Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Since March 2025, the KnowBe4 Threat Labs team has observed a surge in phishing attacks that exploit Google’s AppSheet platform to launch a highly targeted, sophisticated campaign impersonating social media platform giant Meta.

Many of today’s most damaging scams are built on repeatable, well-understood patterns. The legal world defines four core elements of fraud with direct applicability to today’s phishing, impersonation, and account takeover (ATO) threats: By understanding this structure, security leaders and fraud teams can spot threats earlier and counter them more effectively.

Online fraud remains a significant and rapidly expanding threat in today's cyber threat landscape. According to the FTC, consumers in the U.S. lost a staggering $12.5 billion to fraud in 2024, a 25% surge from the previous year. The most commonly reported category? Imposter scams. This difficult-to-intercept form of fraud alone accounted for $2.95 billion of those losses.

I got this Coinbase-related scam in my personal inbox last week. Coinbase is one of the world’s largest cryptocurrency exchange sites. So big and trusted, it’s the first cryptocurrency exchange to be added to the US S&P 500. I’ve been a Coinbase member from the beginning, so this email got my attention. I was pretty skeptical from the start, and upon further exploration, it was definitely a scam.

Credit card and banking information is one of the major targets for data breaches and other cyber attacks. These details are sold on the black market and cost businesses and consumers billions in losses every year. Victims who learn early about stolen information typically take measures to prevent future use, such as canceling cards and changing online passwords. However, data breach notices are easy to miss, and countless active cards remain for sale on the dark web.

If you’re searching for the best domain takedown service, chances are your brand has already been impersonated, or you’re proactively trying to stop that from happening. Either way, you know the stakes: malicious sites that mimic your brand can destroy trust, harvest credentials, and cost your business real revenue. Of course, ‘best’ depends on your threat landscape and internal priorities.

Retail fraud is becoming increasingly normalized in the US and UK as ‘refund hacks’ are promoted to consumers by organized crime gangs looking to recruit both knowing and unwitting digital mules. This positioning of fraudulent activity as a ‘refund hack’ deliberately hides its illegal nature. Combined with growing awareness of fraud techniques – both online and offline – it’s driving consumer acceptance of casual fraud. This is bad news for retailers.

The cat-and-mouse game of cybersecurity never stops, and cyber deception in active defense gives defenders a powerful edge. Sun Tzu’s ancient wisdom “All warfare is based on deception” fits modern cyber defense strategies perfectly. Outsmarting adversaries has become just as crucial as blocking them.