Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

[HEADS UP] Local Boston Town Falls Victim to a Phishing Attack

According to a local news source from Boston, the Town of Franklin recently became the next victim to a phishing attack, costing over $500K.
Continue Reading

61% of Successful Phishing Attacks Against Government Organizations Result in Full Compromise of Credentials

Phishing remains the top primary attack vector that keeps on giving to cybercriminals, as new data highlights the victories cybercriminals are enjoying at your organization’s expense.
Continue Reading

Cybersecurity Awareness Month Weekly Tip: Current Phishing Threats

Each week during Cybersecurity Awareness Month, we’re going to be sharing in-depth weekly cybersecurity tips from our evangelists to help your users make smarter security decisions and ...
Continue Reading

New Office 365 Phishing Attack Checks Your Stolen Credentials in Real-Time

Nothing says the bad guys are intent on stealing credentials like testing them while you participate in their phishing attack so they can verify the validity before letting you off the ...
Continue Reading

USPS and FedEx Phishing Attack Texts Flood Mobile Phones

Taking a page from traditional phishing scams that seek to use broadly-accepted messages and send them to everyone, last month officially brought SMiShing to the cybersecurity forefront.
Continue Reading

Gartner Recognizes KnowBe4 as a Representative Vendor for Security Awareness Training Program Platforms

We believe, as the world's largest security awareness training platform, this recognition validates the success of our ability to carry out our mission. We enable organizations and their ...
Continue Reading

[HEADS UP] Cybercriminals Launch Phishing Campaign to Capitalize on President's Health

As we predicted just a few days ago, malicious actors are now exploiting the media firestorm surrounding President Donald Trump's diagnosis late last week with COVID-19.
Continue Reading

Scammers are using Black Lives Matter as Phishbait

A phishing campaign is using Black Lives Matter-themed phishing lures to trick people into installing malware, Yahoo reports. Adam Levin from Cyberscout told Yahoo that the phishing ...
Continue Reading

Healthcare Sector Still Sustains Phishing Campaigns

No one should take too seriously the high-minded things criminals sometimes say about how they’re restraining themselves during the pandemic, and that they’re going to avoid hitting ...
Continue Reading

Malicious Actors Crash U.S. Election: Spoofed Emails Attempt to Gather U.S. Voter Registration Data

Unless you recently beamed down from Mars, you are undoubtedly aware that election season is upon us in the United States. Indeed, the upcoming U.S. Presidential Election is currently ...
Continue Reading

Newly Relaunched ProLock Ransomware Seeks Ransoms as High as $3 Million

Seeing successful attacks as frequently as one per day, the creators of ProLock seek out larger organizations using the QBot trojan to infiltrate, spread throughout, and infect a network.
Continue Reading

Two Men Charged in a Case of Phishing NFL and NBA Players

The US Department of Justice has charged two men for allegedly hacking social media and other accounts belonging to NFL and NBA players, Mashable reports. Trevontae Washington, 21, of ...
Continue Reading

Don't Just Catch a Phish, Captcha One

Researchers at Menlo Security have identified a phishing site that uses three layers of visual captchas to evade detection by automated security crawlers. Captchas are brief tests on ...
Continue Reading

[Heads Up] This Ingenious Worm Phishing Campaign Is A Game-Changer In Password Theft And Account Takeovers

A few days ago in a Medium blog post, Craig Hays, a cybersecurity architect and bug bounty hunter described a recent phishing new type of attempt which turned out to become "the greatest ...
Continue Reading

Phishing Attacks Continue to Grow More Sophisticated

Both criminal and nation-state threat actors have “rapidly increased in sophistication” over the past twelve months, according to Microsoft’s Digital Defense report. Microsoft found that ...
Continue Reading

What’s the Information Stolen in a Phishing Attack Really Worth?

Once a scammer tricks their victim out of web credentials, credit card details, or online access to a bank account, the details collected are worth plenty by simply selling them on the ...
Continue Reading

Spike in Emotet Attacks Against Government Agencies Seen Around the Globe in September

Attacks involving what is arguably the world’s most dangerous malware are on the rise, with reports from the cybersecurity agencies in Japan, New Zealand, and France.
Continue Reading

The 2020 Election is Expected to be the Next Big Theme for Cyber Attacks

As the bad guys look for new ways to wreak havoc, cybersecurity experts at NTT global predict attacks pre-, during, and post-election should be expected.
Continue Reading

KnowBe4 Named a Leader in the Fall 2020 G2 Grid Report for Security Awareness Training

The latest G2 Grid Report compares Security Awareness Training (SAT) vendors based on user reviews, customer satisfaction, popularity and market presence. With over 500 G2 customer ...
Continue Reading

Phishing Campaign Goes After AT&T Employees’ MFA Codes

A phishing campaign is targeting AT&T employees and contractors with a well-crafted fake login page, according to Luke Leal at Sucuri. The phishing page is a near-exact replica of AT&T ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews