Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

An Uber Phish

London's Transport for London (TfL) is the entity that manages public transportation and public carriage licenses. In November 2019, TfL stated it would not renew Uber’s Private Hire ...
Continue Reading

Trends in Phishing, as Seen From a Mountain View

Researchers from Google’s Threat Analysis Group (TAG) released details on recent state-sponsored phishing campaigns from around the world. The researchers said that Google’s phishing ...
Continue Reading

Scammers Hijacking Twitter Accounts To Sell Face Masks

Scammers cashing in on the Coronavirus crisis are now hijacking Twitter accounts to heavily promote a web site purporting to sell face masks, respirators, digital thermometers, and toilet ...
Continue Reading

The Creation & Development of a COVID-19 Phish

As we documented in a recent blog piece, malicious actors are aggressively exploiting the COVID-19 crisis by re-purposing and overhauling phishing emails they were running before the ...
Continue Reading

[HEADS UP] Cybercriminals Attempt to Exploit Stimulus Package for COVID-19

In several recent blog posts we've showed you the myriad ways in which malicious actors have aggressively -- even ruthlessly -- deployed social engineering tactics to leverage the ...
Continue Reading

FBI Warns of Stimulus Check Scams

The FBI's Internet Crime Complaint Center (IC3) issued an alert warning of coronavirus-related phishing attacks, particularly surrounding economic stimulus checks. The news that the US ...
Continue Reading

New KnowBe4 Benchmarking Report Finds 37.9% of Untrained End Users Will Fail a Phishing Test

The 2020 Phishing By Industry Benchmarking Report compiles results from the third annual study by KnowBe4 and reveals at-risk users across 19 industries that are susceptible to phishing ...
Continue Reading

Beware! The FCC Releases Audio Samples of Coronavirus Phone Scams

Scammers sink to a new low with these phone scams preying on the fears of U.S. citizens offering hopes of better protecting themselves from the Coronavirus.
Continue Reading

Sitting Ducks: When Employees Work from Home

As the COVID-19 health crisis rages on and millions of workers and students move to working from home (WFH) and online distance education, no one should make the error of thinking that ...
Continue Reading

Ransomware Incidents Increase 131 Percent with the SMB Being the Primary Target

The recent release of new data from U.K. cyberinsurer Beazley’s brings to light what kinds of attacks their customers are experiencing and who’s at risk.
Continue Reading

Sextortion Scam Combines Lust and Envy

A sleazy phishing campaign is trying to tempt people into opening an attachment that supposedly contains nude pictures of a friend’s girlfriend, BleepingComputer reports. The attackers ...
Continue Reading

Brand Impersonation Phishing Attacks Grow While Organizations Fail to Protect Their Brand Using DMARC

New data from Security vendor Agari shows how identity deception techniques are being used to fool recipient victims as organizations lack the needed safeguards to ensure emails are ...
Continue Reading

[On-Demand] New 2020 Phishing By Industry Benchmarking Report: How Does Your Organization Measure Up

As a security leader, you have a lot on your plate. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up. IT security seems to ...
Continue Reading

Urgency Around the Coronavirus Leads to Phishing Scams Targeting Healthcare

As if the virus itself wasn’t bad enough, lowlife scammers are using the pandemic to trick healthcare workers into giving up credentials. Elite hackers tried to break into the World ...
Continue Reading

[Heads-Up] Feeding Frenzy: COVID-19 Phishing Attacks Surge as U.S. Reels from Pandemic

By Eric Howes,  KnowBe4 Principal Lab Researcher. Having already published three blog pieces on the epidemic of Coronavirus-themed phishing emails and spam/scam offerings online (see ...
Continue Reading

Organizations Need To Be Wary Of Home Worker Phishing Risks

Security experts warn that phishing attacks against home workers will rise.
Continue Reading

Human Behavior is What Makes Phishing Attacks So Successful

The problem isn’t the lack of software designed to detect, prevent, and protect – it’s that human response is a required part of every phishing attack that users seem to be happy to ...
Continue Reading

Domains Use Homographic Characters to Create Hard to Spot Phishing URL's

Website domains can use homographic characters to create very hard-to-spot phishing URLs, Threatpost reports. Cybersecurity researcher Avi Lumelsky demonstrated how easy it is to create ...
Continue Reading

The Effectiveness of Educating End Users With a Test-Out Quiz

Use a “test-out” quiz as a way to get people who are normally resistant to training to proactively take the training. They think they are taking a quiz to avoid the training, but in ...
Continue Reading

FBI Sends Private Industry Notification Warning of BEC Techniques

The FBI sent out a Private Industry Notification (PIN) warning companies that attackers are abusing Microsoft Office 365 and Google’s G Suite to launch business email compromise (BEC) ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews