Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Vishing Scams are Increasingly Difficult to Detect

Oct 8, 2018 10:32:44 AM By Stu Sjouwerman
Phone scams are becoming more convincing as attackers devise new ways to sound legitimate. KrebsOnSecurity recently spoke with several readers who'd been targeted by voice phishing, or ...
Continue Reading

KnowBe4's Phish Alert Button Now Works With Outlook Mobile!

Oct 5, 2018 12:44:35 PM By Stu Sjouwerman
Do your users know what to do when they receive a suspicious email? Should they call the help desk, or forward it? Should they forward to IT including all headers? Delete and not report ...
Continue Reading

Bleeding Edge Phishing Attack Uses Decoy PDF with Microsoft-issued SSL Cert

Oct 3, 2018 2:21:01 PM By Stu Sjouwerman
TL,DR: A recent phishing attack posing as a PDF decoy from a Denver law firm was stealing clients' Office 365 credentials. The phishing bait was hosted in Azure blob storage and contained ...
Continue Reading

Worry About Phishing, Not Malware!

Oct 2, 2018 5:10:25 PM By Stu Sjouwerman
With so many security strategies revolving around the detection of malware, organizations forget the primary source of all their worries – phishing.
Continue Reading

Kevin Mitnick weighs in on Facebook's big security breach

Sep 29, 2018 9:58:59 AM By Stu Sjouwerman
It was all over the news, and CNBC interviewed KnowBe4's very own Chief Hacking Officer Kevin Mitnick (note the StreetCred box on the right).
Continue Reading

[InfoGraphic] 20 Ways to Block Mobile Attacks

Sep 28, 2018 5:14:43 PM By Stu Sjouwerman
To start your National Cyber Security Awareness Month (NCSAM) here is a goodie for your users to kick things off.
Continue Reading

Targeted Attacks Replace Spam Campaigns

Sep 28, 2018 12:37:50 PM By Stu Sjouwerman
Spam campaigns are all but dead. But lucrative targeted low-risk, high-yield cyber-attacks have risen to take their place, according to the European Union law enforcement agency Europol.
Continue Reading

Brand-New Tool: Domain Doppelgänger Identifies Evil Twin Domains

Sep 27, 2018 10:56:40 AM By Stu Sjouwerman
I gave you a heads-up a few days ago, and now I'm excited to announce the actual release of a new tool to help protect your organization from cybercriminals.
Continue Reading

Ewww. Password managers can be tricked into believing that malicious Android apps are legitimate

Sep 26, 2018 1:56:02 PM By Stu Sjouwerman
Ewww. Something else to watch out for. Will it ever stop?. Ummm, no.
Continue Reading

Highly Targeted Email Attacks Are on the Rise!

Sep 26, 2018 11:36:52 AM By Stu Sjouwerman
New data shows a surge in attacks, what industries are targets, which users are at risk, and what you can expect to see in the future.
Continue Reading

As Predicted, Hurricane Florence Phishing Scams are Circulating

Sep 25, 2018 1:11:26 PM By Stu Sjouwerman
We’ve noted in other posts that events like natural disasters are inevitably used as phishbait by scammers. The Atlantic hurricane season, which breeds storms like the recent and very ...
Continue Reading

I Got Vished (and So Can Your Users)

Sep 25, 2018 7:01:18 AM By Stu Sjouwerman
Written by Guest Blogger Nick Cavalancia, Microsoft MVP Hear one cybersecurity expert’s experience of missing the signs and getting duped over the phone. If it can happen to him, it can ...
Continue Reading

Phishing Attack On Office 365 Account Leads To 3 Million CEO Fraud

Sep 24, 2018 7:02:50 AM By Stu Sjouwerman
A phishing attack on an Office 365-account enabled a 3 Mil CEO Fraud Scam at an investment firm. Finnish antivirus company F-Secure reported on their blog. One of the employees at the ...
Continue Reading

It Only Takes One Phish to Spoil Your IPO

Sep 20, 2018 2:53:05 PM By Stu Sjouwerman
The recent data breach of pre-IPO biotech firm Guardant Health shows how much impact a single successful phishing attack can have on an organization.
Continue Reading

The Evolution Of "Friendly Name" Spoofing During Phishing Attacks

Sep 14, 2018 5:08:05 PM By Stu Sjouwerman
Our friends at Bleepingcomputer had a great article written by Ionut Ilascu I think you will like: "While phishing continues to be the prevalent threat in malware-less email-based ...
Continue Reading

WATCH IT - Current Events Will Be Misused for Phishing...AGAIN

Sep 14, 2018 10:22:59 AM By Stu Sjouwerman
Here are the latest Current Events phishes from the KnowBe4 team over the past few days, some prompted by warnings from US-CERT.
Continue Reading

Colleges Become Phishing Targets with Student Loans as the Payoff

Sep 14, 2018 9:50:14 AM By Stu Sjouwerman
Anytime there’s a transaction involving money, cybercriminals look for ways to hack in and intercept funds. Student Loans are the latest target.
Continue Reading

Phishing from Beyond the Grave...

Sep 14, 2018 5:51:29 AM By Eric Howes
By Eric Howes, KnowBe4 Principal Lab Researcher. It's no secret that the threat of phishing emails has been growing at an alarming rate for a number of years. Indeed, ZDNet recently ...
Continue Reading

Details of North Korea Attacks Highlight Email’s Role in Attacks

Sep 12, 2018 2:29:00 PM By Stu Sjouwerman
When you think of cyber-espionage, you might be surprised it’s far less “Mission: Impossible” and a lot more basic phishing tactics.
Continue Reading

Phishing Scammers are Planning Well into 2020

Sep 12, 2018 2:25:37 PM By Stu Sjouwerman
Cybercriminals are already looking to take advantage of the 2020 Tokyo Olympics. Are you thinking years out? The bad guys are.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews