Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Unmasking the Threat: Why Phishing Scams are Surging in Japan

Japan has a large number of Forbes Global 2000 corporations--more than the UK, Germany, and France combined. Despite this economic strength, Japan faces an alarming and growing threat ...
Continue Reading

Phishing Campaign Targets Job Seekers With WARMCOOKIE Backdoor

A phishing campaign is impersonating recruiting firms to target job seekers with a new strain of malware, according to researchers at Elastic Security.
Continue Reading

The Global Reach of Cyber Threats: Why Security Awareness Training is More Important Than Ever

Based on news cycles within cybersecurity, it's easy to fall into the trap of thinking that threats only come from certain parts of the world or that they only target specific industries. ...
Continue Reading

Cybercriminals Use New V3B Phishing Kit to Mimic 54 Different Banks in the European Union

A new phishing-as-a-service toolkit that leverages credential interception and anti-detection capabilities has put EU banks at severe risk of fraud.
Continue Reading

Phishing With Deepfakes for HK$200 Million

My hacker story occurred not too long ago at the Hong Kong office of an undisclosed multinational corporation. The hackers pulled off a first-of-its-kind scam that leveraged a phishing ...
Continue Reading

New Research Shows An Alarming Trend of Phishing Attacks Doubling For US and European Organizations

Cybercriminals never sleep, and their aim keeps getting better. According to new research from Abnormal Security, phishing attacks targeting organizations in Europe shot up by a ...
Continue Reading

Sinister "More_eggs" Malware Cracks Into Companies by Targeting Hiring Managers

Job seekers, beware - cybercriminals have a nasty new way to slide their malicious code on corporate networks. Researchers have uncovered a devious phishing campaign that's distributing ...
Continue Reading

DarkGate Malware Being Spread Via Excel Docs Attached To Phishing Emails

A phishing campaign is spreading the DarkGate malware using new techniques to evade security filters, according to researchers at Cisco Talos.
Continue Reading

New HR-Themed Credential Harvesting Phishing Attack Uses Legitimate Signature Platform Yousign

A new phishing campaign is exploiting the eSignature platform Yousign.
Continue Reading

Bruce Schneier: "AI Will Increase the Quantity—and Quality—of Phishing Scams"

Wow. It does not happen often that the godfather of infosec comes out this strong about phishing risks. He co-published new research in the Harvard Business Review May 30, 2024, which in ...
Continue Reading

Nearly Three-Quarters of Organizations Were the Target of Attempted Business Email Compromise Attacks

New data highlights just how dangerous Business Email Compromise attacks are.
Continue Reading

Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing

I have created a comprehensive webinar, based on my recent book, “Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing”. It contains everything that KnowBe4 ...
Continue Reading

Social Engineering Scams Can Come in the Mail, Too

Social engineering scams can come through any communications channel (e.g., email, web, social media, SMS, phone call, etc.). They can even come in the mail as the Nextdoor warning below ...
Continue Reading

“Operation Endgame” Ends with the Arrest of 4 Cybercriminal Suspects and 100 Servers

Coordinated efforts between law enforcement agencies across nine countries has resulted in a major disruption of a threat group’s malware and ransomware operations.
Continue Reading

Email Compromise Continues to Dominate as Top Threat Incident Type as Tactics Evolve

As email compromise attacks increase, analysis of tactics provides context on how organizations need to evolve their defenses.
Continue Reading

[NEW RESEARCH]: KnowBe4’s 2024 Phishing by Industry Benchmarking Report Reveals that 34.3% of Untrained End Users Will Fail a Phishing Test

The prevalence of cyber crime continues to soar, victimizing individuals in both their work and private lives. Cybercriminals are indiscriminate, targeting around the clock and across the ...
Continue Reading

Russia’s Military Intelligence Service Launches Spear Phishing Attacks

Researchers at Recorded Future warn that BlueDelta, a threat actor tied to Russia’s GRU, is launching spear phishing attacks against European defense and transportation entities.
Continue Reading

New Transparent Phishing Attacks Leverage Cloudflare Worker Serverless Computing

An increasing number of phishing campaigns from several threat groups are being tracked as they leverage legitimate Cloudflare services as part of account compromise attacks.
Continue Reading

The Hard Evidence That Phishing Training and Testing Really Works Great

Security awareness training (SAT) and simulated phishing works to significantly reduce cybersecurity risk. We have the data, customer testimonials and government recommendations to prove ...
Continue Reading

Threat Actor Void Manticore Uses Cyber Weapon “Wipers” to Destroy Data and Systems

This Pro-Hamas hacktivist group has updated their payload arsenal to include updated versions of their BiBi Wiper malware, and two new wiper variants.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews