Human Risk Management Blog

CyberheistNews Vol 16 #04 The Skeleton Key: How Attackers Weaponize Trusted RMM Tools for Backdoor Access

The Skeleton Key: How Attackers Weaponize Trusted RMM Tools for Backdoor Access

Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke KnowBe4 Threat Labs recently examined a sophisticated dual-vector campaign that demonstrates the real-world ...

Report: Scammers Stole $17 Billion Worth of Crypto Last Year

Scammers stole an estimated $17 billion worth of cryptocurrency in 2025, according to a new report from Chainalysis. Notably, the report found that AI-assisted scams stole 4.5 times more ...

CyberheistNews Vol 16 #03 [New Scam] AI Deepfakes Religious Leaders to Steal Your Money

Threat Actors Exploit Misconfigurations to Spoof Internal Emails

Attackers are increasingly abusing network misconfigurations to send spoofed phishing emails, according to researchers at Microsoft. This technique isn’t new, but Microsoft has observed a ...

AI Deepfakes Are Impersonating Religious Figures to Solicit Donations

WIRED reports that deepfake attacks are impersonating pastors and other religious figures in order to scam congregations.

CyberheistNews Vol 16 #02 When You Can't Believe Your Eyes: AI and the New Misinformation Playbook

ConsentFix Attacks Fake Cloudflare Prompts

ClickFix attacks have been around for decades; only the name is new. ClickFix attacks use social engineering to trick users into clicking on buttons and links that the user is told are ...

CyberheistNews Vol 16 #01 AI & Cybersecurity in 2026: Top 10 Predictions for Threats and Defenses

Amazon Warns of Fraudulent North Korean Job Applicants

Amazon has blocked more than 1,800 suspected North Korean applicants from joining the company since April 2024, TechRadar reports. Amazon’s Chief Security Officer, Stephen Schmidt, said ...

New ConsentFix Technique Tricks Users Into Handing Over OAuth Tokens

Researchers at Push Security have observed a new variant of the ClickFix attack that combines “OAuth consent phishing with a ClickFix-style user prompt that leads to account compromise.”

Most Parked Domains Lead Users to Scams or Malware

Over 90% of parked domains now direct users to malicious content, compared to less than 5% a decade ago, according to researchers at Infoblox.

CyberheistNews Vol 15 #51 [Heads Up] Crafty New Phishing Attacks Abuse Free Cloudflare Pages

Phishing Campaign Targets Executives With Phony Awards

A phishing campaign is targeting executives with phony offers for awards, according to researchers at Trustwave SpiderLabs. The attackers first dupe the victims into handing over their ...

CyberheistNews Vol 15 #50 [NEW FEATURE] KnowBe4 Releases Deepfake Training to Combat AI Threats!

North Korean Job Invitation

A friend of mine, John D., received this outreach on Threads (see below). At first, he thought it was the standard fake employer scam, but it is more than that. It is very likely part of ...

CyberheistNews Vol 15 #49 Ghost in the Machine: How a Multi-Stage Phishing Attack Evades M365 Security

Notorious Cybercrime Group is Now Targeting Zendesk Users

ReliaQuest warns that the cybercriminal collective “Scattered Lapsus$ Hunters” appears to be using social engineering attacks to target organizations’ Zendesk instances.

Report: Sophisticated Fraud Attacks Are on the Rise

Sophisticated online fraud techniques are growing more accessible to unskilled attackers, driven by AI tools and fraud-as-a-service platforms, according to Sumsub’s latest Identity Fraud ...

CyberheistNews Vol 15 #48 [New Deepfake Danger] 1 in 5 Biometric Attacks Are Now AI-Driven