Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Enterprises Experience Nearly Five Times as Many Mobile Phishing Attacks as Last Year

With every organization looking at protecting their corporate devices, the bad guys are increasingly setting their focus on one of the softest targets: the mobile device.
Continue Reading

How You Can Increase Employee Engagement with Security Awareness Training

One of the most common questions I get asked working for a security awareness training company is, how do I make employees more engaged with and care about the training? I get it. Who ...
Continue Reading

Phishing and Redirection

Researchers at Check Point have observed a phishing campaign that, to avoid detection, abused servers belonging to Adobe, Samsung, and the University of Oxford. The attackers used several ...
Continue Reading

Slack Phishing

People need to be able to use their instincts in order to spot new phishing techniques, according to Ashley Graves, a Cloud Security Researcher at AT&T Alien Labs. On the CyberWire’s ...
Continue Reading

Pyongyang's Phishing with Job Offers

An attack campaign with possible ties to North Korea’s Lazarus Group targeted aerospace and military companies in Europe and the Middle East with spear phishing attacks late last year, ...
Continue Reading

Top 12 Most Common Rogue URL Tricks

It’s nearly impossible to find an Internet scam or phishing email that doesn’t involve a malicious Uniform Resource Locator (URL) link of some type. The link either directs the user to a ...
Continue Reading

[Heads Up] North Korean State Hackers Plan a June 21 COVID-19 Phishing Attack That Targets 5 Million in Six Nations

ZDNet reported: "Singapore, Japan, and the US are amongst six nations targeted in a COVID-19 themed phishing campaign that is reportedly scheduled for June 21, during which 8,000 ...
Continue Reading

[Heads Up] Australian Government and businesses hit by massive cyber attack from ‘sophisticated, state-based actor’

News.com.au reported that Australian Prime Minister Scott Morrison has "announced in an urgent press conference called this morning in Canberra, Mr Morrison said the ongoing, ...
Continue Reading

Microsoft on COVID-19 Themed Cyberattacks

Microsoft’s Threat Protection Intelligence Team has published a report providing a detailed look into the proliferation of COVID-19-themed phishing over the past several months. The ...
Continue Reading

[MSP News] Manage Your KnowBe4 Accounts Faster With NEW Managed Phishing Functionality

You have been asking for a better way to manage your multiple KnowBe4 accounts, and we heard you! We've made enhancements to the KnowBe4 phishing platform and added the NEW Managed ...
Continue Reading

Increase in BLM Domain Names Forecasts BLM Phishing Attacks

There has been a significant increase in DNS domain names containing blacklivesmatter or George Floyd’s name and there’s a good chance some of those are owned by people with malicious ...
Continue Reading

[HEADS UP] Recent Phishing Attack in Germany Hits Coronavirus Task Force

An ongoing phishing attack has been targeting executives of a company working to provide the German coronavirus task force with protective gear. The company is multinational and more than ...
Continue Reading

[EXCLUSIVE] Indian Cyber Firm Spied on Investors and Politicians Across the Globe

A little-known Indian IT firm offered its phishing services to help clients spy on more than 10,000 email accounts over a period of seven years.
Continue Reading

Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing Attacks

Don't click phishy links. Everyone knows that. But are your end users prepared to quickly identify today's tricky tactics being used by the bad guys? Probably not. Cybercriminals have ...
Continue Reading

Remote Work Isn’t Good for Corporate Security (Part 2): 30% of Organizations Have Been the Victim of Phishing Scams Since the Lockdown

Lots of new data is now just coming out of the woodwork demonstrating some of the harsh realities of having employees work from home without proper security in place.
Continue Reading

COVID-19 Tax Refund Phishing Attacks Offering Fake U.K. Government Grants

Researchers at Forcepoint describe an unusual phishing attempt that purported to come from the UK’s tax office, HM Revenue and Customs (HMRC). The email itself was clearly a phishing ...
Continue Reading

Pandemics, Killer Insects, and Riots Stir Up Cybercriminals

What a year 2020 has been. We have not even gotten half way into the year and we have dealt with a global pandemic, potential murder hornets, protests and riots and even the possibility ...
Continue Reading

Phishing for Supermarket Deliveries

Scammers are exploiting the increased demand for online shopping by setting up spoofed supermarket websites, Teiss reports. Researchers at Mimecast recently found thirty websites ...
Continue Reading

Supreme Court “Summons” is the Latest Phishing Attack Aimed at Stealing Your Microsoft 365 Credentials

Even the Supreme Court isn’t safe from brand impersonation in this scam intent on getting victims to click on a link to a supposed subpoena to attend a hearing.
Continue Reading

Verizon: Phishing is the Attack Vector Most Often Seen in Data Breaches

This year’s much-anticipated Verizon Data Breach Investigations Report sheds some light on how cybercriminals use phishing to achieve their goal of stealing data.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews