Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Report: AI-Powered Phishing Fuels Ransomware Losses

    KnowBe4 Team | Sep 12, 2025

    iStock-1199488164AI-powered social engineering attacks are significantly more successful than traditional attacks, according to a new report from cyber risk management firm Resilience.

    The researchers state, “Social engineering attacks fueled 88% of material losses, with AI-powered phishing achieving a 54% success rate compared to just 12% for traditional attempts.”

    AI allows attackers to easily craft sophisticated phishing emails, as well as voice and video deepfakes. These attacks will grow increasingly harder to detect as AI technology improves.

    “The era of obviously fake phishing emails is over,” the researchers write. “According to CrowdStrike’s 2025 Threat Hunting Report, 78% of enterprises experienced at least one AI-specific breach this year.

    “Cybercriminals are leveraging artificial intelligence to create more convincing phishing campaigns, voice synthesis for fraudulent calls, and sophisticated browser-based attacks that bypass multi-factor authentication. In our portfolio, 1.8 billion credentials were compromised in the first half of 2025 alone—an 800% increase since January. This credential harvesting is feeding a new wave of identity exploitation that’s proving increasingly difficult to detect and defend against.”

    Notably, the researchers warn that ransomware accounted for 91% of losses in the first half of 2025, despite representing only 9.6% of total claims.

    “Perhaps most disturbing is the evolution of ransomware tactics,” Resilience says. “In at least two recent cases, threat actors located and referenced their victim’s cyber insurance policy to calibrate their ransom demands. In one instance, attackers explicitly stated they had set their demand below the client’s policy limit—turning insurance coverage into a roadmap for extortion.”

    AI-powered security awareness training can give your organization an essential layer of defense against social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    Resilience has the story.

     

    Return To KnowBe4 Security Blog

    AI-Powered Security Awareness Training Demo

    KnowBe4 AIDA — Artificial Intelligence Defense Agents: a suite of agents that up-levels your approach to human risk management.

    AIDA Logo

    With AIDA you can:

    • Ensure your SAT is consistent with your organization’s broader security initiatives by aligning with the NIST Phish Scale Framework
    • Dramatically free up your security team's time by reducing how long it takes your admins to create remedial training
    • Improve relationships between your security team and other departments by ensuring users are aligned with security objectives
    • Ensure flexibility in your security budget to invest in other key initiatives by actively managing human risk
    • Maximize the value of your existing security tech stack with AIDA’s seamless integrations

    Request A Demo

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/products/aida-demo

    Topics: Phishing, Cybersecurity, Human Risk Management, AI

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk best practices, compliance strategies and industry research to help organizations strengthen their human defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Gartner Magic Quadrant
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest insights, trends and security news. Subscribe to CyberheistNews.