Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Phishing Campaign Targets Executives With Phony Awards

Dec 16, 2025 By KnowBe4 Team In KnowBe4
A phishing campaign is targeting executives with phony offers for awards, according to researchers at Trustwave SpiderLabs. The attackers first dupe the victims into handing over their credentials, then use the ClickFix social engineering technique to trick them into installing malware. “The campaign uses a high-value executive recognition lure, ‘Cartier Recognition Program,’ to target executives,” the researchers write.
Read Post

FAIK Everything: The Deepfake Training Playbook

Dec 16, 2025 By KnowBe4 | Human Risk Management In KnowBe4
Learn how to understand, combat, and even create synthetic media in this essential deepfake training session with Perry Carpenter, KnowBe4's Chief Human Risk Management Strategist. Deepfakes and synthetic media are no longer futuristic threats—they are here now, and organizations are already experiencing deepfake-related attacks. A May 2024 study showed that 25.9% of organizations have experienced deepfake-related attacks, with other indicators suggesting the number may be closer to 90%. It is high time to prepare people to deal with this evolving threat.
View Video
knowbe4

[Heads Up] Crafty New Phishing Attacks Abuse Free Cloudflare Pages

Dec 15, 2025 By KnowBe4 Team In KnowBe4
Malwarebytes warns that threat actors are abusing the free Cloudflare Pages service to host phishing portals, helping the phishing sites avoid detection by security scanners. The attackers are building fake login pages impersonating banking, insurance, and healthcare entities. The pages are designed to harvest credentials as well as security questions and multifactor authentication codes.
Read Post
knowbe4

Deepfake Training: A Strategic Advantage Against Emerging Threats

Dec 15, 2025 By KnowBe4 Team In KnowBe4
Deepfake attacks have become more compelling and realistic than ever before. Attackers are impersonating trusted leaders with convincing videos and voice, making it harder for employees to know what is real. Traditional awareness training is a good start, but nothing replaces first-hand exposure to real and synthetic content when it comes to telling deepfake videos from authentic ones. That’s why today we’re introducing KnowBe4’s Deepfake Training Content.
Read Post
knowbe4

Report: Phishing Has Surged 400% Year-Over-Year

Dec 10, 2025 By KnowBe4 Team In KnowBe4
Researchers at SpyCloud have observed a 400% year-over-year increase in successful phishing attacks, with a disproportionate number of attacks targeting corporate accounts. “The company tracked a 400% year-over-year increase in successfully phished identities, with nearly 40% of the 28+ million recaptured phished records containing a business email address – compared to just 11.5% in recaptured malware data,” the researchers write.
Read Post
knowbe4

Social Engineering Campaign Targets Microsoft Teams Users

Dec 10, 2025 By KnowBe4 Team In KnowBe4
Researchers at CyberProof warn that threat actors are launching phishing attacks via Microsoft Teams' “Chat with Anyone” feature, which lets external users send direct messages via email addresses. “Microsoft Teams now allows users to send direct chat invitations to any email address, even if recipients aren’t part of a Teams tenant,” the researchers explain.
Read Post

Your Digital Footprint and Why it Matters!

Dec 10, 2025 By KnowBe4 | Human Risk Management In KnowBe4
You know that trail of bread crumbs you leave across the internet? Cybercriminals love to eat them up! Every post. Every like. Every old username from 2012, it all sticks around. And scammers can use that info to guess passwords, target you, or piece together your whole life story. So post smart. Share less. Protect more.
View Video
knowbe4

Warning: Phishing Campaign Leveraging Evilginx Targets U.S. Universities

Dec 9, 2025 By KnowBe4 Team In KnowBe4
Threat actors are using the open-source phishing framework Evilginx to target universities across the United States, according to researchers at Infoblox. The attackers have targeted at least 18 universities and educational entities since April 2025, using phishing pages that spoofed student single sign-on (SSO) portals. “In the campaigns we analyzed, students were targeted via personalized emails that contained TinyURL links,” Infoblox says.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.