KnowBe4 Blog

Phishing

Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.

Report: The Tycoon 2FA Phishing Kit Has Evolved

The Tycoon 2FA phishing-as-a-service platform is now using OAuth device code phishing to compromise devices that are protected by multifactor authentication, according to eSentire’s ...

AI Alone Won’t Stop the Breach: Why Email Security Needs Humans-on-the-Loop

2026 has officially become the year of speed, scale and support. The delta between a phishing email landing and a full organizational compromise has shrunk to mere seconds.

Robinhood Glitch Allowed Attackers to Send Phishing Emails to Customers

A phishing campaign exploited a glitch in Robinhood’s account creation process to send phishing emails from the investment platform’s own systems, SecurityWeek reports.

Report: Romance Scams Cost UK Victims £102 Million Last Year

UK residents lost £102 million ($138 million US) to romance scams in 2025, according to a new report from the City of London Police.

Warning: Phishing Attacks Are Abusing the Kuse AI App

Attackers are abusing the storage and sharing features of Kuse, a free AI app, to assist in phishing campaigns, according to researchers at Trend Micro. Kuse is a legitimate agentic AI ...

Phishing Campaign Exploits Google AppSheets to Target Facebook Accounts

Researchers at Guardo Labs are tracking a major phishing campaign that abused Google AppSheet as a relay to send phishing emails. The researchers identified more than 30,000 Facebook ...

FTC: Americans Lost $2.1 Billion to Social Media Scams Last Year

A new report from the US Federal Trade Commission (FTC) has found that Americans lost $2.1 billion in 2025 to scams that began on social media. Nearly 30% of people who reported losing ...

Traffic-Themed SMS Phishing Targets Users Around the World

Researchers at Bitdefender are tracking 40 separate SMS phishing (smishing) campaigns impersonating transport authorities, toll operators, and parking services around the world. The ...

Phishing Attacks Begin Targeting the 2026 FIFA World Cup

A major phishing operation is targeting soccer/football fans ahead of the 2026 FIFA World Cup, which begins in June, according to researchers at Flare. The attackers have set up at least ...

Warning: Netflix Phishing Scams Can Lead to Serious Consequences

Researchers at Bitdefender warn that Netflix-themed phishing attacks can have far-reaching consequences if users follow poor security practices. While Netflix is generally associated with ...