• Cybersecurity

Phishing Tactics: 2023 Trends

Knowbe4 Post Image

The results of KnowBe4’s 2023 Phishing By Industry Benchmarking Report are in!

Highlights from the comprehensive report:

  • In North America, ransomware continues to threaten organizations of all sizes and industries.
  • Given the success of ransomware over the last few years, cybercriminals have not needed to make major changes to their tactics, which continue to create a lucrative and profitable business model for them. The ransomware-as-a-service (RaaS) model comprises many successful attacks in North America.
  • Because most organizations have become reasonably good at restoring their data, in 2019, ransomware groups began to focus on getting access to and transferring data to use it as additional leverage. Cybercriminals know that information is power, and they use the threat of the public release of information as a significant source of leverage to get paid. This damages an organization’s reputation and can also be crippling from the potential fines from regulatory agencies.
  • Less publicly visible but just as devastating, another type of cybercrime, business email compromise (BEC), continues to surface as a prolific attack type.
  •  One key differentiator of BEC compared to other types of cybercrime is that BEC typically does not include any attachment or link in the email, indicators that many people have become suspicious of and that technical controls have a chance at spotting. Instead, BEC relies purely on social engineering and emotional manipulation to drive victims to take the attacker’s intended action. BEC attacks are very effective because they prey on employees’ trust in their colleagues. In many cases, the victim will not even think to question the email’s authenticity and will simply follow the instructions.
  • Vendor email compromise (VEC) is a growing threat to businesses. In a VEC attack, the attacker gains access to the email account of a trusted vendor and then uses that account to send fraudulent emails to the vendor’s customers.

Train your employees to spot these tactics and keep your network safe! Citynet partners with security awareness training leader, KnowBe4 and offers a free trial of this vital security platform. Contact us today!

Download Full Report

Like This Post?

Facebook
X
LinkedIn
Pinterest

More Posts

Ticket Scam QR Image
Cybersecurity

You’ve Been Served… a Scam!

Beware of Fake Toll Violation Text Messages Cybercriminals are constantly evolving their tactics to trick people into giving up sensitive information. One of the latest scams circulating involves fake toll violation notices sent by text message. At first glance, the message looks convincing. It claims you have an unpaid traffic toll that must be paid immediately. The text often includes

March 11, 2026
Blog Cybercrime Calling Image
Cybersecurity

Cybercriminals Are Now Calling Your Employees

Is Your Business Prepared? Cyber threats are evolving, and one of the fastest-growing tactics right now is social engineering through trusted communication platforms. Instead of trying to hack their way in, cybercriminals are increasingly talking their way in. Attackers are impersonating IT staff, executives, vendors, and even coworkers via phone calls and collaboration tools such as Microsoft Teams, Webex, and other messaging

March 5, 2026
Laptop Typing With Icons Image
Cybersecurity

Shadow IT: The Apps Your Employees Use That IT Doesn’t Know About

When most businesses think about cybersecurity risk, they picture hackers breaking in from the outside. But one of the fastest-growing risks isn’t external at all. It’s happening inside your organization…quietly, unintentionally, and often with good intentions. It’s called Shadow IT. And it’s growing faster than most businesses realize. What Is Shadow IT? Shadow IT refers to any software, app, cloud platform,

February 23, 2026
Teamwork People Tablet Image
Cybersecurity

The New Employee Is Your Biggest Security Risk

(And It’s Not Their Fault) When businesses think about cybersecurity risk, they often picture hackers, ransomware, or sophisticated phishing attacks. But one of the most common — and overlooked — security risks starts on day one: A new employee. Not because they’re careless.Not because they’re malicious.But because onboarding and offboarding processes often leave dangerous gaps. If those gaps aren’t managed

February 23, 2026
Umbrella Covering Laptop Cybersecurity Image
Cybersecurity

The New Reality of Cyber Insurance Requirements for Small Businesses

Cyber insurance used to feel like a safety net. Today, it’s starting to feel more like an application for a mortgage. Across the country, insurance providers are tightening requirements, raising premiums, and even denying claims when businesses don’t meet modern cybersecurity standards. Many small and mid-sized organizations are discovering this shift the hard way, during policy renewal or after filing

February 19, 2026
Citynet Red Siege Webinar Post Image
Cybersecurity

Citynet and Red Siege Webinar Inside the Attacker’s Playbook

Cybersecurity isn’t just about defense — it’s about understanding how real attackers think. Join Citynet’s Craig Behr and Red Siege’s Tim Medin for an upcoming webinar, Inside the Attacker’s Playbook, where we’ll break down how real-world offensive operations uncover gaps — and how organizations can use those insights to reduce cyber risk before it becomes a business problem. Play Video

February 5, 2026
View All Posts

SuperPod with WiFi 6E

Plume SuperPod WiFi 6E Specs

SuperPod with WiFi 6

Plume SuperPod WiFi 6 Specs

SuperPod

Plume SuperPod Secs