Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
With this week being Identity Management Day on April 8th, it's the perfect reminder for organizations to focus on protecting their employees' digital identities.
The Russian threat actor Gamaredon is targeting Ukrainians with spear-phishing documents related to troop movements, according to researchers at Cisco Talos.
When it comes to secure email gateways (SEGs), the narrative is quite simple. For years, organizations have relied on SEGs as the foundation of their email security.
A phishing-as-a-service (PhaaS) platform dubbed ‘Lucid’ is driving a surge in SMS phishing (smishing) attacks, according to researchers at Prodaft.
Steam was the most impersonated brand in phishing attacks during the first quarter of 2025, according to a new report from Guardio. The researchers note that the gaming platform’s surge ...
Phishing attacks are driving a surge in “double brokering” scams in the shipping industry, according to Christian Reilly, Cloudflare’s Field CTO for EMEA.
Attackers are using new tactics in QR code phishing (quishing) attacks, according to researchers at Palo Alto Networks’ Unit 42.
99% of phishing emails that reached inboxes last year did not contain malware, according to a new report from Fortra.
INKY has published its annual report on email security, finding that phishing accounted for 30% of all reported cybercrimes last year.
The average amount of money requested in business email compromise (BEC) attacks spiked to $128,980 in the fourth quarter of 2024, according to the Anti-Phishing Working Group’s (APWG’s) ...
We recently conducted research in Denmark and Sweden to understand security culture in local organizations better.
Phishing-as-a-service (PhaaS) platforms drove a surge in phishing attacks in the first two months of 2025, according to researchers at Barracuda.
Bitdefender warns that a major ad fraud campaign in the Google Play Store resulted in more than 60 million downloads of malicious apps.
Our latest Phishing Threat Trends Report explores the evolving phishing landscape in 2025, from renewed tactics to emerging attack techniques.
Threat actors are abusing Microsoft’s infrastructure to launch phishing attacks that can bypass security measures, according to researchers at Guardz.
Our recent research reveals a concerning discrepancy between employees' confidence in their ability to identify social engineering attempts and their actual vulnerability to these attacks.
A phishing campaign is impersonating travel agency Booking.com to target employees in the hospitality industry, according to researchers at Microsoft.
A KnowBe4 Threat Lab publication Authors: Martin Kraemer, Jeewan Singh Jalal, Anand Bodke, and James Dyer EXECUTIVE SUMMARY: We observed a 98% rise in phishing campaigns hosted on Russian ...
I infrequently get emails from customers who are frustrated because their employer sent out some legitimate mass email to all employees that unfortunately had all the hallmarks of a ...
A KnowBe4 Threat Labs Publication Authors: James Dyer and Cameron Sweeney The KnowBe4 Threat Research team has observed a sustained increase in the use of Scalable Vector Graphics (SVG) ...
