CyberheistNews Vol 16 #14 [Heads Up] Clever Hackers Use Custom Fonts to Bypass AI Defenses

[Heads Up] Clever Hackers Use Custom Fonts to Bypass AI Defenses

Researchers at LayerX warn that custom fonts can fool AI web assistants into thinking phishing pages are benign, while the human user sees something completely different.

"There is a structural disconnect between what an AI assistant analyzes in a page's HTML and what a user sees rendered by the browser," the researchers explain. "In certain scenarios, such assistants can give inaccurate and potentially dangerous responses to users, and attackers can exploit this limitation to perform social engineering attacks.

"Using a custom font and CSS, HTML text can be transformed visually for the user but remain unchanged within the DOM. The DOM (Document Object Model) is the browser's internal map of everything on the page — text, buttons, links and structure — in a machine-readable form.

When a page is rendered in the browser, what the user sees is completely different from the underlying HTML. Yes, the content is still there, but it is effectively stripped away from the user's view."

LayerX tested the technique with a fake ClickFix phishing page, finding that every browser assistant failed to recognize the threat.

"We built a proof-of-concept page that appears to be a video game fanfiction, but when rendered in the browser encourages the user to perform steps that will lead to a reverse shell," the researchers write.

"When asked if the page was safe, every non-agentic assistant that we tested (ChatGPT, Claude, Copilot, Dia, Fellou, Gemini, Genspark, Grok, Leo, Perplexity and Sigma) failed to detect the 'hidden' text and confidently told the user that the page did not pose a security concern."

Most AI tools are still susceptible to this technique, so users need to be wary of potential phishing attacks.

"LayerX reached out to all the vendors impacted by our research," the company says. "However, with the exception of Microsoft, they all explained that this falls 'out of scope' of what they consider to be AI model security and involved social engineering, demonstrating once again the disconnect between what AI platforms secure and what users think they secure."

If you want to understand more detail, copy this article in your AI and tell it to explain it to you.

In the meantime, keep training those users!

Blog post with links:
https://blog.knowbe4.com/custom-fonts-can-trick-ai-assistants-into-approving-phishing-sites

[Live Demo] Ridiculously Easy AI Powered Security Awareness Training

Traditional security awareness training isn't working. 68% of breaches still involve people, yet "one-size-fits-all" programs leave your users fatigued and vulnerable. When users forget up to 90% of what they learn within a week, you need a human risk management strategy that actually sticks.

Join us for a live demo to see how KnowBe4’s Security Awareness Platform empowers your security culture. Stop wasting time on manual campaign management and let AI deliver personalized, high-impact guidance that changes behavior.

You'll see how to:

• Use an autonomous, always-on system to identify high-risk users and personalize your phishing simulations and training
• Generate hyperrealistic deepfakes of your own executives to prepare users to spot AI-driven manipulation and social engineering
• Automatically create convincing phishing simulations including modern attack styles like callback phishing, paired with the most relevant landing page
• Access the world's largest library of always-fresh security awareness and compliance training content, available in 35+ languages

See the platform trusted by over 70,000 organizations to reduce human risk and save your teams hours every week.

Date/Time: TOMORROW, Wednesday, April 8 @ 2:00 PM (ET)

Save My Spot:
https://info.knowbe4.com/kmsat-demo-1?partnerref=CHN2

Et Tu, Agent? Did You Install the Backdoor?

This week delivered a textbook example of how fast software supply chain attacks are evolving — and why they're so dangerous.

Attackers hijacked one of the most widely used packages on the internet and turned it into a delivery mechanism for malware. The target? Axios — the HTTP library that powers network requests in millions of applications and sees over 100 million downloads every week.

If you've built anything in JavaScript, odds are high it's somewhere in your stack.

Here's the kicker: the attackers didn't touch Axios's source code.

Instead, they compromised a maintainer's account, slipped in a single new dependency and pushed an update. That dependency — plain-crypto-js, registered just hours earlier — did the real damage.

On install, it quietly profiled the system, pulled down a tailored remote access trojan, executed it and then wiped itself. By the time anyone thought to check node_modules, there was nothing to see. The payload was already running — and already calling home.

This is what modern supply chain attacks look like: minimal changes, maximum impact. No obvious red flags. No lingering artifacts. Just a clean install... and a compromised machine. OUCH.

How to Secure AI Adoption in Your Organization

Your digital perimeter is no longer defined by human logins alone. As your organization transitions from blocking AI to building with it, you are effectively onboarding a new class of "digital colleagues" that operate at speed.

With Goldman Sachs estimating that agentic AI could account for 60% of software market value by 2030, the workforce is undergoing a rapid transformation. This shift introduces a new dimension of security risk.

Join Martin Kraemer, KnowBe4 CISO Advisor, for a deep dive into the practicalities of securing your AI adoption. While traditional strategy focuses on human behavior, autonomous AI agents operate without an inherent grasp of your specific risk tolerance, requiring a new approach to oversight and interaction security.

You'll learn:

• Why AI agents can be prompt-engineered just as easily as humans can be socially engineered and how to defend against both
• A look at recent AI threats, how they bypass traditional controls and how they could have been avoided
• Practical steps you can take immediately to secure AI adoption across your organization
• How to manage the interactions between your employees and AI to eliminate "Shadow AI" while encouraging sanctioned use
• Strategies for managing the risks of agents supervising other agents in production, where the pace of interaction exceeds human ability to grasp

You'll leave with clear next steps for navigating the convergence of human and AI risk, ensuring your security strategy evolves as fast as the tools your team is using.

Date/Time: Wednesday, April 15 @ 2:00 PM (ET)

Save My Spot:
https://info.knowbe4.com/how-to-secure-ai-adoption?partnerref=CHN2

Introducing Our KnowBe4 AI Agents

By Roger Grimes

Although AI seems relatively new to a lot of people, it was first officially created in 1956 and has been a large, improving branch of computer science ever since. The mass appeal of AI took off in late 2022 when OpenAI publicly released ChatGPT.

Similarly, when other Human Risk Management (HRM) vendors started jumping on the AI bandwagon, we like to remind them that KnowBe4 was the first to use AI and has been using machine learning (ML), the backbone workhorse of AI, since early 2016, and we trademarked AIDA in 2017(!) We were also the first HRM vendor to have multiple active AI agents in the market available for customers to use without requiring complicated hand-holding with customer support technicians.

KnowBe4's Artificial Intelligence Defense Agents (AIDA) allow you to successfully manage human risk with the power and efficiency of AI. This is not a marketing-only claim. We have years of experience and more data than anyone else to show the power of AI in the field of HRM. With AIDA, you can significantly reduce your organization's risk and demonstrate positive impacts on real-world user behavior.

Today, we have over a dozen AI agents, with many more ones coming all the time. Many of our agents are part of our Artificial Intelligence Defense Agents (AIDA).

Here is what we have today covering risk assessment, training and automated simulated phish testing:

[CONTINUED] Blog post with links:
https://blog.knowbe4.com/introducing-our-knowbe4-ai-agents

Meet the Microsoft Teams PAB: Security Awareness Extended to Your Safe Sanctuary

When your organization's primary workday communication moves beyond the inbox, your defense must follow. As of 2025, collaboration messages have officially surpassed email, creating a safety illusion in Microsoft Teams where 320 million daily users are significantly more likely to comply with deceptive requests.

It's time to dismantle that illusion and empower your users where they communicate most. KnowBe4 is excited to introduce the Microsoft Teams Phish Alert Button (PAB). This is a critical human-centric layer of defense designed to close the gap in the modern attack surface by transforming your users into a vigilant filter.

Learn how the Teams PAB helps:

• Dismantle the Safety Sanctuary: Force users to stop and think in an environment where identity is usually assumed to be valid.
• Establish a Unified Security Loop: Implement one reporting mechanism to manage and review threats with the same rigor across both Email and Teams.
• Reduce Operational Friction: Allow users to act as a vigilant filter to reduce the false positives often caused by clunky anti-phishing rules.
• Deploy with Zero Friction: Integrate the tool instantly via a simple toggle in the KnowBe4 console and a single ZIP file upload to the Teams Admin Center.
• Reinforce Security Culture: Make user vigilance a habit across all work applications, ensuring security awareness stays top-of-mind in high-speed chat environments.

Stop leaving your collaboration tools vulnerable and start building a unified, resilient defense that empowers your workforce to report risky messages in seconds.

Read the Full Blog Post:
https://blog.knowbe4.com/new-playground-for-cybercriminals-securing-the-microsoft-teams-frontier

Download the Free Tool:
https://www.knowbe4.com/free-cybersecurity-tools/phish-alert-button

Let's stay safe out there.

Warm regards,

Stu Sjouwerman, SACP
Executive Chairman
KnowBe4, Inc.

PS: 5 Reasons to Attend KB4-CON 2026:
https://knowbe4.cventevents.com/dmD9b4?RefId=Email7

PPS: I wear quite a few hats these days. Apart from writing this newsletter, I'm the Exec Chair of KnowBe4, I'm building a new startup called ReadingMinds.ai, and I serve on the board of a local non-profit. I thought you might like this recent video (featuring me) that we made for them!
https://www.readingminds.ai/blog/clearwater-marine-aquarium-support

You can read CyberheistNews online at our Blog
https://blog.knowbe4.com/cyberheistnews-vol-16-14-heads-up-clever-hackers-use-custom-fonts-to-bypass-ai-defenses

Report: Sophisticated Scams Use Hollywood-Style Stage Sets

An elaborate scam technique has victimized tens of thousands of people across India and will likely spread to other countries soon, the Wall Street Journal reports.

"The Indian scam, now common across the country, involves Hollywood-level production that mimics the machinery of the state, tricking people with fake police stations and courtrooms," the Journal says. "Victims are told they are under 'digital arrest' for crimes such as money laundering or drug trafficking and ordered to remain on camera for days or weeks while investigators supposedly verify their assets."

The scammers exploit victims' fear of being associated with a criminal investigation, compelling them to act quickly and without asking anyone for advice.

"The cons tend to follow a similar script," the Journal writes. "A scammer dressed in a police uniform, sitting in an office with the emblem of a law enforcement agency, calls the victim on WhatsApp. The fake cop switches on the video and begins hurling accusations of criminal activity.

"Soon comes a 'digital arrest,' followed by strict rules: keep a video call running at all times or check in regularly. Under virtual house arrest, victims are pressured into transferring money for fines, bail payments or funds temporarily held for an official audit. Some victims have sold homes or liquidated retirement portfolios."

The scam is common across India and has started targeting U.S. immigrant communities, though it seems to be limited by a lack of scammers proficient in English or other Western languages. It's worth noting that cybercriminals frequently recruit accomplices who can speak other languages, so users around the world should be prepared for this technique to spread.

Jason Tower, a senior expert at the Global Initiative Against Transnational Organized Crime, told the Journal that sets modeled after the U.S. FBI, the Royal Canadian Mounted Police and law enforcement agencies in the U.K. and Australia were found in Cambodian scam centers.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

The Wall Street Journal has the story:
https://www.wsj.com/world/india/india-scam-digital-arrest-police-courtroom-fake-793ba645

Phishing Attacks Are Exploiting the War in Iran

Criminal threat actors are taking advantage of the fear and uncertainty surrounding the conflict in the Middle East, according to researchers at Bitdefender. The researchers observed a 130% spike in phishing emails targeting Gulf countries following the first U.S.-Israeli strikes on Iran on February 28th.

"After Feb. 28, phishing and malware emails targeting Gulf countries surged and stayed elevated," the researchers write. "Within days, activity doubled and at peak reached nearly four times the baseline levels, signaling a sustained and coordinated spike rather than a one-off campaign.

"This clearly suggests that phishing and malware delivery campaigns are being deployed and adjusted in real time, with attackers capitalizing on heightened regional sensitivity and business disruptions."

While state-sponsored threat actors are conducting phishing campaigns in the region, Bitdefender believes much of this surge is driven by financially motivated attackers. Criminals frequently exploit world events to launch social engineering attacks designed to make people act quickly.

In this case, many of the attacks are using business-themed lures such as invoices, contracts, banking documents and delivery notifications, which take advantage of shipping disruptions across the region.

Bitdefender outlines the following best practices to help users avoid falling for social engineering attacks:

• Careful with unexpected attachments. Even if an email looks business-related (invoice, contract, shipment), treat attachments with suspicion, especially if you weren't expecting them. When in doubt, confirm with the sender through a separate, trusted channel.
• Don't trust file types at face value. Not all threats come as obvious .exe files. In these campaigns, malware was hidden in formats like .eml, .jar, .rar and .hta. If you're not sure what a file does, don't open it.
• Avoid opening compressed archives from unknown sources. Files delivered in .zip or .rar archives are commonly used to bypass filters and hide malicious payloads. These should always raise an extra layer of caution.
• Watch for urgency and pressure tactics. Messages that push you to act quickly (verify an account, release a payment, review a document 'immediately') are designed to override your judgment. Take a moment to verify before clicking anything.
• Check links before clicking. Hover over buttons or links to inspect the actual destination. If the domain looks unfamiliar, misspelled or unrelated to the supposed sender, don't proceed.
• Verify financial and legal requests independently. If an email involves money, contracts or sensitive data, confirm it through official channels: call the company, use a known contact or log in to your account directly instead of using email links.

Blog post with links:
https://blog.knowbe4.com/phishing-attacks-exploiting-iran-war

What KnowBe4 Customers Say

"I just wanted to tell you how much I appreciated your help and enjoyed working with you since day one of our partnership. I'd like to let your supervisor know how valuable you are to the 20,000+ employees of the largest judicial branch of government in the world.

"I hope that we can stay in touch going forward, and I look forward to hearing about your continued success with KnowBe4."

G.R. - IT Operations

1. FBI confirms hack of Director Patel's personal email inbox:
   https://www.bleepingcomputer.com/news/security/fbi-confirms-hack-of-director-patels-personal-email-inbox/
   
   
2. Leak reveals Anthropic's 'Mythos,' a powerful AI model aimed at cybersecurity use cases:
   https://www.computerworld.com/article/4151808/leak-reveals-anthropics-mythos-a-powerful-ai-model-aimed-at-cybersecurity-use-cases-3.html
   
   
3. State Department reissues $10 million reward for info on Iranian hackers:
   https://therecord.media/iran-hackers-state-department-reward
   
   
4. Scammers target Canadians with phony bread and milk price-fixing settlements:
   https://www.cbc.ca/news/canada/milk-class-action-scam-9.7148807
   
   
5. Android malware campaign spreads via 50 malicious apps:
   https://www.mcafee.com/blogs/internet-security/operation-novoice-android-malware-mcafee-research/
   
   
6. UK's NCSC warns of phishing attacks targeting WhatsApp, Messenger, and Signal users:
   https://www.ncsc.gov.uk/news/ncsc-warns-of-messaging-app-targeting
   
   
7. Akira ransomware gang completes attacks in less than an hour:
   https://www.infosecurity-magazine.com/news/researchers-subonehour-ransomware/
   
   
8. Researchers discover AI-generated phishing kit:
   https://ctrlaltintel.com/research/AiTM-Phishing/
   
   
9. Banking Trojan targets Latin America via phishing emails:
   https://www.darkreading.com/cyberattacks-data-breaches/bank-trojan-casbaneiro-worms-latin-america
   
   
10. DPRK-linked phishing attacks target users in South Korea:
    https://www.fortinet.com/blog/threat-research/dprk-related-campaigns-with-lnk-and-github-c2
    
    

• Virtual Vaca #1 - SAHARA: Journey through the Hoggar Mountains, Southern Algeria:
  https://youtu.be/hhWdtRUtguA
  
  
• Virtual Vaca #2 - Rotterdam Netherlands in 4K - Incredible Scenes & Hidden Gems:
  https://youtu.be/3fxKHxY-y0E
  
  
• Virtual Vaca #3 - 10 Best Road Trips in the USA | The Ultimate Bucket List:
  https://youtu.be/sTR_xklutdY
  
  
• [CLASSIC!] Sound of Honda - Ayrton Senna: Suzuka 1989. Senna Ghost Lap:
  https://www.youtube.com/watch?v=L5hsfCsCDp0
  
  
• Epic Climbing & Bouldering Skills:
  https://youtu.be/g0a7DOO6h0c
  
  
• UniXAI Robot starts Home Deployment in Suzhou. "Cooking & Cleaning Ready" Hmmmm:
  https://youtu.be/waYUR6ekC9s
  
  
• I BASE Jumped Out of My Motorhome:
  https://youtu.be/DvavxFBh768
  
  
• How the World's Most Remote Megaproject Went Wrong:
  https://youtu.be/00BHXAzYRTA
  
  
• Should I Buy This Car? | Aston Martin Valhalla:
  https://youtu.be/aOFcUevIEOM
  
  
• [MYTHBUSTERS CLASSIC] Can Humans Really Walk In A Straight Line Without Seeing?:
  https://youtu.be/1qE2axPWPsY
  
  
• Pure 8K Brilliance — Dolby Vision 60fps HDR at Its Finest:
  https://youtu.be/ioQihQha4uU
  
  
• Mini Skier vs Real Mountain:
  https://youtu.be/2CpkYqaiuLU
  
  
• For Da Kids #1 -Puppies Rescued From A Landfill Inspire Something Much Bigger:
  https://youtu.be/IeeFXmPxshk
  
  
• For Da Kids #2 - World's Most Adorable Badger:
  https://youtu.be/KrChYx_sFK0
  
  
• For Da Kids #3 - He Was Meant to Be Wild… But Stayed for Him Instead:
  https://youtu.be/ofMF3JQdF1M
  
  
• For Da Kids #4 - Red Pandas Think They're Terrifying and It's Absolutely Adorable:
  https://youtu.be/vcEyth44jP0
  
  
• For Da Kids #5 - Watch: Indian Army Soldiers Save Himalayan Brown Bear's Life In Siachen:
  https://youtu.be/fLgG-C393Nw