Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

[New Phishing Template] See The Big Game SnoozeFest Highlights In 5 Minutes

Feb 4, 2019 10:14:58 AM By Stu Sjouwerman
Here is a template that you can use to test your users and see if they will click on a Big Game related phishing attack. There are bad guys out there trying several scams to entice ...
Continue Reading

[Brilliant New Social Engineering Phish] "Please Docusign: Funding For Your Business"

Jan 31, 2019 7:13:19 AM By Stu Sjouwerman
A friend was sent this email and he forwarded it to me. It's a brilliant new social engineering phishing scam. It will sail through all your spam / malware filters and email protection ...
Continue Reading

Scam Of The Week: CEO Fraud bad guys are now bribing your users

Jan 29, 2019 7:27:00 AM By Stu Sjouwerman
Today saw the arrival of yet another interesting variant of the gift card phishing campaigns that have grown into a deluge over the past few months (see below). Today's email demonstrates ...
Continue Reading

DNS Hijacking Almost Always Starts With A Successful Spear Phishing Attack

Jan 28, 2019 4:23:59 PM By Stu Sjouwerman
On Jan. 22, 2019, the Cybersecurity and Infrastructure Security Agency (CISA), which is a part of the U.S. Department of Homeland Security (DHS), issued Emergency Directive 19-01. The ...
Continue Reading

Experts Warn to Expect More Targeted and Effective Ransomware and Phishing Attacks in 2019

Jan 25, 2019 2:23:42 PM By Stu Sjouwerman
While attack types do not appear to be changing in the coming year, experts see cybercriminals getting better at their craft, making it easier to separate you from your money and ...
Continue Reading

Grand Jury Duty Vishing Fraud: A New Twist on an Old Scam

Jan 25, 2019 6:30:27 AM By Stu Sjouwerman
Vishing - phone-based “voice phishing” – attacks are alive and well, taking victims of their time, emotions, and money. This new scam can scare you into becoming a victim.
Continue Reading

Social Oversharing, Online Quizzes, and Prizes are the Makings of a New Form of Phishing

Jan 22, 2019 3:52:08 PM By Stu Sjouwerman
Phishing is moving beyond the Inbox to your online experience in an effort to collect personal details and share out the attack on social networks, according to a new report from Akamai ...
Continue Reading

[INFOGRAPHIC] Q4 2018 Top-Clicked Phishing Email Subjects from KnowBe4

Jan 22, 2019 9:35:52 AM By Stu Sjouwerman
KnowBe4 reports every quarter on the top-clicked phishing emails. Here we have the results for Q4 2018. We track three different categories: general email subjects, those related to ...
Continue Reading

EY UK: "We've seen a huge proliferation of very successful phishing attacks"

Jan 21, 2019 5:13:04 PM By Stu Sjouwerman
Bethan Moorcraft at InsuranceBusiness Mag UK wrote an excellent article about the current state of cyber insurance in Europe. Here is an extract with the link to the full article at the ...
Continue Reading

Your Boss NEEDS To Read This WSJ Article About Our Power Grid And How The Russians Hacked It With Phishing

Jan 13, 2019 9:20:19 AM By Stu Sjouwerman
In a Jan 10, 2019 article, the Wall Street Journal reconstructed the worst known hack into the USA's power grid revealing attacks on hundreds of small contractors.
Continue Reading

Email Security Gap Analysis: Survey Finds Phishing Is The No. 1 Attack That Worries IT Pros Most

Jan 12, 2019 6:34:32 PM By Stu Sjouwerman
There are a few companies that frequently report on so-called "email security gap analysis" numbers: Mimecast, Proofpoint and Cyren. They are all IT security companies that have email ...
Continue Reading

The Government may be shut down, but the bad guys are not

Jan 10, 2019 2:18:49 PM By Eric Howes
By Eric Howes, KnowBe4 Principal Lab Researcher. Once again we are starting tax season, and malicious actors are spinning up phishing campaigns to exploit the myriad opportunities ...
Continue Reading

It Only Takes 1 Phish: “Unremarkable” Phishing Attack Results in a Breach in the European Union’s Diplomatic Communications Network

Jan 9, 2019 7:02:51 AM By Stu Sjouwerman
A three-year-long cyber-attack led to the successful breach of the all communications between all EU member states, putting countries and their futures at risk.
Continue Reading

Phishing Kit Uses Custom Font Files to Decode Text

Jan 5, 2019 10:40:48 AM By Stu Sjouwerman
Researchers at Proofpoint discovered a phishing template that uses a unique method for encoding text using web fonts. The researchers found that the source code of the landing page ...
Continue Reading

Air Force Targets Their Own Staff with a “Threat Emulation” to Understand Their Cyber Awareness and Readiness

Jan 2, 2019 4:01:49 PM By Stu Sjouwerman
The U.S. Air Force’s Cyber division used spear-phishing tactics to test whether airmen can proficiently recognize and avoid email-based attacks.
Continue Reading

New Clickbait Warning: "Captain America Star Hayley Atwell Nude Photos Hacked"

Dec 25, 2018 9:56:04 AM By Stu Sjouwerman
And another one... will these stars ever learn? We suggest you send a simulated phishing attack to inoculate your users. There is a new template available in our Controversial/NSFW ...
Continue Reading

The IRS Warns of a 60% Increase in Phishing Attacks Targeting Tax Professionals

Dec 21, 2018 6:19:56 PM By Stu Sjouwerman
As part of National Tax Security Awareness Week this month, the IRS notes a surge in phishing scams aimed at stealing money or tax-related data.
Continue Reading

Gartner's Neil Wynne: "Email Phishing is a Growing Threat"

Dec 20, 2018 3:21:41 PM By Stu Sjouwerman
Email phishing is a top threat to organizations because it works so well, according to Neil Wynne, principal and analyst for secure business enablement at Gartner. Wynne told Stephanie ...
Continue Reading

93% of Phishing Sites Leverage Encryption to Establish Credibility and Improve Attack Success

Dec 20, 2018 3:13:04 PM By Stu Sjouwerman
The site safety and credibility represented by the green padlock in your browser is being taken advantage of by cybercriminals looking to lull users into a false sense of security.
Continue Reading

Is that phone call really from Amazon?

Dec 20, 2018 1:35:51 PM By Eric Howes
By Eric Howes, KnowBe4 Principal Lab Researcher. Now that it's the holiday season, malicious parties across the globe are exploiting Amazon's good name and popularity with consumers to ...
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews