Human Risk Management Blog

Europol Warns of Social Engineering Attacks

Social engineering remains a primary initial access vector for cybercriminals, according to a new report from Europol.

CyberheistNews Vol 15 #25 Microsoft & KnowBe4 Collab: Strengthen Email Security Through Strategic Integration

A Clicking Time Bomb: What To Do About Repeat Clickers

I recently had several conversations about repeat clickers. First with a Forrester analyst and then, shortly after, at KB4-CON Orlando following a presentation on the subject by Matthew ...

FTC States That Scams Cost U.S. Consumers $158.3 Billion in One Year

I am used to repeating some pretty big numbers when talking about the financial impact of cybercrimes. When you look into the data, it is pretty easy to start talking about tens of ...

Happy 2nd Birthday to Our KnowBe4 Community!

Can it be? Is it true? Two years of KnowBe4 Community!

Warning: Voice Deepfakes Continue to Improve

AI-generated voice deepfakes present an urgent threat to organizations, according to researchers at Pindrop.

Phishing Deep Dive: EU-Affiliated Survey Platform Exploited in Sophisticated Credential Harvesting Campaign

Lead Researchers: James Dyer and Louis Tiley Between May 5 and May 7, 2025, KnowBe4 Threat Lab identified a phishing campaign originating from accounts created on the legitimate service ...

KnowBe4 Collaborates with Microsoft: Strengthening Email Security Through Strategic Integration

In today's rapidly evolving threat landscape, cybercriminals are becoming increasingly sophisticated in their attack methodologies, particularly when it comes to email-based threats.

CyberheistNews Vol 15 #24 [Red Alert] How a Fake Cybersecurity Firm Turned Out a Real Threat

Protect Yourself: Vishing Attacks Are Growing More Sophisticated

Researchers at Google’s Mandiant have published a report on voice phishing (vishing) attacks, noting that these attacks have served as initial access points for recent waves of ransomware ...

Google Report Outlines the Latest Scam Trends

Researchers at Google have published a report on the latest scam trends, noting an increase in travel-themed scams targeting people preparing for their summer vacations.

Checkups and Checklists: Cyber Risk Isn’t Just a Technical Problem

There are many things in our lives we must prepare for to be ready. For other things, we wing it, or we're not prepared to deal with it at the moment.

What Is AI?

What is AI really? Throughout this article, I will remove the hype and get to the most honest answer ever.

How to Recognize Fraudulent North Korean Job Applicants

Researchers at Socure warn of an ongoing wave of employment fraud driven by North Korean IT operatives attempting to secure positions at foreign companies.

How a Fake Cybersecurity Firm Became a Real Threat

Picture this: it's 2021. You're an IT professional, scrolling through LinkedIn, when a message pings. "Bastion Secure," a new cybersecurity company, is hiring. The pay? Excellent.

Human Risk Management: Cybersecurity as a Business Enabler

Reducing human risk in cybersecurity requires a human-first approach that relies on effective training and practice for people to gain security knowledge, practice secure behavior, and ...

OpenAI Report Describes AI-Assisted Social Engineering Attacks

OpenAI has published a report looking at AI-enabled malicious activity, noting that threat actors are increasingly using AI tools to assist in social engineering attacks and influence ...

KnowBe4 Wins Big with 2025 TrustRadius Top Rated Awards

We’re proud to share that KnowBe4 has once again been recognized as a leader in cybersecurity, receiving multiple 2025 TrustRadius Top Rated Awards across our product suite.

CyberheistNews Vol 15 #23 [Heads Up] Your Kid's School Cybersecurity Gets Worse at an Alarming Rate

Spear-Phishing Campaign Targets Financial Executives

Researchers at Trellix warn of a spear-phishing campaign that’s targeting CFOs around the world with phony employment offers.