Human Risk Management Blog

Beyond Credentials: When Every Data Point Becomes a Weapon

You know what's interesting about data breaches? Everyone focuses on credit card numbers and financial data, but the reality is that every piece of information has value to someone.

French Users Targeted by Major Phishing Campaign

Researchers at IBM Security warn that a major phishing campaign is targeting users in France, incorporating leaked personal data to make the emails more convincing.

Your KnowBe4 Fresh Content Updates from May 2025

Check out the 25 new pieces of training content added in May, alongside the always fresh content update highlights, new features and events.

Scammers Exploit Uncertainty Surrounding US Tariffs

Cybersecurity experts are warning that scammers are taking advantage of uncertainty surrounding the U.S. administration’s tariff policies, CNBC reports.

Capital One Customers Targeted By Credential Harvesting Phishing Campaign

The KnowBe4 Threat Lab has identified an active phishing campaign impersonating Capital One.

CyberheistNews Vol 15 #21 I Got This Coinbase-Related Scam in My Personal Inbox Last Week

Threat Actors Are Using AI-Generated Audio to Impersonate U.S. Officials

The FBI is warning that threat actors are impersonating senior US officials in phishing attacks designed to compromise users’ accounts.

If I Had Only 20 Seconds To Teach People How To Avoid Scams

Human risk management involves more than security awareness training, but training is a huge part of the mix.

The Lost Art of Writing Things Down

I was once enrolled in a programming module back at university. We had been given a task, to code something, so we all sat banging out whatever code we could on our keyboards.

Impersonating Meta, Powered by AppSheet: A Rising Phishing Campaign Exploits Trusted Platforms to Evade Detection

Since March 2025, the KnowBe4 Threat Labs team has observed a surge in phishing attacks that exploit Google’s AppSheet platform to launch a highly targeted, sophisticated campaign ...

Phishing Campaign Targets International Students in the US

The FBI has issued an alert on a wave of phishing attacks targeting Middle Eastern students who are studying in the US.

The Ransomware Threat: Still Alive and Kicking

Many organizations, after a period of relative quiet, might believe the ransomware bubble has burst. The headlines may have shifted, and other emerging cyber threats might seem to ...

CyberheistNews Vol 15 #20 How to Protect Your Business from Scattered Spider's Latest Attack Methods

Beware of Coinbase Scams

I got this Coinbase-related scam in my personal inbox last week.

Warning: Phishing Kits Can Auto-Generate Tailored Login Pages

Commodity phishing kits are increasingly serving dynamically generated phishing pages, according to researchers at ESET.

Agentic AI Ransomware Is On Its Way

Agentic AI-enabled ransomware is not here yet, but likely will be very soon. I am talking this year or by 2026.

Email-based Attacks Accounted for Most Cyber Insurance Claims Last Year

Business email compromise (BEC) attacks and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024, according to a new report from Coalition.

KnowBe4 Leads the Charge Against Cybersecurity Threats with Unmatched AI Capabilities

When it comes to artificial intelligence (AI) and human risk management (HRM), not all AI is created equal.

How to Protect Your Business from Scattered Spider's Latest Attack Methods

Mandiant warns that the Scattered Spider cybercriminal group is using “brazen” social engineering attacks to target large enterprise organizations in a wide range of sectors.

The Clock Is Ticking: Why Phishing Remains The Fastest-Moving Cyber Threat in 2025

Cybersecurity professionals face an increasingly aggressive phishing threat landscape, and the 2025 KnowBe4 Phishing By Industry Benchmarking Report makes one thing crystal clear: ...