Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Verizon: The Percentage of Users Clicking Phishing Emails is Still Rising

The long-awaited annual Verizon Data Breach Investigations Report is out, and it’s made very clear that users continue to be a problem in phishing attacks.
Continue Reading

Analysis Shows 2023 to be “Worst Year for Phishing on Record”

Newly-released data highlights our worst fears about the prevalence of phishing, and some glimmer of hope that the good guys may be winning the fight.
Continue Reading

[CASE STUDY] Healthcare Organization Hardens Employee Defenses Against Insidious Callback Phishing Attacks

A major U.S. healthcare provider significantly reduced their employees' susceptibility to callback phishing attacks after using KnowBe4's callback phishing simulation and training ...
Continue Reading

Phishing Failures: How Not to Phish Your Users

This blog was co-written by Javvad Malik and Erich Kron. Let’s dive into the cautionary world of phishing simulations gone wrong. You know, those attempts to train users not to fall for ...
Continue Reading

How New College Graduates Can Avoid Increasingly Personalized Job Scams

For many fresh out of college, the drive to land that first professional role is a top priority. Yet, new graduates can be exposed to sophisticated scams that can jeopardize not just ...
Continue Reading

Targeted Smishing Attacks by Threat Group “The Com” On The Rise

Cyber activity by the group "The Com," which leverages (SIM) swapping, cryptocurrency theft, swatting, and corporate intrusions, is increasing.
Continue Reading

The Art of Huh?

One of the best things you can teach yourself, your family, and your organization is how to recognize the common signs of phishing and how to mitigate and appropriately report it.
Continue Reading

Phishing Campaigns Spoof the U.S. Postal Service

Researchers at Akamai have found that phishing sites impersonating the U.S. Postal Service get as much traffic as the real USPS website.
Continue Reading

Next Week is World Password Day!

May 2nd is World Password Day. Despite the computer industry telling us for decades that our passwords will soon be gone, we now have more than ever!
Continue Reading

AI-Assisted Phishing Attacks Are on the Rise

Threat actors are increasingly using generative AI tools to improve their phishing campaigns, according to a new report from Zscaler.
Continue Reading

Phishing Campaign Exploits Nespresso Domain

Attackers are launching phishing campaigns using an open-redirect vulnerability affecting a website belonging to coffee machine company Nespresso, according to researchers at Perception ...
Continue Reading

USPS Surges to Take Top Spot as Most Impersonated Brand in Phishing Attacks

New data shows phishing attacks are deviating from the traditional focus on technology and retail sectors and are opting for alternate brands with widespread appeal.
Continue Reading

4 out of 5 of Physicians Were Impacted by February’s Cyber Attack on Change Healthcare

A new survey of physicians details the devastating impact of the Change Healthcare cyber attack on the healthcare sector.
Continue Reading

Kudos! CEO Reveals He Got Phished

The other day I was participating in a company’s employee meeting when the CEO revealed he had been “caught” that morning by a real phishing attack email.
Continue Reading

Half of U.K. Businesses Experienced a Security Breach or Cyber Attack in the Last 12 Months

Analysis of cyber attacks targeting U.K. organizations highlights the effectiveness of social engineering attacks and the fact that businesses are missing the mark on how to stop it.
Continue Reading

Phishing Frenzy: Microsoft and Google Most Mimicked Brands in Cyber Scams

Microsoft and Google were the most frequently impersonated brands in phishing attacks during the first quarter of 2024, according to a report from Check Point.
Continue Reading

[WARNING] FBI Issues Alert on Major Phishing Campaign That Impersonates US Toll Services

The FBI has issued an alert warning of a widespread SMS phishing (smishing) campaign targeting people in several US states with phony notices of unpaid tolls, BleepingComputer reports.
Continue Reading

You Really Are Being Surveilled All the Time

“If the product is free, you are the product!” No truer words have ever been spoken. But in today’s internet-connected, ad-everywhere world, even if you are paying for the product or ...
Continue Reading

State-Sponsored Disinformation Campaigns Targeting Africa Driving Instability And Violence

A shocking report shows how email-based disinformation campaigns can have material real-world impacts to the citizens in the targeted countries.
Continue Reading

U.S. Department of Health Alert: Hackers are Targeting IT Help Desks at Healthcare Organizations

A new sector alert published by the U.S. Department of Health and Human Services outlines new attacks in which social engineering is used to obtain credentials for online fraud.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews