Quantum Route Redirect: Anonymous Tool Streamlining Global Phishing Attack

Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke KnowBe4 Threat Labs has uncovered an emerging advanced phishing campaign targeting Microsoft 365 users ...

When a “Contact Us” Form Becomes “Contact a Cybercriminal”

Lead Analysts: Lucy Gee and James Dyer Cybercriminals want their payday. Unfortunately for the targets of phishing (and the organizations they work for) that means they’re constantly ...

The Technical Sophistication Behind the "Free" Gift Scam: Evading Detection

Below is an example of a sophisticated survey scam phishing email that KnowBe4’s Threat Lab team has been monitoring as discussed in “The Hidden Cost of "Free" Gifts: How Survey Scams Are ...

The Hidden Cost of "Free" Gifts: How Survey Scams Are Evolving to Steal Financial Data

You've probably seen them: enticing online offers for free products from brands you trust, like a Yeti beach chair from Costco or an emergency car kit from AAA.

The Attacker’s Playbook: A Technical Analysis of Quishing and Encrypted SVG Payloads Used in HR Impersonation Phishing Attacks

In this series, we first explored the psychology that makes HR phishing so effective, then showcased the real-world lures attackers use to trick your employees. Now, we’re going under the ...

That ‘Urgent Payroll Update’ Email is a Trap: A Look at the Latest HR Phishing Tactics

Phishing attacks impersonating HR are on the rise. Between January 1 – March 31, 2025, our Threat Lab team observed a 120%surge in these attacks reported via our PhishER product versus ...

Cybersecurity Human Resources Risk: Why HR Is Targeted

We all trust HR - or at least we do when we think they’re emailing us! Data from KnowBe4’s HRM+ platform reveals that phishing simulations with internal subject lines dominate the list of ...

Phishing Deep Dive: EU-Affiliated Survey Platform Exploited in Sophisticated Credential Harvesting Campaign

Lead Researchers: James Dyer and Louis Tiley Between May 5 and May 7, 2025, KnowBe4 Threat Lab identified a phishing campaign originating from accounts created on the legitimate service ...

Capital One Customers Targeted By Credential Harvesting Phishing Campaign

The KnowBe4 Threat Lab has identified an active phishing campaign impersonating Capital One.

Threat Actors Are Using AI-Generated Audio to Impersonate U.S. Officials

The FBI is warning that threat actors are impersonating senior US officials in phishing attacks designed to compromise users’ accounts.