Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

Human Risk Management Blog

Social Engineering

Latest social engineering news, analysis, tactics the bad guys are using and what you can do to defend your organization.

View Topics

Jun 18, 2025 9:20:32 AM By KnowBe4 Threat Lab

Phishing Deep Dive: EU-Affiliated Survey Platform Exploited in Sophisticated Credential Harvesting Campaign

Lead Researchers: James Dyer and Louis Tiley Between May 5 and May 7, 2025, KnowBe4 Threat Lab identified a phishing campaign originating from accounts created on the legitimate service ...

Jun 16, 2025 4:43:26 PM By KnowBe4 Team

Protect Yourself: Vishing Attacks Are Growing More Sophisticated

Researchers at Google’s Mandiant have published a report on voice phishing (vishing) attacks, noting that these attacks have served as initial access points for recent waves of ransomware ...

Jun 13, 2025 11:54:43 AM By Roger Grimes

What Is AI?

What is AI really? Throughout this article, I will remove the hype and get to the most honest answer ever.

Jun 12, 2025 10:27:32 AM By Javvad Malik

How a Fake Cybersecurity Firm Became a Real Threat

Picture this: it's 2021. You're an IT professional, scrolling through LinkedIn, when a message pings. "Bastion Secure," a new cybersecurity company, is hiring. The pay? Excellent.

Jun 11, 2025 12:34:03 PM By KnowBe4 Team

OpenAI Report Describes AI-Assisted Social Engineering Attacks

OpenAI has published a report looking at AI-enabled malicious activity, noting that threat actors are increasingly using AI tools to assist in social engineering attacks and influence ...

Jun 9, 2025 2:36:46 PM By KnowBe4 Team

Warning: Crooks Are Using Vishing Attacks to Compromise Salesforce Instances

A criminal threat actor tracked as “UNC6040” is using voice phishing (vishing) attacks to compromise organizations’ Salesforce instances, according to researchers at Google’s Threat ...

Jun 6, 2025 8:38:25 AM By KnowBe4 Team

What Are The Key Components Of A Successful Human Risk Management Program?

When it comes to cybersecurity, organizations face an ever-present and often underestimated threat: human risk.

Jun 6, 2025 8:37:54 AM By Roger Grimes

Fake MFA Reset Warning Message

A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish).

Jun 5, 2025 9:03:54 AM By KnowBe4 Team

FBI Alert: Extortion Gang Targets Law Firms With Social Engineering Attacks

The FBI is warning that the Silent Ransom Group (SRG) is targeting law firms with IT-themed social engineering attacks and callback phishing emails.

Jun 5, 2025 9:03:36 AM By KnowBe4 Team

Copyright-Themed Phishing Lures Target Europe

A phishing campaign is targeting European countries with lures themed around copyright infringement, researchers at Cybereason warn.

Jun 3, 2025 12:56:04 PM By Javvad Malik

The Worsening Landscape of Educational Cybersecurity

Last year, KnowBe4's report "Exponential Growth in Cyber Attacks Against Higher Education Institutions" illustrated the growing cyber threats facing universities and colleges.

Jun 2, 2025 9:32:56 AM By Javvad Malik

Beyond Credentials: When Every Data Point Becomes a Weapon

You know what's interesting about data breaches? Everyone focuses on credit card numbers and financial data, but the reality is that every piece of information has value to someone.

Jun 2, 2025 9:32:40 AM By KnowBe4 Team

French Users Targeted by Major Phishing Campaign

Researchers at IBM Security warn that a major phishing campaign is targeting users in France, incorporating leaked personal data to make the emails more convincing.

May 29, 2025 4:25:31 PM By KnowBe4 Threat Lab

Capital One Customers Targeted By Credential Harvesting Phishing Campaign

The KnowBe4 Threat Lab has identified an active phishing campaign impersonating Capital One.

May 27, 2025 4:04:16 PM By Roger Grimes

If I Had Only 20 Seconds To Teach People How To Avoid Scams

Human risk management involves more than security awareness training, but training is a huge part of the mix.

May 19, 2025 4:43:03 PM By KnowBe4 Team

Warning: Phishing Kits Can Auto-Generate Tailored Login Pages

Commodity phishing kits are increasingly serving dynamically generated phishing pages, according to researchers at ESET.

May 16, 2025 2:08:30 PM By KnowBe4 Team

Email-based Attacks Accounted for Most Cyber Insurance Claims Last Year

Business email compromise (BEC) attacks and funds transfer fraud (FTF) accounted for 60% of cyber insurance claims in 2024, according to a new report from Coalition.

May 13, 2025 3:32:36 PM By KnowBe4 Team

How to Protect Your Business from Scattered Spider's Latest Attack Methods

Mandiant warns that the Scattered Spider cybercriminal group is using “brazen” social engineering attacks to target large enterprise organizations in a wide range of sectors.

May 7, 2025 2:08:58 PM By Cindy Zhou

Warning: Phishing Campaign Impersonates the US Social Security Administration

Researchers at Malwarebytes warn that phishing emails are impersonating the US Social Security Administration (SSA) to trick users into installing the ScreenConnect remote access tool.

May 1, 2025 4:29:20 PM By Stu Sjouwerman

Email Remains the Top Attack Vector for Cyberattacks

Email is still the most common attack vector for cyber threats, according to a new report from Barracuda.

Subscribe

Search Our Blog


New call-to-action

Subscribe To Our Blog

Posts By Topic

View all

Get the latest insights, trends and security news. Subscribe to CyberheistNews.