Security Awareness Training Blog

Phishing Blog

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

[INFOGRAPHIC] Q1 2021 Report Shows Users are More Savvy to COVID-19 Phishing Scams

KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. These are broken down into three different categories: social media related subjects, general subjects, ...
Continue Reading

2021 Phishing Trends Face Alarming Predictions and Will Likely Include Automated Attacks

Researchers at INKY warn that targeted phishing attacks will continue throughout 2021, as some employees return to the office and others continue working from home. They predict that ...
Continue Reading

[HEADS UP] DocuSign Issues Alert of Malicious New Hacking Tool

Earlier this week, DocuSign issued an alert that notified users of a new hacking tool. This tool is imitating DocuSign so then the bad guys can drop malware into victims' systems.
Continue Reading

Australian Organizations Increase Cyber Security Spend to Nearly A$5B in 2021

The rise in cyberattacks in Australia is seeing its natural result – organisations realizing the need to put more budget focused on cybersecurity, with the largest portion going towards ...
Continue Reading

New Phishing Attacks Bypass Secure Email Gateways Using Some Very Creative Methods

Microsoft Security Intelligence warns of phishing attacks being sent from legitimate email addresses and IP ranges, taking advantage of gateway configuration settings to ensure delivery.
Continue Reading

Phishing Attacks Using PDF Files Have Skyrocketed

Phishing attacks using PDF files have spiked over the past year, according to researchers at Palo Alto Networks’ Unit 42.
Continue Reading

The Growing WeTransfer Phishing Campaign Can Put Your Users at Risk

Researchers at Avanan have observed a phishing campaign that’s impersonating the WeTransfer file-sharing app in an attempt to steal users’ credentials. The email’s subject line states, ...
Continue Reading

[HEADS UP] New Phishing Attack With .TXT Attachment Can Steal All Your Secrets

The 360 security blog just came up with an eye opener. Recently, 360 Security Center’s threat monitoring platform has detected a new email phishing attack. This attack uses a ...
Continue Reading

UK Users Should Be Aware of Census-Themed Phishing Attacks

Users in the UK should be on the lookout for census-themed phishing attacks, according to Paul Ducklin at Naked Security. Participating in the census is mandatory in the UK, and people ...
Continue Reading

Expect More Travel-Related Phishing as the Pandemic Subsides

People need to be wary of travel-related phishing as the pandemic draws to a close, according to Fleming Shi, Chief Technology Officer at Barracuda Networks. On the CyberWire’s Hacking ...
Continue Reading

Office 365 Phishing Kits Are Being Used in a New Attack Targeting Execs and Finance

A new highly-targeted phishing campaign is seeking to compromise the online credentials of those with influence within an organization using an Office 365-themed update attack.
Continue Reading

Cybercrime Skyrocketed in the US by 55%

According to data released by StockApps, the annual loss from any type of cybercrime in the US reached $4.2 billion in 2020. This turns into billions of dollars lost, and a 55% increase ...
Continue Reading

IRS Warns of Phishing for Dot EDU Email Users

The Internal Revenue Service (IRS) has issued an alert warning about a phishing scam targeting university students. A link in the emails leads to a phishing site that asks users to enter ...
Continue Reading

Recent Phishing Scams that Managed to Bypass Email Security Filters

Researchers at Armorblox describe several recent phishing scams that managed to bypass email security filters. The first attempted to gain access to users’ Facebook accounts.
Continue Reading

There Is No Herd Immunity in the Digital World

When I was first starting off in my career, I wanted to be a doctor. As life often goes, I got waylaid. Wanting to be a doctor turned in an accounting major and CPA certification, quickly ...
Continue Reading

Aussie TV Network Taken Off Air by Ransomware

The "early-scoop" Phil Muncaster at InfoSec Mag reported: "An Australian TV network was taken off-air for over 24 hours by suspected state-backed attackers, in what it described as the ...
Continue Reading

Data Breach at Dutch Auto Shops Puts 7,3 Million Car Owners at Risk

The Netherlands is dealing with what looks like one of the largest data breaches in the nation so far. Late last week, Dutch public broadcaster NOS revealed that customer data of millions ...
Continue Reading

Phishing Remains the Most Common Form of Attack

Phishing attacks are “by far” the most common vector for data breaches, according to a new survey by the UK’s Department for Digital, Culture, Media, and Sport (DCMS).
Continue Reading

[UPDATE] What is SOAR? What Are The Pros And Potential Pitfalls?

Jessica Groopman at TechTarget's SearchSecurity forum has a great short post about SOAR, what it stands for and what the potential benefits and pitfalls are. Here is an extract with a ...
Continue Reading

Forensically Investigating Phishing To Better Protect Your Organization

The single best thing you can do to reduce cybersecurity risk in your environment is to prevent and mitigate social engineering – phishing in particular. The first and best thing any IT ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews