KnowBe4 Blog

CyberheistNews Vol 16 #17 [Heads Up] This Sophisticated Scam Should Be a Warning to All Companies

FBI: Americans Lost More Than $20 billion to Fraud Last Year

Cyber-enabled crimes cost Americans nearly $21 billion in 2025, a 26% increase from the previous year, according to the FBI’s latest Internet Crime Report. Phishing, extortion, and ...

Phishing Campaigns Abuse AI Workflow Automation Platforms

Threat actors are abusing agentic AI automation platforms to deliver malware and send phishing emails, according to researchers at Cisco Talos. The researchers observed attackers using ...

CyberheistNews Vol 16 #16 How Identity at the Edge Highlights the New Frontiers of Trust

Alert: WhatsApp Phishing Campaign Delivers Malware

A new phishing campaign is using WhatsApp messages to deliver malware, according to researchers at Microsoft. The attackers are attempting to trick users into installing malicious Visual ...

Survey: Security Leaders Emphasize Need for Workforce Education

A new survey from LevelBlue has found that a majority of Chief Technology Officers (CTOs) believe the human-related elements of their cybersecurity strategies are falling short. These ...

CyberheistNews Vol 16 #15 Anthropic's Mythos Is Not Just a Tool. It's Something You Have to Contain.

New Phishing Kit Streamlines ClickFix Attacks

A new commodity phishing kit called “Venom Stealer” allows threat actors to automate ClickFix attacks, according to researchers at BlackFog. ClickFix is a social engineering technique ...

Phishing Campaign Targets Japanese Firms During Tax Season

A criminal threat actor called “Silver Fox” is launching tax-themed phishing attacks against Japanese companies during the country’s tax season, according to researchers at ESET.

Phishing Campaign Impersonates Palo Alto Networks Recruiters

Threat actors are impersonating Palo Alto Networks recruiters to target job seekers, according to researchers with Palo Alto’s Unit 42 security team. “These attacks specifically target ...

Voice Phishing is a Growing Social Engineering Threat

Voice phishing (vishing) overtook email-based phishing as a top initial intrusion vector in 2025, according to a new report from Mandiant. Notably, vishing is live and interactive, giving ...

CyberheistNews Vol 16 #14 [Heads Up] Clever Hackers Use Custom Fonts to Bypass AI Defenses

Phishing Attacks Are Exploiting the War in Iran

Criminal threat actors are taking advantage of the fear and uncertainty surrounding the conflict in the Middle East, according to researchers at Bitdefender. The researchers observed a ...

CyberheistNews Vol 16 #13 The 'Urgency Trap': Why Time Pressure is Your Biggest Email Red Flag

Report: There Are Nearly 66 Billion Stolen Identity Records on Criminal Forums

Researchers at SpyCloud warn that the number of stolen identity records on criminal forums rose to 65.7 billion in 2025, a 23% increase from the previous year.

Criminals Are Selling Stolen Tax Forms for Cheap on the Dark Web

Researchers at Malwarebytes warn that cybercriminals are peddling stolen tax documents for as low as $4 per identity, with freshly stolen forms selling for $20 each. These documents allow ...

CyberheistNews Vol 16 #12 [Keep An Eye Out] Why Unsecured Outlook Email Is Risky

CyberheistNews Vol 16 #11 Must-Know Best Practices for Email Security

CyberheistNews Vol 16 #10 How to Spot a Phishing Website Before It Steals Your Data

CyberheistNews Vol 16 #09 Fake Video Meeting Invites Trick Users Into Installing RMM Tools