Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Organizations Routinely Phish Their Own Employees to Test Their Systems for Human Vulnerability

Feb 6, 2019 6:38:19 AM By Stu Sjouwerman
As compliance mandates and consumer privacy laws get tougher, businesses are taking matters into their own hands, launching internal phishing attacks to identify at-risk users.
Continue Reading

Here is the Phish-prone percentage that a customer sent us today

Feb 5, 2019 1:54:08 PM By Stu Sjouwerman
"We’ve had great success with the KnowBe4 solution. I think the key differentiator for KnowBe4 is the integration of the simulated phishing and analytics in conjunction with the ...
Continue Reading

Today I was attacked through an existing vendor using a real email thread

Feb 5, 2019 10:39:55 AM By Stu Sjouwerman
We have been dealing with a vendor of ours for on-hold messages for many years. I send them a Word file with the hold messages, their studio records them, and they send us a wave file ...
Continue Reading

Sextortion Phishing Scam Exploits Recent Breach Fears

Feb 5, 2019 7:23:09 AM By Stu Sjouwerman
Sextortion scam emails are circulating which claim that a popular adult site has been hacked, allowing an attacker to record videos of users through their webcams, according to Lawrence ...
Continue Reading

Voicemail Phishing Email Scams are Targeting User Passwords

Feb 5, 2019 7:15:09 AM By Stu Sjouwerman
A devilishly ingenious scam plays on your user’s familiarity with business voicemail, seeking to compromise online credentials without raising concerns.
Continue Reading

This password-stealing phishing attack comes disguised as a fake meeting request from the boss

Feb 4, 2019 5:00:06 PM By Stu Sjouwerman
Danny Palmer at ZDNet reported: "A widespread phishing campaign is targeting executives across a number of industries with messages asking to reschedule a board meeting in an effort to ...
Continue Reading

[New Phishing Template] See The Big Game SnoozeFest Highlights In 5 Minutes

Feb 4, 2019 10:14:58 AM By Stu Sjouwerman
Here is a template that you can use to test your users and see if they will click on a Big Game related phishing attack. There are bad guys out there trying several scams to entice ...
Continue Reading

[Brilliant New Social Engineering Phish] "Please Docusign: Funding For Your Business"

Jan 31, 2019 7:13:19 AM By Stu Sjouwerman
A friend was sent this email and he forwarded it to me. It's a brilliant new social engineering phishing scam. It will sail through all your spam / malware filters and email protection ...
Continue Reading

Scam Of The Week: CEO Fraud bad guys are now bribing your users

Jan 29, 2019 7:27:00 AM By Stu Sjouwerman
Today saw the arrival of yet another interesting variant of the gift card phishing campaigns that have grown into a deluge over the past few months (see below). Today's email demonstrates ...
Continue Reading

DNS Hijacking Almost Always Starts With A Successful Spear Phishing Attack

Jan 28, 2019 4:23:59 PM By Stu Sjouwerman
On Jan. 22, 2019, the Cybersecurity and Infrastructure Security Agency (CISA), which is a part of the U.S. Department of Homeland Security (DHS), issued Emergency Directive 19-01. The ...
Continue Reading

Experts Warn to Expect More Targeted and Effective Ransomware and Phishing Attacks in 2019

Jan 25, 2019 2:23:42 PM By Stu Sjouwerman
While attack types do not appear to be changing in the coming year, experts see cybercriminals getting better at their craft, making it easier to separate you from your money and ...
Continue Reading

Grand Jury Duty Vishing Fraud: A New Twist on an Old Scam

Jan 25, 2019 6:30:27 AM By Stu Sjouwerman
Vishing - phone-based “voice phishing” – attacks are alive and well, taking victims of their time, emotions, and money. This new scam can scare you into becoming a victim.
Continue Reading

Social Oversharing, Online Quizzes, and Prizes are the Makings of a New Form of Phishing

Jan 22, 2019 3:52:08 PM By Stu Sjouwerman
Phishing is moving beyond the Inbox to your online experience in an effort to collect personal details and share out the attack on social networks, according to a new report from Akamai ...
Continue Reading

[INFOGRAPHIC] Q4 2018 Top-Clicked Phishing Email Subjects from KnowBe4

Jan 22, 2019 9:35:52 AM By Stu Sjouwerman
KnowBe4 reports every quarter on the top-clicked phishing emails. Here we have the results for Q4 2018. We track three different categories: general email subjects, those related to ...
Continue Reading

EY UK: "We've seen a huge proliferation of very successful phishing attacks"

Jan 21, 2019 5:13:04 PM By Stu Sjouwerman
Bethan Moorcraft at InsuranceBusiness Mag UK wrote an excellent article about the current state of cyber insurance in Europe. Here is an extract with the link to the full article at the ...
Continue Reading

Your Boss NEEDS To Read This WSJ Article About Our Power Grid And How The Russians Hacked It With Phishing

Jan 13, 2019 9:20:19 AM By Stu Sjouwerman
In a Jan 10, 2019 article, the Wall Street Journal reconstructed the worst known hack into the USA's power grid revealing attacks on hundreds of small contractors.
Continue Reading

Email Security Gap Analysis: Survey Finds Phishing Is The No. 1 Attack That Worries IT Pros Most

Jan 12, 2019 6:34:32 PM By Stu Sjouwerman
There are a few companies that frequently report on so-called "email security gap analysis" numbers: Mimecast, Proofpoint and Cyren. They are all IT security companies that have email ...
Continue Reading

The Government may be shut down, but the bad guys are not

Jan 10, 2019 2:18:49 PM By Eric Howes
By Eric Howes, KnowBe4 Principal Lab Researcher. Once again we are starting tax season, and malicious actors are spinning up phishing campaigns to exploit the myriad opportunities ...
Continue Reading

It Only Takes 1 Phish: “Unremarkable” Phishing Attack Results in a Breach in the European Union’s Diplomatic Communications Network

Jan 9, 2019 7:02:51 AM By Stu Sjouwerman
A three-year-long cyber-attack led to the successful breach of the all communications between all EU member states, putting countries and their futures at risk.
Continue Reading

Phishing Kit Uses Custom Font Files to Decode Text

Jan 5, 2019 10:40:48 AM By Stu Sjouwerman
Researchers at Proofpoint discovered a phishing template that uses a unique method for encoding text using web fonts. The researchers found that the source code of the landing page ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews