Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Human Error is Still a Top Contributor to Cyberattacks

    KnowBe4 Team | Nov 5, 2025

    iStock-1199040494-1Human error remains the primary exploitation vector in mobile security incidents, according to Verizon’s latest Mobile Security Index (MSI).

    “At 44%, user behavior is the top cited breach contributor, just ahead of app threats, network threats, and internet threats, which were each cited by 43% of survey respondents,” the report says. “Verizon’s 2025 Data Breach Investigations Report found that around 60% of confirmed breaches involved a human element.”

    The report also found that most respondents believe AI tools are dramatically improving the effectiveness of social engineering attacks targeting mobile users.

    “AI is reshaping mobile threats in ways that draw concern from organizations surveyed,” the report says. “Of respondents, 34% say they fear that the increasing sophistication and scale of AI-powered attacks will significantly raise their exposure, and 38% say ransomware will become even more dangerous when powered by AI. In addition, 77% of respondents believe AI-assisted attacks involving deepfakes—AI-generated media that mimic real people to deceive or impersonate them—and short message service (SMS) text phishing are likely to succeed.”

    The researchers note that mobile devices offer threat actors an easy avenue for social engineering attacks, since users often use their phones for both work and personal matters.

    “Mobile devices have become the most direct path between attackers and their victims,” the report says. “Always on and deeply personal, these devices offer cybercriminals a rich opportunity to leverage sophisticated social engineering techniques that traditional security tools cannot detect. With AI enhancing the effectiveness of smishing, executive impersonation, and multifactor authentication (MFA) token theft, individuals are now even more susceptible to these social engineering techniques.”

    AI-powered security awareness training can give your organization an essential layer of defense against social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    Verizon has the story.

    Topics: Social Engineering Cybersecurity Human Risk Management

    See KnowBe4 Security Awareness Training in Action

    See how you can efficiently safeguard your organization from sophisticated social engineering threats.

    Request a Demo

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk and agent security best practices, compliance strategies and industry research to help organizations strengthen their digital defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog

    Posts By Topic

    View All