Clearwater, FL, USA
2010
  |  By KnowBe4 Team
The INC ransomware-as-a-service (RaaS) operation has grown into one of the premier ransomware offerings, claiming hundreds of victims in 2026 alone, according to researchers at Acronis. The attackers target a broad range of industries, but have recently prioritized entities in the legal sector.
  |  By KnowBe4 Threat Lab
Lead Analysts: Jeewan Singh Jalal and Louis Tiley KnowBe4 ThreatLabs tracked phishing campaign activity from the first week of April through June 22, 2026 — covering the pre-tournament build-up, tournament kickoff and the first twelve days of live match play. Our latest intelligence adds crucial mid-tournament telemetry (June 15-22), a newly identified reply-back campaign track and additional infrastructure intelligence.
  |  By Erich Kron
Cloud email has become the center of modern business. Regardless of your organization's industry or size, email connects employees, customers, vendors, executives, financial systems and critical business processes. Unfortunately, attackers know this too. For cybercriminals, compromising an email account is often like finding the master key to a building. Once inside, they may be able to steal information, impersonate employees, redirect payments, spread malware or gain access to other systems.
  |  By Javvad Malik
I saw a venn diagram on social media. One circle is Shadow IT, one circle is Shadow AI, a substantial overlap, and the implicit message is that they are effectively the same challenge. They aren’t and that the assumption can lead to many problems. Looking back, shadow IT was like watching a crash in slow-motion. Employees using technology IT hadn't sanctioned. Personal Dropbox accounts. Unofficial Slack workspaces.
  |  By KnowBe4 Team
A new report from SpyCloud has found that phishing attacks have exposed employee data at 86% of Fortune 100 companies over the past 12 months, with the technology, airline and automotive sectors being hit the hardest. The researchers also found that 78% of organizations experienced an increase in phishing volume over the past year. Additionally, 84% of respondents named AI-assisted phishing as their top concern, followed by business email compromise (BEC) attacks.
  |  By Anna Collard
Remember when "social media safety" meant advising employees not to post pictures of their security badges or laptop screens? Back then, corporate risk and personal scrolling felt like two entirely separate worlds. Today, that boundary has completely dissolved. Social media has become a primary staging ground for sophisticated social engineering attacks targeting your workforce, and their families.
  |  By KnowBe4 Team
Imposter scams were the most commonly reported type of fraud in 2025, with Americans reporting $3.5 billion in losses, according to new data from the US Federal Trade Commission (FTC). Reported losses have increased nearly three times since 2020, and the true number is likely much higher since many scams go unreported. Losses across all types of fraud surged to $16 billion, a 25% increase compared to 2024.
  |  By KnowBe4 Team
Multiple sophisticated phishing kits are now focusing on harvesting device codes to breach accounts without a password, according to researchers at LevelBlue. “Device code phishing exploits a legitimate Microsoft authentication flow to harvest Microsoft 365 access and refresh tokens without ever capturing a password,” the researchers explain. “The core mechanic is straightforward: whoever initiates the authentication request receives the resulting tokens.
  |  By KnowBe4 Team
A newly surfaced extortion brand called “Pink” is using voice phishing and fake IT support calls to breach organizations, the Register reports. The threat actor may be a rebrand of prior extortion groups, including BlackFile and Redact, though its tactics remain the same.
  |  By KnowBe4 Team
Threat actors are increasingly abusing workplace collaboration tools like Microsoft Teams to launch social engineering attacks, according to researchers at Palo Alto Networks’s Unit 42. Attackers are sending Teams messages that impersonate IT personnel, asking users to approve a multifactor authentication prompt. Both criminal and nation-state threat actors are using this social engineering technique to compromise organizations’ environments.
  |  By KnowBe4 | Securing Humans & Agents
What is the single best piece of security advice? Pausing.
  |  By KnowBe4 | Securing Humans & Agents
AI add-ons can automate everything from travel to banking—but are they opening backdoors to your private data? Here is what to look for before granting permissions.
  |  By KnowBe4 | Securing Humans & Agents
What if you could build a complete, personalized security awareness course from a single prompt — in seconds? KnowBe4's AIDA Content Creation Agent does exactly that. Powered by our decade of AI innovation, it generates e-learning modules instantly — and goes far beyond basic content generation: Deepfake Face Injection — Insert real members of your team into training visuals using safe, consensual deepfake synthesis. Your people, your culture, your training.
  |  By KnowBe4 | Securing Humans & Agents
Unexpected delivery texts are one of the most common smishing tricks out there. Here is why you should never click the link, and what to do instead!
  |  By KnowBe4 | Securing Humans & Agents
Have you noticed a spike in sketchy job offers since starting your career search? Here is how automated bots turn your profile details against you, and the major red flags to watch out for.
  |  By KnowBe4 | Securing Humans & Agents
POV: you finally found free cybersecurity training that doesn't make you want to fall asleep. CAPY offers bite-sized cyber safety lessons for your whole family. Under 4 minutes. No login. No cost. Just real tips that actually stick. Kids, parents, seniors — there's a path for everyone.
  |  By KnowBe4 | Securing Humans & Agents
Creating urgency, triggering reactions, and bypassing logic—sound familiar? Whether it's a 3 a.m. meow or a fake security alert, the tactics are the same. Don't be the catch of the day. Learn to spot the "phish" before you click!
  |  By KnowBe4 | Human Risk Management
Think phishing is just a corporate email issue? Think again. Scammers use compromised accounts and lookalike profiles on social media to target you where you least expect it. Stay sharp, verify outside the app, and don't get reeled in by sketchy links!
  |  By KnowBe4 | Human Risk Management
A Flashy pop-up + a huge ransom demand = FAKE. "Your files aren't encrypted." It's theater designed to panic you into paying. Close the browser. Don't click and don't pay. Real ransomware doesn't need the dramatics. Fake ones do.
  |  By KnowBe4 | Human Risk Management
You just unboxed your child’s new device...now what? Default settings are built for clicks, not kids. Use these tips to set them up for safety success on day one.
  |  By KnowBe4
Your employees are your largest attack surface. For too long the human component of cybersecurity has been neglected, leaving employees vulnerable and creating an easy target for cybercriminals to exploit. But your users want to do the right thing. Rather than a hurdle to be overcome, organizations need to think of their employee base as an asset, once properly equipped.
  |  By KnowBe4
Want to read this bestseller? Register now for your free (instant 240-page PDF download) Cyberheist e-book and learn how to not be the next victim! Cyberheist was fully updated and written for the IT team and owners / management of Small and Medium Enterprise, which includes non-profits, local and state government, churches, and any other organization with more than a few thousand dollars in their bank operating account.
  |  By KnowBe4
Hackers have become increasingly savvy at launching specialized attacks that target your users by tapping into their fears, hopes, and biases to get access to their data. Cybersecurity is not just a technological challenge, but increasingly a social and behavioral one. People, no matter their tech savviness, are often duped by social engineer scams, like CEO fraud, because of their familiarity and immediacy factors.
  |  By KnowBe4
Spear phishing emails remain a top attack vector for cybercriminals, yet most companies still don't have an effective strategy to stop them. This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Don't get caught in a phishing net! Learn how to avoid having your end users take the bait. Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, will cover techniques you can implement now to minimize cybersecurity risk due to phishing and social engineering attacks.
  |  By KnowBe4
Anything but 100% completion on your employee compliance training is often more than simply frustrating. Compliance audits and regulatory requirements can make anything less than 100% feel like a failure. But, getting compliance on your compliance training is possible! Organizations have struggled for years with getting everyone to complete their required compliance training. This puts organizations at risk of more incidents occurring, fines or reputational damage if an employee is non-compliant.
  |  By KnowBe4
All multi-factor authentication (MFA) mechanisms can be compromised, and in some cases, it's as simple as sending a traditional phishing email. Want to know how to defend against MFA hacks? This eBook covers over a dozen different ways to hack various types of MFA and how to defend against those attacks.

KnowBe4 is the provider of the world's largest integrated platform for security awareness training combined with simulated phishing attacks. Join our more than 56,000 customers to manage the continuing problem of social engineering.

The KnowBe4 platform is user-friendly and intuitive, and powerful. It was built to scale for busy IT pros that have 16 other fires to put out. Our goal was to design a full-featured, yet easy-to-use platform.

Find Out How Effective Our Security Awareness Training Is:

  • Train Your Users: The world’s largest library of security awareness training content. Automated training campaigns with scheduled reminder emails.
  • Phish Your Users: Best-in-class, fully automated simulated phishing attacks, thousands of templates with unlimited usage, and community phishing templates.
  • See The Results: Enterprise-strength reporting, showing stats and graphs for both training and phishing, ready for management. Show the great ROI!

Human Error. Conquered.