17 Nov Phishing Campaign To Stop Email Fraud From KnowBe4 And Cybercrime Magazine
“Who’s Being Phished” 30-second video series PhishingCampaign.com
–Steve Morgan, Editor-in-Chief
Sausalito, Calif. – Aug. 12, 2020
KnowBe4 and Cybercrime Magazine launched a global phishing campaign against phishing campaigns on November 18, 2019.
The two companies have teamed up on a new public service program aimed at increasing awareness of phishing scams and the severe damage they are continuing to inflict on businesses and society.
More than 90 percent of successful hacks and data breaches start with phishing scams, according to KnowBe4. Phishing is the most prevalent cyber threat to every organization and employee across the globe.
Everyone knows what phishing is, except for the fact that they really don’t. And that may be the biggest cyber risk of all. The point is, just about every employee and Internet user is able to explain, at some basic level, what phishing is. But they barely know enough to protect themselves and their employers from the various types of phishing attacks that are swirling around cyberspace.
Cybercrime Magazine took to the streets of New York City (just before the COVID-19 pandemic) in a quest to find out who knows what about phishing scams.
Who’s Being Phished Campaign
Episode #1: Wealth Management Advisor, Fortune 500 Mutual Company
“I’ve been doing this for 37 years and have a few hundred million dollars under management, and clients who depend on me to keep all their information secure. I have not heard of spear phishing but would like to learn more about it. I try to stay alert but I don’t know if there’s any specific things I need to be watching for.”
Episode #2: Vice President at a $130 million global media agency
Do you know what phishing is? “Not really, to be honest…” Do you know what spear phishing is? “I’ve never heard of the term…” Has your company done any formal training? “We may but I haven’t personally attended any training like that.” Do you want to learn more about phishing? “I guess yes it’s good to be informed about this stuff…”
Episode #3: Employee perks space for Fortune 500 companies
Do you know what a phishing scam is? “I don’t know what a phishing scam is. I’ve never heard of it.” Do you know what spear phishing is? “Yeah. Yeah. When you throw a spear at a fish to catch it. Right? What is it?”
Episode #4: Business director at ad agency in Toronto, Montreal, and New York
Have you or anyone you know ever been phished? “I receive those emails all the time.” Has your company done any formal training? “No. It’s something I would be interested in learning more about.”
Episode #5: Donor Relations Manager, Non-Profit Research Foundation
“I don’t know that much … We have a really loose spam filter on our email and phishing scams get through all the time. We’ve had a couple of close calls where it looks legitimate, but it’s not.” Do you know what spear phishing is? “I don’t know what that is.”
Episode #6: UX Designer, Global Fashion Company
Do you know what phishing is? “Yes, but I’m not exposed, maybe because we have like a firewall, or whatever it is you call it, for security reasons.” Do you know what spear phishing is? “I’m not aware of that term.”
Episode #7: CPA, Midsize Accounting Firm
Have you ever received a phishing email? “I know that you can get these emails where you click on a link, then you wind up getting hacked. Sorry, not a link, it’s the attachment.” Do you know what spear phishing is? “Never heard of it. Is that a hacking term?”
Episode #8: Awareness and Fundraising, Humanitarian Organization
Do you know what phishing is? “Phishing is fraudulent email activities where they’re trying to get your personal information to take advantage of you and take funds or whatever it is that they’re trying to do.” Do you know what spear phishing is? “Is that actually trying to get the funding?”
Episode #9: Brand and Marketing Analyst, $75B+ French Multinational Company
Do you know what phishing is? “I’ve heard of it, but I’m afraid I’m not an expert on that matter.” Do you know what spear phishing is? “I must say it’s the first time I’ve heard of spear phishing.” Has your company done any formal training? “We have conversations about overall global cybersecurity.” Would you want to learn more? “Yes, because I think it’s important to know all the scams that are around in cybersecurity.”
Episode #10: Broker, Large Insurance Firm
Do you know what a phishing scam is? “You get emails from people trying to get your information by clicking links. Then they can get into your system and corrupt your data, or take your money, all kinds of things.” Have you or anyone at your company been phished? “We get a lot of attempts but I’ve never experienced being phished before.” Do you know what spear phishing is? “I don’t know what spear phishing is.”
Episode #11: Coordinator – Office Projects, $1B+ International Law Firm
Do you know what phishing is? “Someone posing to be someone else in order to get information that you don’t actually want to give them.” Do you know what spear phishing is? “No, I don’t.” Best guess? “A more targeted phishing method?”
Episode #12: Graphic Designer, Small Accelerator Firm
Do you know what phishing is? “Other than the literal fish, no.” Do you know what spear phishing is? “I’m guessing trying to catch something. Probably data?” Has your company done any formal training? “No.” Would you like to learn more about spear phishing? “Yes. I will probably go look it up when I get back to my hotel.”
Episode #13: Consultant, Government Organization
Do you know what phishing is? “It’s an easy way for applicants to get targeted in the career search process.” Have you or anyone you know ever been phished? “People have tried to phish me. You have to have an eye for it.” Do you think you have an eye for it? “My grandmother wouldn’t, but I’ve been trained a little bit.” Do you know what spear phishing is? “No, other than the activity of spearfishing in the ocean.”
Episode #14: Commercial Real Estate Broker
Have you or anyone you know ever been phished? “It happened to another firm in the field. We had to stop a deal until they could figure out what was going on.” Do you feel you are a cyber expert at this point? “No. I’m just somebody who was born in a specific generation that grew up around computers. I know enough to know when I don’t know the answer.” Do you know what spear phishing is? “No, I don’t know if I’ve run into it before.”
Episode #15: Nonprofit Organization Founder
Do you know what phishing is? “I don’t know much about phishing scams.” Do you know what spear phishing is? “No, that sounds like more phishing that I don’t know about.” Do you want to learn more phishing? “Anything with the word scam sounds dangerous, so yes.”
Do you know what phishing is? “I don’t know too much about phishing scams other than I think people send emails trying to get personal information.” Do you know what spear phishing is? “No, other than going out in the ocean and stabbing something large.” Would you want to learn more about spear phishing? “Sure. Who doesn’t want to be protected?”
Episode #17: Financial Consultant, Global Firm
Do you know what phishing is? “I know that a lot of people that aren’t tech-savvy aren’t aware of how phishing scams work. If they were to actually fall for some of these security breaches, it could leak out a lot of important information, rather it’s client information or just data from the company in general.” Do you know what spear phishing is? “Spear phishing? No.”
Episode #18: Attorney, International Law Firm
Do you know what phishing is? “Phishing is a way to circumvent obligations and the regulations of the law regarding areas of privacy and compliance by people that want to take advantage of the lack of knowledge of others in the matters of security.” Do you know what spear phishing is? “I haven’t heard about that. What is it?”
Episode #19: Hospitality Supervisor, International Law Firm
Do you know what phishing is? “A phishing scam, to my understanding, is something that somebody sends as a link and when you click on it, it gives you a virus.” Do you know what spear phishing is? “No, I don’t know what that is. You can inform me about it.”
Episode #20: Editor, Global Publishing House
Do you know what phishing is? “I know phishing scams exist but I don’t know that much about them.” Do you know what spear phishing is? “I’ve never heard of that.” Would you want to learn more about spear phishing? “I would love to learn more.”
Do you know what phishing is? “They send an attachment to an email that encrypts the data on your computer.” Have you ever received a phishing email? “I got an email that a FedEx package was trying to be delivered. It looked funny so I didn’t open it, and then someone called and asked if I got the package. I opened that email and it said I had to send them three bitcoins.” Do you know what spear phishing is? “No.”
Episode #22: Video Producer, Non-Profit Firm
Do you know what phishing is? “Someone steals your password on an Internet website or pretends to be someone else to get personal information so they can get access to your identity and your finances.” Do you know what spear phishing is? “No. I can’t keep up with the terminology these days.”
Episode #23: Co-Founder, Small Non-Profit Firm
Do you know what a phishing email is? “I really don’t. I’m sure it’s something horrible that I should be aware of.” Do you know what spear phishing is? “No. I don’t. I’m embarrassed to admit it, but I really don’t know what that is.”
Episode #24: Independent Auditor, Global Accounting Firm
Have you or anyone at your company been phished? “I definitely have experienced a phishing email. It looked almost like an email that would come from my company but there were little things that differentiated it from a normal email.” Do you know what spear phishing is? “I do not.”
Episode #25: Communications Consultant
Do you know what a phishing email is? “I don’t know very much at all, but I did just have an experience where I found this amazing deal on Instagram for discounted boots and I bought them, but I got Gucci socks instead.” Do you know what spear phishing is? “No. Nothing. What is spear phishing?”
Episode #26: Conference Planner, Consumer Electronics Firm
Do you know what a phishing email is? “It’s when they send you an email trying to phish you into something or hook into your address book.” Have you or anyone you know ever been phished? “They sent emails to all of my friends telling them that I was being held captive and I needed 10,000 dollars.” Do you know what spear phishing is? “I’ve never heard of it.”
Episode #27: International Technology Firm Employee
Do you know what a phishing email is? “It’s an email that simulates an email one would receive from one’s boss or someone within one’s firm but its aim is to scam or to access information that the sender shouldn’t be able to access.” Do you know what spear phishing is? “I know nothing.”
Episode #28: Events Director, Fashion Brand Startup
Do you know what a phishing email is? “A phishing email? I’m not totally secure on that knowledge.” Do you know what spear phishing is? “I’m not too aware of spear phishing in emails.” Would you want to learn more about spear phishing? “I would definitely love to learn more about it.”
Episode #29: Video Producer, Bicoastal Production Firm
Do you know what a phishing email is? “I will say I do not know much about them, only that I am the recipient of a lot of them.” Do you know what spear phishing is? “Unfortunately, I am not familiar with spear fishing. I would love to learn more about that.
Episode #30: Lead Business Analyst, Global Financial Firm
Do you know what a phishing email is? “Basically an email that is sent by a hacker trying to get information from you by asking you to click on something or by having an urgency type of message saying click now.” Do you know what spear phishing is? “No, I don’t know what that is.”
Episode 31: CEO, Founder & CEO, Small Ride Hailing Firm
Do you know what a phishing email is? “That’s when you get an email from someone, for example, it’s supposed to be your bank, but it’s actually not, and they’re asking you for your personal information.” Do you know what spear phishing is? “Oh, besides swimming around and taking a spear, going for fish, I have no idea.”
Episode 32: Sales Rep, Global Custom Gifting Firm
Do you know what a phishing email is? “A phishing email is an email that you receive that appears like it’s coming from somebody you know, or it may not be somebody you know, asking you to open a link. Once you click on the link, an attack happens, I believe.” Do you know what spear phishing is? “I’ve never heard of that.”
Episode 33: Sales Director, Midsize Recruiting Firm
Do you know what a phishing email is? “Yes, it’s when an entity sends it trying to get you to click on a link, trying to get some information. They’re going ‘fishing’ and they want you to interact with it.” Do you know what spear phishing is? “I don’t know anything about spear phishing.”
More Coming
“Who’s Being Phished” will run for an entire year with 52 unique episodes. It will resume airing in fall 2020 every Friday morning at 8 a.m. EST — and is intended to get more users trained up on cybersecurity.
Cybercrime Magazine will be in New England to film the next group of employees on who knows what about phishing.
Go here to learn more about phishing, and the various types of phishing techniques that are being used to obtain personal information from users.
– Steve Morgan is founder and Editor-in-Chief at Cybersecurity Ventures.
Go here to read all of my blogs and articles covering cybersecurity. Go here to send me story tips, feedback and suggestions.
Sponsored by KnowBe4
KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering. We are a leader in the Gartner Magic Quadrant and the fastest-growing vendor in this space. We are proud of the fact that more than 50 percent of our team are women.