Social Engineering through Contact Form

Mar 14, 2022 9:16:00 AM By Stu Sjouwerman

Email is the familiar form of phishing, but there’s an ongoing criminal campaign that follows a different, arguably subtler avenue of approach: the corporate contact form. Abnormal ...

Email-Based Vishing Attacks Skyrocket 554% as Phishing, Social Media, and Malware Attacks Are All on the Rise

Mar 11, 2022 10:28:20 AM By Stu Sjouwerman

A new analysis of attacks in 2021 shows massive increases across the board, painting a very concerning picture for 2022 cyberattacks of all types.

“Warm Greetings” (or not) : Saudi Aramco Impersonation

Mar 10, 2022 9:31:37 AM By Stu Sjouwerman

Researchers at Malwarebytes warn of a phishing campaign that’s targeting the oil and gas industry by impersonating Saudi Aramco.

Phishing and Scam Pages Increase by 153% as Cybercriminals Seek to Establish Credibility

Mar 10, 2022 9:31:15 AM By Stu Sjouwerman

As part of either impersonating known brands or simply leveraging credible cloud services, the use of a web page as part of an attack has become a staple for threat actors.

Domains Associated with Phishing Directed Against Ukraine

Mar 9, 2022 9:05:47 AM By Stu Sjouwerman

Researchers from Secureworks’ Counter Threat Unit (CTU) are tracking phishing domains used by the “MOONSCAPE” threat actor to target users in Ukraine. The researchers note that Ukraine’s ...

Phishing Impersonation and Attack Trends in 2021

Mar 9, 2022 8:50:37 AM By Stu Sjouwerman

Facebook overtook Microsoft as the most impersonated brand in phishing attacks last year, according to a new report from Vade Secure.

[World Premiere] KnowBe4’s New Season 4 of Netflix-Style Security Awareness Video Series - ‘The Inside Man’

Mar 8, 2022 8:30:14 AM By Stu Sjouwerman

We’re thrilled to announce the long-awaited fourth season of the award-winning KnowBe4 Original Series - ‘The Inside Man’ is now available in the KnowBe4 ModStore!

By the Way, There's No Draft - Smishing Campaign Alert

Mar 7, 2022 9:48:53 AM By Stu Sjouwerman

Scammers are sending phony text messages (aka Smishing or SMS Phishing) informing people in the US that they’ve been drafted by the US Army, according to Army Times.

Phishing Attacks Impersonating LinkedIn are up 232% in the Last Month Alone!

Mar 4, 2022 8:34:15 AM By Stu Sjouwerman

During the period the world has dubbed “the great resignation”, phishing scammers are shifting tactics to take advantage of those looking for a new career or place of employment.

Data Breach Volumes in the U.S. Grow by 10% in 2021

Mar 2, 2022 1:32:16 PM By Stu Sjouwerman

New data shows despite decreases in global data breach levels (-5%) in 2021, the U.S. experienced proportionally more data breaches than in the previous year.

UK ICO Sees a Massive Increase in Targeted Email Attacks

Mar 2, 2022 1:31:34 PM By Stu Sjouwerman

New data obtained from the UK’s Information Commissioner’s Office by think tank Parliament Street shows an unprecedented rise in attacks against the UK’s information rights organization.

Phishing Emails Warn of a Suspicious Login From Russia

Mar 2, 2022 8:48:36 AM By Stu Sjouwerman

Researchers at Malwarebytes warn that a phishing campaign is informing users that someone logged into their account from an IP address in Moscow. The email contains a button to report the ...

Scammers Will Take Advantage of New IRS Rules

Mar 1, 2022 9:42:52 AM By Stu Sjouwerman

New IRS requirements will soon be used as phishbait, according to Gene Marks, owner of Marks Group PC and a columnist for the Guardian.

Wartime Suffering as Phishbait

Feb 28, 2022 10:45:46 AM By Stu Sjouwerman

It’s easy to forget, when a hybrid war like the one currently raging in Ukraine is occupying so much attention, that ordinary criminal lowlifes continue to seek victims, and the war only ...

When the Phishers Want a Reply, not a Click

Feb 23, 2022 9:46:21 AM By Stu Sjouwerman

A sextortion phishing campaign is targeting French speakers accusing them of viewing child abuse content, according to Paul Ducklin at Naked Security. The emails purport to come from the ...

New Phishing Campaign Angles for Monzo Banking Customers

Feb 22, 2022 9:02:06 AM By Stu Sjouwerman

A phishing campaign is targeting users of the UK-based digital banking company Monzo, BleepingComputer reports. Security researcher William Thomas came across an SMS phishing (smishing) ...

Phishing Campaign Targets NFT Speculators

Feb 21, 2022 2:50:06 PM By Stu Sjouwerman

Scams follow fashion because money follows fashion. So it’s no surprise that non-fungible tokens (NFTs), which have become a hot speculative property, have drawn scam artists for phishing ...

[Heads Up] There Is A Whole New Type of Blockchain Scam Called "Ice phishing"

Feb 20, 2022 2:56:23 PM By Stu Sjouwerman

In a post Wednesday last week, Microsoft issued a warning that they are seeing a brand new type of blockchain-centric attack aimed at web3 -- a term used to describe the decentralized ...

Coinbase’s QR Code Superbowl Ad Only Helps Normalize QR-Based Scams

Feb 17, 2022 10:08:51 AM By Stu Sjouwerman

Use of QR codes is becoming a mainstream part of advertising, but also is getting the attention of scammers intent on redirecting you to a malicious site they control.

Scammers Use a Mix of Stolen Credentials, Inbox Rules, and a Rogue Outlook Client Install to Phish Internal and External Victims

Feb 17, 2022 10:08:48 AM By Stu Sjouwerman

Organizations that are not using Microsoft’s multi-factor authentication are finding themselves victims of credential attacks that involve threat actors installing Outlook on a controlled ...

Security Awareness Training Blog

Phishing Blog

View Topics