks are now using scare tactics to lure victims into sending their logins.
Continue Reading

Phishing Attacks are the Most Prevalent Source of Identity-Related Breaches

Cybercriminals almost always need to leverage credentials as part of just about any kind of cyberattack. To no surprise, phishing and social engineering play a dominant role.
Continue Reading

Facebook-Themed Scam Aims to Steal Your Credentials

A creative mix of phishing emails, solid social engineering, use of Facebook Messenger, brand and site impersonation, and a sense of urgency all add up to a believable attack.
Continue Reading

QuickBooks Phishing Scam is Back

Scammers are continuing to abuse the QuickBooks tax accounting software to send phishing scams, according to Roger Kay at INKY.
Continue Reading

[On-Demand Webinar] Hacks That Bypass Multi-Factor Authentication and How to Make Your MFA Solution Phishing Resistant

The average person believes using Multi-Factor Authentication (MFA) makes them significantly less likely to be hacked. That is simply not true! Hackers can bypass 90-95% of MFA solutions ...
Continue Reading

Phishing Attack Steals $8 Million Worth of Cryptocurrency

Scammers stole $8 million worth of Ethereum from users of the Uniswap cryptocurrency exchange, according to Sujith Somraaj at Decrypt. Notably, the attackers relied purely on social ...
Continue Reading

KnowBe4’s 2022 Phishing By Industry Benchmarking Report Reveals that 32.4% of Untrained End Users Will Fail a Phishing Test

Once again, the human layer continues to be the most desirable attack vector for cybercriminals. 2022 marks the 5th year KnowBe4 has analyzed hundreds of millions of elements of data in ...
Continue Reading

All it Takes is “Free” Beer to Steal Your Personal Data

A recent phishing scam impersonating the Heineken beer brand demonstrates how very little effort is needed by scammers to convince victims to give up all kinds of personal information.
Continue Reading

Multi-Medium Phishing Tactics Increase Attack Effectiveness by 300%

New data from IBM shows how attackers are leveraging more than just email to elevate their chances of reaching their malicious goals – and their victims are helping them do it.
Continue Reading

Amazon Prime Day Phishing

Check Point Research (CPR) observed a 37% increase in Amazon-themed phishing attacks during the first week of July, ahead of Amazon Prime day this week. The emails come in a variety of ...
Continue Reading

[Scam of the Week] Amazon Prime Day or Amazon Crime Day? Don’t Fall Victim to Phishing

As Amazon Prime Day approaches, Checkpoint research is sending a warning that Amazon Prime Day scams will ramp up very soon.
Continue Reading

Phishing Campaign Impersonates the UAE

Researchers at CloudSEK have observed a financially motivated phishing campaign that’s impersonating the United Arab Emirates (UAE) Ministry of Human Resources. The large-scale campaign ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews