The Government may be shut down, but the bad guys are not

Jan 10, 2019 2:18:49 PM By Eric Howes

By Eric Howes, KnowBe4 Principal Lab Researcher. Once again we are starting tax season, and malicious actors are spinning up phishing campaigns to exploit the myriad opportunities ...

It Only Takes 1 Phish: “Unremarkable” Phishing Attack Results in a Breach in the European Union’s Diplomatic Communications Network

Jan 9, 2019 7:02:51 AM By Stu Sjouwerman

A three-year-long cyber-attack led to the successful breach of the all communications between all EU member states, putting countries and their futures at risk.

Phishing Kit Uses Custom Font Files to Decode Text

Jan 5, 2019 10:40:48 AM By Stu Sjouwerman

Researchers at Proofpoint discovered a phishing template that uses a unique method for encoding text using web fonts. The researchers found that the source code of the landing page ...

Air Force Targets Their Own Staff with a “Threat Emulation” to Understand Their Cyber Awareness and Readiness

Jan 2, 2019 4:01:49 PM By Stu Sjouwerman

The U.S. Air Force’s Cyber division used spear-phishing tactics to test whether airmen can proficiently recognize and avoid email-based attacks.

New Clickbait Warning: "Captain America Star Hayley Atwell Nude Photos Hacked"

Dec 25, 2018 9:56:04 AM By Stu Sjouwerman

And another one... will these stars ever learn? We suggest you send a simulated phishing attack to inoculate your users. There is a new template available in our Controversial/NSFW ...

The IRS Warns of a 60% Increase in Phishing Attacks Targeting Tax Professionals

Dec 21, 2018 6:19:56 PM By Stu Sjouwerman

As part of National Tax Security Awareness Week this month, the IRS notes a surge in phishing scams aimed at stealing money or tax-related data.

Gartner's Neil Wynne: "Email Phishing is a Growing Threat"

Dec 20, 2018 3:21:41 PM By Stu Sjouwerman

Email phishing is a top threat to organizations because it works so well, according to Neil Wynne, principal and analyst for secure business enablement at Gartner. Wynne told Stephanie ...

93% of Phishing Sites Leverage Encryption to Establish Credibility and Improve Attack Success

Dec 20, 2018 3:13:04 PM By Stu Sjouwerman

The site safety and credibility represented by the green padlock in your browser is being taken advantage of by cybercriminals looking to lull users into a false sense of security.

Is that phone call really from Amazon?

Dec 20, 2018 1:35:51 PM By Eric Howes

By Eric Howes, KnowBe4 Principal Lab Researcher. Now that it's the holiday season, malicious parties across the globe are exploiting Amazon's good name and popularity with consumers to ...

APWG: Phishing Remains a Constant and Effective Means of Attack

Dec 20, 2018 11:45:13 AM By Stu Sjouwerman

The latest report from the Anti-Phishing Working Group (APWG) highlights the prevalence of phishing and how it’s changing to remain an effective attack method.

How Wellcome Trust Executives Got Whaled By Oldest Trick In The Phishing Playbook

Dec 19, 2018 5:07:47 PM By Stu Sjouwerman

Forbes contributor Davey Winder wrote an excellent comment: "It hasn't been the greatest week for the non-profit sector with the revelation that two well-known charities have fallen ...

Organizations Managing Critical Infrastructure Face a New Global Phishing Attack

Dec 18, 2018 6:54:22 AM By Stu Sjouwerman

According to McAfee’s Advanced Threat Research team and McAfee Labs Malware Operations Group, a new global campaign is underway, targeting key industries, potentially for espionage ...

Mimecast: "Your Filters Are Missing 12 Percent Of The Unwanted Emails"

Dec 15, 2018 4:07:47 PM By Stu Sjouwerman

Mimecast said: "Is a false negative rate of 12% a large number or a small one? I suppose it depends on your perspective. If your email security system lets in 12 unwanted emails—whether ...

CrowdStrike: Compelling Stories From The Cyber Intrusion Casebook 2018

Dec 15, 2018 2:51:34 PM By Stu Sjouwerman

From the Front Lines of Incident Response, the CrowdStrike Services Cyber Intrusion Casebook 2018 offers some compelling stories how threat actors are continuously adopting new means to ...

New "Secured" Phishing Site Goes Up Every Two Minutes

Dec 14, 2018 1:42:01 PM By Stu Sjouwerman

SC Mag had an exclusive: Threat actors are "playing by the rules", or at least tricking your browser into thinking they are, in order to deliver more effective attacks.

Cybercriminals Use 1.7 Million Compromised PCs in Botnet Advertising Fraud Scam

Dec 10, 2018 2:09:32 PM By Stu Sjouwerman

The Russian-born, botnet-driven advertising fraud scam, 3ve, generated over $29 million in revenue using fileless malware variant Kovter, botnets, and unsuspecting users.

[ALERT] Now The Bad Guys Are Phishing For Your Retirement Money

Dec 9, 2018 12:06:58 PM By Stu Sjouwerman

Eric Howes, KnowBe4 Principal Lab Researcher observed: "Here is a screenshot of a phishing email that came in Friday. In it the bad guys attempt to apply the same modus operandi currently ...

True Phishing Confessions From A Compromised Company. This One Has A Twist At The End

Dec 7, 2018 10:55:58 AM By Stu Sjouwerman

"The email you hope you never have to send to clients/customers" OK, so here is another horror story that you hope you can prevent from happening to your own organization. This is an ...

When Does a Legitimate Password Reset Email Feel Like a Phishing Attack? Just Ask Citrix Users

Dec 5, 2018 9:30:44 AM By Stu Sjouwerman

A recent password reset email from ShareFile (a Citrix company) put some users on edge, questioning both the emails legitimacy and why the reset.

GreyEnergy Malware Spreads Through Phishing Emails

Dec 5, 2018 6:32:48 AM By Stu Sjouwerman

The GreyEnergy APT primarily uses phishing emails as its initial infection method, according to analysis by Nozomi Networks. The malware has been targeting industrial control systems in ...

Security Awareness Training Blog

Phishing Blog

View Topics