CyberheistNews Vol 15 #41 [AI Misuse Alert] New Phishing Campaign Uses AI Tools to Evade Detection

[AI Misuse Alert] New Phishing Campaign Uses AI Tools to Evade Detection

Microsoft warns that a recent phishing campaign used AI technology to obfuscate its payload and evade security filters.

“Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and a synthetic structure to disguise its malicious intent,” the researchers write.

“In analyzing the malicious file, Microsoft Security Copilot assessed that the code was ‘not something a human would typically write from scratch due to its complexity, verbosity, and lack of practical utility.'”

The attackers used a compromised small business email account to send the phishing emails, which posed as file-sharing notifications. If a user opened the attached file, they would be redirected to a webpage designed to steal their credentials.

Microsoft notes, “The attackers employed a self-addressed email tactic, where the sender and recipient addresses matched, and actual targets were hidden in the BCC field, which is done to attempt to bypass basic detection heuristics.”

The researchers warn that this campaign is part of a larger trend of threat actors using AI tools to assist in “Like many transformative technologies, AI is being adopted by both defenders and cybercriminals,” Microsoft says.

“While defenders use AI to detect, analyze, and respond to threats at scale, attackers are experimenting with AI to enhance their own operations, such as by crafting more convincing lures, automating obfuscation, and generating code that mimics legitimate content.

Even though the campaign in this case was limited in nature and primarily aimed at US-based organizations, it exemplifies a broader trend of attackers leveraging AI to increase the effectiveness and stealth of their operations. This case also underscores the growing need for defenders to understand and anticipate AI-driven threats.”

Blog post with links:
https://blog.knowbe4.com/new-phishing-campaign-uses-ai-tools-to-evade-detection

[Live Demo] Intelligent Email Defense: Automate, Remediate and Train from One Platform

As cyber attackers continue to outpace traditional defenses, it’s not a question of if, but when sophisticated attacks will bypass your email security controls.

Phishing attacks are surging at an unprecedented 1,265% rate since 2022, largely driven by AI advancements. Most concerning, 31% of IT teams take more than 5 hours to respond to reported security issues, leaving your organization vulnerable during those critical hours when threats remain active in your users’ inboxes.

During this demo, you’ll discover how PhishER Plus can help take control back from rising AI phishing risks by:

• Transforming your users into active threat sensors with one-click reporting via the Phish Alert Button
• Accelerating response times with AI-powered automation that reduces manual email review by 85-99%
• Providing comprehensive threat intelligence from a network of 13+ million global users and third-party integrations
• Removing threats automatically from all mailboxes with PhishRIP before users can interact with them
• Converting real attacks into targeted training opportunities with PhishFlip

Discover how PhishER Plus combines AI and human intelligence to transform your users from security risks into your most valuable defenders.

Date/Time: TOMORROW, Wednesday, October 15 @ 2:00 PM (ET)

Save My Spot:
https://info.knowbe4.com/phisher-demo-1?partnerref=CHN2

Securing the Human-AI Boundary: Why the Future of Cybersecurity Must Train People and AI Agents

By Stuart Clark, SVP Product Management

The cybersecurity landscape is undergoing its most dramatic transformation since the dawn of the internet.

AI has become integral to business operations. Goldman Sachs estimates that agentic AI/AI agents will account for approximately 60% of software market value by 2030, and Gartner predicts that 40% of enterprise applications will integrate task-specific AI agents by 2026, up from less than 5% today.

This has resulted in the emergence of an entirely new attack surface that demands unprecedented security strategies.

For years, cybersecurity teams have rallied around a single guiding principle: humans are the weakest link — over 60% of breaches involve human error, with phishing and social engineering consistently ranking among the most effective attack vectors.

Now, as AI agents enter the workplace en masse, we’re not just dealing with human vulnerabilities, we’re facing the compound risk of human-AI interaction vulnerabilities that cybercriminals are already beginning to exploit.

The Dual-Edged Nature of AI in Cybersecurity

AI presents a fascinating paradox in cybersecurity. On one hand, it’s a powerful defensive tool, capable of detecting anomalies, automating responses and processing threat intelligence at superhuman speeds. On the other hand, it’s becoming both a sophisticated attack tool and a high-value target.

Threat actors are leveraging AI to craft more convincing phishing emails, generate deepfake content for social engineering attacks and automate reconnaissance activities. Simultaneously, they’re developing new attack vectors specifically designed to manipulate AI systems through techniques such as prompt injection, model poisoning and adversarial inputs.

Beyond Gateway Defense: The Need for Defense-in-Depth

Traditional cybersecurity approaches focus heavily on perimeter defense, firewalls, intrusion detection systems and endpoint protection. While these remain important, they’re insufficient for the AI-integrated workplace of 2025 and beyond.

The most critical security gap lies in the interaction layer between humans and AI agents. This is where social engineering meets AI, creating new vulnerabilities that existing security frameworks simply weren’t designed to address.

Consider these emerging threat scenarios:

• Prompt Injection Attacks: Malicious actors craft inputs designed to manipulate AI agents into performing unauthorized actions, potentially bypassing security controls or extracting sensitive information.
• AI Agent Impersonation: Cybercriminals could deploy rogue AI agents that masquerade as legitimate enterprise tools, collecting credentials and sensitive data from unsuspecting employees.
• Human-AI Social Engineering: Sophisticated attacks that exploit the trust relationship between employees and AI systems, potentially using compromised AI agents as insider threats.

Why the Human-AI Boundary Matters

The arrival of AI in the workforce doesn’t eliminate the human factor — it amplifies it. That’s why KnowBe4’s mission is to protect the two most critical and vulnerable elements of modern security:

• The Human Layer: Empower employees to safely interact with AI, recognize manipulation attempts and validate AI-generated outputs.
• The Agent Layer: Secure the agents themselves from malicious prompts, data exfiltration attempts and unauthorized tool usage.

[CONTINUED] at the KnowBe4 blog:
https://blog.knowbe4.com/securing-the-human-ai-boundary-why-the-future-of-cybersecurity-must-train-people-and-ai-agents

The 90-Day AI Compliance Blueprint: Protecting Your Business from Regulatory Blindspots

The AI compliance landscape is transforming from theoretical to critical – practically overnight. With the EU AI Act now active, federal mandates accelerating, and state regulations multiplying, your organization faces immediate compliance obligations affecting everything from hiring practices to AI system governance. Recent high-profile lawsuits and enforcement actions prove the stakes are real and the time for you to prepare is now.

Join KnowBe4’s John Just, Chief Learning Officer, and Kala Cadwell, Courseware Services Director, as they cut through the complexity and deliver practical strategies to help your organization navigate this rapidly changing environment. They’ll provide a practical 90-day implementation roadmap that transforms regulatory complexity into strategic advantage.

You’ll discover:

• The compliance timeline that matters to you and which AI regulations affect your operations today and which are coming in the next 6-12 months
• Role-specific training requirements for HR, IT and leadership teams to ensure proper AI governance
• Common compliance pitfalls revealed through recent enforcement actions and how to avoid them
• Practical assessment tools to identify your organization’s highest-priority compliance gaps
• How you can streamline your AI compliance training deployment and demonstrate regulatory readiness

Don’t wait until enforcement actions target your industry. Join us to confidently execute a compliance plan that protects your organization and empowers your workforce.

Date/Time: Wednesday, October 22 @ 2:00 PM (ET)

Save My Spot:
https://info.knowbe4.com/cmp-webinar-oct25?partnerref=CHN

Cyber Risk Still #1: Why AI Is Raising the Stakes – and the Opportunities

If you’re wondering what keeps business leaders up at night, the latest Aon Global Risk Management Survey has a clear answer: cyber attacks and data breaches. Once again, they top the list as the #1 risk to organizations worldwide — and the problem isn’t getting any smaller. In fact, Aon’s Cyber Risk Report shows incidents jumped 22% in 2025 alone.

What’s behind this surge? In short, rapid digital transformation. As companies embrace generative AI, automation, and new digital platforms, they’re not just unlocking efficiency — they’re also creating new openings for attackers. The result: cyber threats are no longer confined to the IT department.

They ripple across every part of the enterprise, from supply chains and customer data to brand reputation.

And while cyber risk still leads the pack, other threats are quickly climbing the ranks. Geopolitical volatility is expected to leap from the 21st biggest risk in 2023 to the top five by 2028, and AI-related risks are skyrocketing from 49th to 8th in the same time frame. It’s clear: the risk landscape is evolving fast.

But here’s the silver lining — risk and opportunity often come hand in hand.

[CONTINUED] Blog post with Top 10 Current 2025 Risks Graphic:
https://blog.knowbe4.com/cyber-risk-still-1-why-ai-is-raising-the-stakes-and-the-opportunities

New eBook: CISO’s Guide to Reducing Human Cyber Risk

Humans are both your biggest risk and your greatest defense when it comes to cybersecurity. While security awareness training (SAT) has been the standard, today’s evolving threat landscape calls for a more strategic approach: Human Risk Management (HRM).

Our new eBook, CISO’s Guide: Top 4 Considerations for Human Risk Management, breaks down how CISOs are moving beyond basic training to adopt proactive, layered strategies that address the real behaviors driving risk.

Inside, you’ll discover:

• The key differences between SAT and HRM
• Why now is the time to embrace HRM
• Why HRM needs more than a “people-first” label
• The metrics and ROI that matter most

If you’re ready to move past checkbox compliance and take control of your human risk, this guide is for you.

Download Now:
https://info.knowbe4.com/ciso-guide-top-4-considerations-human-risk-management-chn

Security Leaders Cite AI-Driven Phishing Attacks as a Top Concern

A new report has found that nearly 40% of security leaders believe their orgs are least prepared for phishing and other social engineering attacks. According to the report from VikingCloud, these concerns are driven by the increasing use of AI tools to assist in cyberattacks.

“Generative or agentic AI-driven phishing attacks (51%) are leadership teams’ top concern when it comes to new cyberattack techniques,” the report says. “Last year, only 22% of respondents said that their leadership teams were concerned about generative AI phishing attacks.

“This suggests that more leadership teams recognize the perils of AI-driven attack methods, especially as agentic AI becomes more ubiquitous and makes bad actors even more dangerous, efficient, and relentless than generative AI alone. Generative AI model prompt hacking (45%) and AI-vishing (voice deepfake) attacks (43%) are the other two most concerning modern threats.”

The report adds, “Cybersecurity leaders say their top 3 challenges are that (1) AI is creating new attack points (53%), (2) the tech behind cyberattacks is more sophisticated than the tech their teams have access to (36%), and (3) modern cybercriminals are more advanced than their internal teams (36%).”

In addition to lowering the bar for unskilled threat actors, nation-state hackers are also using AI to assist in their attacks.

“These hackers typically focus on long-term access, IP theft, and espionage, and they typically infiltrate by exploiting third-party software vulnerabilities,” the report says. “Many are leveraging AI to scale their attacks. Most businesses’ standard security practices and tools aren’t built to detect or defend against these advanced threats.”

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

Blog post with links:
https://blog.knowbe4.com/security-leaders-cite-ai-driven-phishing-attacks-as-a-top-concern

Let’s stay safe out there.

Warm regards,

Stu Sjouwerman, SACP
Executive Chairman
KnowBe4, Inc.

PS: KnowBe4 Earns Triple Recognition in Q3 2025 with Industry Awards for Human Risk Management, Sustainability Leadership and Corporate Responsibility:
https://www.prnewswire.com/news-releases/knowbe4-earns-triple-recognition-in-q3-2025-with-industry-awards-for-human-risk-management-sustainability-leadership-and-corporate-responsibility-302575465.html

You can read CyberheistNews online at our Blog
https://blog.knowbe4.com/cyberheistnews-vol-15-41-ai-misuse-alert-new-phishing-campaign-uses-ai-tools-to-evade-detection

Warning: Job Scams Surge by More than 1000%

Job-related scams surged by more than one thousand percent between May and July 2025, according to new research from McAfee. Job seekers are particularly vulnerable to scams, since they’re expecting to receive unsolicited messages and are more likely to overlook red flags:

The researchers offer the following advice to help users avoid falling for these attacks:

• “For job seekers: If someone contacts you about a job you didn’t apply for, especially mentioning benefits or asking for personal information upfront, pump the brakes. Real recruiters don’t typically lead with benefit details or ask for sensitive data in initial communications.
• For online shoppers: Those delivery notifications and deal alerts you’re getting? Slow down before clicking. Go directly to the retailer’s official website or app instead of clicking links in texts or emails.
• For anyone with financial concerns: If an offer sounds too good to be true (instant loans, credit repair miracles, investment opportunities), it probably is. When you’re stressed about money, that’s exactly when scammers strike hardest.
• For tech enthusiasts: Being excited about new technology is great, but scammers are counting on that excitement to make you click faster than you think. Always verify tech-related communications through official channels.”

The researchers conclude that awareness is an essential layer of defense against social engineering attacks.

“The data is crystal clear: scams aren’t just increasing, they’re exploding across every category that matters to everyday people,” McAfee says. “Job hunting, shopping, managing money, staying current with technology. These criminals are systematically targeting the most essential aspects of modern life.

“But here’s what the scammers don’t want you to know: awareness is your best defense. They rely on speed, emotion, and distraction. The moment you slow down, verify independently, and think critically, their whole game falls apart.”

McAfee has the story:
https://www.mcafee.com/blogs/internet-security/scam-alert-the-alarming-reality-behind-2025s-explosion-in-digital-fraud/

A Surge in Text Message Scams Targets Younger Americans

A new report warns of a significant spike in SMS phishing (smishing) scams targeting younger Americans between 18 and 29 years old. The report, released by Consumer Reports, Aspen Digital, and the Global Cyber Alliance, also found that 30 percent of people who experienced a cyberattack or scam this year said it began over a text message or a messaging app, compared to 20 percent last year.

“Phishing was still the most common type of scam or attack that people experienced, with 39 percent of those who had experienced an attack or scam saying that the scam used messages or emails purporting to be from a legitimate source asking for personal information,” the researchers write.

Additionally, the report states, “Nearly half of American consumers have personally encountered a cyberattack or a digital scam. Alarmingly, 1 in 5 of those who say they have personally encountered a scam or cyberattack—or about 1 in 10 Americans overall—say they lost money to the scam.”

Users can protect themselves against scams by following security best practices. Komal Bazaz Smith, Chief Business Officer of the Global Cyber Alliance, stated, “Many scams succeed not because of technical genius but because people don’t know or don’t follow basic steps to protect themselves.

Strong passwords, multifactor authentication, privacy-protecting web browsers – these things aren’t glamorous, but they are lifesaving. As this report makes clear, real progress depends on collective action: individuals making safer choices, industry building more secure products, and governments holding criminals accountable.”

AI-powered security awareness training gives your organization an essential layer of defense against social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day.

Consumer Reports has the story:
https://www.consumerreports.org/media-room/press-releases/2025/10/consumer-reports-study-finds-surge-in-texting-and-messaging-scams

What KnowBe4 Customers Say

“Every so often, you come across people whose professionalism, character, and spirit make collaboration a genuine pleasure. I want to take a moment to recognize a few such individuals I’ve had the good fortune to work with at KnowBe4 over these past few years.

• Ben S. brings an uplifting energy that’s absolutely contagious.
• Sarah M. brings patience and guidance that make complex projects feel manageable.
• Max B. approaches his work with passion and genuine connection.
• Kyle F. has shown *extraordinary perseverance and good humor* through months of troubleshooting.
• John J., thank you for making it possible for me to attend KB4-CON.
• Janette M.’s patience, encouragement of my ideas, and gentle knack for keeping me on track.

These aren’t just business relationships. They’re partnerships built on shared values, persistence, and a belief that good people working together can make the internet a better place for everyone. I’m grateful to have crossed paths with such a remarkable group of people. THANK YOU!! You deserve all the flowers. 💐💐💐💐

– C.D., Cybersecurity Awareness Program Manager IT