Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

View Topics

Phishing from Beyond the Grave...

Sep 14, 2018 5:51:29 AM By Eric Howes
By Eric Howes, KnowBe4 Principal Lab Researcher. It's no secret that the threat of phishing emails has been growing at an alarming rate for a number of years. Indeed, ZDNet recently ...
Continue Reading

Details of North Korea Attacks Highlight Email’s Role in Attacks

Sep 12, 2018 2:29:00 PM By Stu Sjouwerman
When you think of cyber-espionage, you might be surprised it’s far less “Mission: Impossible” and a lot more basic phishing tactics.
Continue Reading

Phishing Scammers are Planning Well into 2020

Sep 12, 2018 2:25:37 PM By Stu Sjouwerman
Cybercriminals are already looking to take advantage of the 2020 Tokyo Olympics. Are you thinking years out? The bad guys are.
Continue Reading

New York State Universities Targeted by Phishing Scams

Sep 12, 2018 1:36:36 PM By Stu Sjouwerman
Students from Plattsburgh State and SUNY Adirondack were targeted by several types of scams over the summer, causing Plattsburgh State officials to send out warnings to the student body. ...
Continue Reading

Phishing warning: One in every one hundred emails is now a hacking attempt

Sep 12, 2018 11:49:20 AM By Stu Sjouwerman
And just one mistake can compromise an entire organisation. Danny Palmer at ZDNet wrote: "One in every one hundred emails sent round the globe has malicious intent, likely to deliver ...
Continue Reading

"Voice Phishing" in Korea This Year Already Exceeds 2017 Numbers.

Sep 10, 2018 4:12:33 PM By Stu Sjouwerman
The Korea JoonGang Daily reported that despite warnings from financial authorities, an average of 116 people fall victim to what is called "voice phishing" scams every day in Korea.
Continue Reading

Weaponized IQY Files Make Excel Users an Easy Target

Sep 10, 2018 2:05:09 PM By Stu Sjouwerman
The Necurs botnet – most notably responsible for distributing Locky – is now pushing weaponized internet or web query (.IQY) file to evade detection and download malware.
Continue Reading

Only 40% of Business Phishing Scams Contain Links

Sep 10, 2018 2:01:43 PM By Stu Sjouwerman
This latest statistic takes the spotlight off of antivirus as the protector, and puts the focus squarely in the hands of your users to stop attacks.
Continue Reading

Mobile Phishing Campaign: Homograph Characters + "Free Flights"

Aug 31, 2018 3:27:11 PM By Stu Sjouwerman
Kacy Zurkus at the InfoSec group had the scoop on a campaign recently reported by Farsight Security involving an internationalized domain name (IDN) "homograph-based" phishing website ...
Continue Reading

Think Size Matters to Hackers? It Doesn’t

Aug 30, 2018 11:02:37 AM By Stu Sjouwerman
The largest of organizations aren’t the only ones being hit with cyberattacks. Everyone from the SMB on up is at risk and is actively a target.
Continue Reading

Google Warns of Govt-Backed Phishing

Aug 30, 2018 10:59:09 AM By Stu Sjouwerman
This latest heads-up around phishing-based warfare from a source as reputable as Google show the need to both be watchful for and responsive to phishing attacks.
Continue Reading

New Malicious PDFs Carry Stealthy Backdoor And Exfiltrate Data Via Email

Aug 28, 2018 10:42:02 AM By Stu Sjouwerman
The Turla threat group, certainly Russian-speaking and widely attributed to Russian intelligence services, is back with a new phishing technique. The threat actor is distributing emails ...
Continue Reading

Suspicious Emails Are a Problem…to the Tune of 6.4 Billion a Day!

Aug 28, 2018 9:31:24 AM By Stu Sjouwerman
Even with authentication, identification, and validation frameworks and solutions in place, the number of potentially malicious emails remains staggering.
Continue Reading

Universities Are Still Targeted With Phishing Attacks By Iranian Hackers

Aug 25, 2018 9:06:51 AM By Stu Sjouwerman
Secureworks® Counter Threat Unit™ (CTU) researchers reported that despite indictments in March 2018, the Iranian threat group is likely responsible for a large-scale campaign that ...
Continue Reading

Democratic National Committee Thought it was Under Attack (It Was A Red Team Phishing Test...)

Aug 23, 2018 10:52:01 AM By Stu Sjouwerman
The FBI received a report from the US Democratic National Committee (DNC) that unknown actors sought access to a voter database through a phishing campaign.
Continue Reading

[Heads-up] Russian Hackers Widen Their Cyber Attacks Again With Spear Phishing Political Targets

Aug 21, 2018 8:45:36 AM By Stu Sjouwerman
The GRU, the Russian military intelligence spy agency which was responsible for the 2016 election cyber attacks, is at it again and are now targeting the U.S. Senate and conservative ...
Continue Reading

Phishing is Still the #1 Cyber-Fraud Tactic

Aug 17, 2018 10:35:35 AM By Stu Sjouwerman
Online, e-commerce and mobile fraud are on the rise, according to RSA, with 41% of successful attacks enabled by phishing scams.
Continue Reading

Scam Of The Week: SharePoint Phishing Attack On Office 365 Users

Aug 16, 2018 3:03:49 PM By Stu Sjouwerman
The attack dubbed “PhishPoint” by Cloud Security vendor Avanan demonstrates the craftiness and extent cybercriminals will go to in order to harvest Office 365 credentials.
Continue Reading

Is IT Even Trying to Thwart Social Engineering Attacks?

Aug 13, 2018 11:18:42 AM By Stu Sjouwerman
With so much else on their plate, are today’s IT organizations doing enough to protect the organization against social engineering and phishing attacks?
Continue Reading

Social Media Facial Recognition Could Make the Bad Guys Worse

Aug 13, 2018 10:05:57 AM By Stu Sjouwerman
Trustwave shows how the latest advancements in technology could be used to aid cybercriminal activity.
Continue Reading
Subscribe

Search Our Blog


Comprehensive Anti-Phishing Guide

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews