The IT Nerd

This morning, the KnowBe4 Threat Lab published a new threat alert regarding an emerging phishing attack whereby cybercriminals are exploiting companies through their ‘Contact Us’ or ‘Book Appointment’ forms. 

This alert breaks down how exactly these bad actors are leveraging these prevalent forms, examples of what it looks like, and the overall impact of such an impact. The alert finds that since September 11th, 2025, this attack form has begun to emerge, and predicts that it will only continue to increase as hackers hijack legitimate communications to meet their ends. 

For full details, the threat findings can be found here: https://blog.knowbe4.com/when-a-contact-us-form-becomes-contact-a-cybercriminal

KnowBe4 today announced new research from its 2025 Phishing Threat Trends Report Vol. Six, which finds fundamental shifts in cybersecurity attacker tactics, prompting a significant increase in phishing attack volume from compromised accounts.

Key findings from the report include: 

• Scattered Spider Destruction: The cybercriminal gang Scattered Spider breached multiple high-profile retailers in 2025, including M&S, Co-Op, Harrods and others, which caused hundreds of millions in damages and losses. These breaches spawned secondary phishing campaigns targeting customers, with attackers impersonating the compromised brands to harvest credentials. Scattered Spider’s signature tactics (including combining sophisticated social engineering, vishing, MFA bombing and credential harvesting) combine techniques that target both the technical and human layers as part of their attack methodology.
• Voice Phishing Surge: Phone-based vishing attacks increased 449% compared to 2024, with phone numbers appearing as the sole payload in 5.5% of phishing emails. Researchers discovered that 77% of callback numbers used AI-generated voices, while 69% of vishing attacks were financially motivated, requesting bank detail changes, fraudulent refunds or transfers. 
• Legitimate Platform Hijacking: Perhaps most concerning, cybercriminals increased their abuse of legitimate platforms like QuickBooks, Zoom, SharePoint, and PayPal by 67% year-to-date. These attacks pass DMARC authentication 100% of the time and often bypass traditional defenses because they originate from trusted domains. 

Download the KnowBe4 2025 Phishing Threat Trends Report. 

KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human and AI agent risk management, today announced it has reached a milestone of one million students trained through the KnowBe4 Student Edition. The KnowBe4 Student Edition security awareness training, designed for students 16 and older, tackles crucial topics like phishing and credential theft, sextortion and doxing, oversharing and digital privacy, and financial and campus scams. It prepares students to be cyber-ready today and in their future careers while also protecting them and their institutions from current attacks.

Find more information on the KnowBe4 Student Edition here.

Ben Syn, director, university and career education, KnowBe4 will speak on a panel at the Educase Conference on Tuesday, October 28 at 2:15 p.m. Central Time on the topic of “Beyond Borders: Transforming Student Cybersecurity from Obligation to Campus Culture.” The session will provide actionable strategies for improving student engagement rates, transforming cybersecurity awareness from mundane compliance to a vibrant campus culture. KnowBe4 also has a booth at the event #961.

Additionally, KnowBe4 offers a complimentary Interactive Cybersecurity Activity Kit designed for children aged five to 15 years old. This kit offers a fun and engaging way for parents and educators to teach the basics of online safety.

By Martin Kraemer, CISO Advisor at KnowBe4

In late September 2025, several European airports reported significant delays and flight cancellations due to issues with their check-in and passenger systems. Collin’s Aerospace, the vendor of the vMUSE check-in system, had been hit by a ransomware attack. 

Collins Aerospace operates ARINC AviNet, a virtual environment that hosts their ARINC vMUSE ground system for customers. Attackers exploited vulnerabilities in the ground system and its proprietary network, resulting in significant operational delays, reputational damage, and a loss of passenger trust. It is believed that the attackers accessed the shared AviNet network and subsequently encrypted portions of the ARINC Multi-User System Environment (vMUSE). 

Strategic Lessons for Executives

Despite comprehensive regulations like NIS2, most organizations significantly underestimate the security risks stemming from a lack of visibility into their vendors’ security posture. Vendor risk management is not merely a compliance checkbox but a strategic issue of resilience, as this incident demonstrates how a third-party ransomware attack can ripple across entire ecosystems. 

The incident was likely a result of security negligence. Researchers discovered several outdated systems (IIS 8.5, Glassfish 2014, Oracle 2015, and end-of-life Cisco ASA devices) that presented predictable vulnerabilities for attackers. Legacy systems represent not just technical debt but also significant business continuity risks. Therefore, modernization programs and operational investments must be integrated. 

The effort airports invest in continuity planning was evident as fallback procedures were successfully invoked. While fallback was available, it proved highly disruptive. Furthermore, when experts attempted to restore the software, they were re-infected, indicating the ransomware was still present on the system. This highlights that detection, response, and recovery must be considered as a holistic process. 

The incident clearly underscores the need to elevate cyber risk to the board level. The outage affected passenger experience, operational continuity, and brand reputation. 

Strategic Imperatives

Supply chain security requires visibility, not just assurances, to mitigate the ripple effects when a vendor is compromised. Security assurance from vendors must evolve beyond simple checkbox exercises to in-depth analysis of their practices and configurations. Merely documenting compliance with ISO 27001, NIST, and NIS2 will no longer suffice. As high-impact cyber-attacks persist, organizations, especially those in critical infrastructure, will demand greater visibility and transparency from their vendors. When it comes to maintaining a country’s operations, the focus must shift from minimizing liability to ensuring continuity. 

In sectors where legacy systems are prevalent, rigorous legacy management is essential. For systems with unpatchable vulnerabilities, compensating controls must be implemented, and a phased retirement of high-risk systems must be planned. Legacy systems are common in critical infrastructure, often deemed essential for continued operations and complex to replace. Without proper monitoring and maintenance, outdated systems and missing patches, as seen in cases like Collin’s Aerospace, will expose an organization’s vulnerabilities. 

Strengthening supply chain governance is a critical step forward. Organizations should map out dependencies, conduct joint exercises, and establish contractual obligations for security monitoring. Developing resilience by design is the optimal approach. Investments in redundancy, the development and testing of rapid recovery processes, and regular crisis simulations are valuable tools for organizational preparedness. 

Conclusion

Organizations in critical infrastructure must immediately stop prioritizing liability reduction which compliance requirements often falsely are interpreted as. Instead, nation-states must incentivize business continuity and offer guidance and oversight to small and medium businesses that cannot afford to develop their own resilience functions. Incentives must be structured so that organizations perceive expensive cybersecurity investments as worthwhile, leading to greater risk reduction and fewer losses. 

This approach is crucial for improving supply chain risk management in critical infrastructure, where adversaries are likely to exploit weaknesses. Policymakers must advocate for stronger regulatory oversight and shared responsibility models, particularly in aviation. Executives must view cybersecurity as a strategic business enabler, rather than a technical afterthought. 

KnowBe4 today announced breakthrough innovations that train both people and AI agents to defend against evolving cyber threats. According to Gartner, forty percent of enterprise applications will be integrated with task-specific AI agents by the end of 2026, up from less than 5% today. These AI agents are the new targets for theft, adversarial manipulation and misuse, which emphasizes the importance of employee AI literacy. 

For years, the human element has been involved in over 60% of breaches, including social engineering as one of the top attack vectors, confirmed in reports such as the 2025 Verizon Data Breach Investigations Report. Given the prevalence of the human element in breaches, smarter defenses that address the dynamic between humans and AI agents is integral to build a solid cybersecurity defense strategy.  

Cyber threats are growing more sophisticated through AI, but AI itself is also becoming a tool and a high-value target. While most solutions focus solely on defending at the gateway layer, KnowBe4’s HRM+ goes further, delivering true defense-in-depth. Built on 15 years of user behavior and threat intelligence data, the platform ensures that protection extends beyond the edge, securing every layer of interaction, from the productivity environment to the individual user and the AI agents themselves. This layered approach provides resilience that no other platform currently matches and includes:

• Agent-Safe Behavior Training: Just as employees learned to spot a malicious link, they must now learn how to safely interact with and oversee AI agents. 
• Prompt Injection & Manipulation Defense: Simulated attacks train global workforces to identify and resist adversarial inputs designed to hijack enterprise AI agents.
• Risk Scoring for Agent Interactions: Extending the industry-leading Risk Score to measure susceptibility to agent misuse provides comprehensive risk quantification. 

A KnowBe4 customer credits the company with being at the forefront of evolving cybersecurity needs: “Threats change and adapt far too often. KnowBe4 knows this and adapts their training to meet the current threats. AI Defense Agents in particular help quickly adapt to the evolving threat landscape.” KnowBe4 is the pioneer of AI-driven human risk management. View previous released capabilities and watch the demo presented at the KB4-CON Conference in April 2025 here.

KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human and AI agent risk management, today announced it has received three prestigious industry awards in Q3 2025. KnowBe4 was named to the Constellation ShortList™ for Human Risk Management Solutions for Q3 2025, honored with the 2025 Sustainability Leadership Award from the Business Intelligence Group, and earned the TrustRadius Tech Cares 2025 award for the sixth consecutive year. These recognitions underscore KnowBe4’s commitment to driving positive environmental and social impact while delivering an innovative cybersecurity platform that helps organizations manage risk.

Innovation in Human Risk Management

The technology vendors and service providers included in the Constellation ShortList™ for Human Risk Management Solutions for Q3 2025 deliver critical transformation initiative requirements for early adopters and fast-follower organizations.

Sustainability Leadership Recognition

The Sustainability Awards honor companies, products, projects and individuals proving that purpose-driven strategy can fuel growth. Winners are selected by a panel of business-leader judges who evaluate performance, innovation and quantifiable outcomes across environmental, social and governance (ESG) pillars.

Corporate Social Responsibility Excellence

The TrustRadius Tech Cares 2025 awards recognize B2B technology companies that have gone above and beyond to support employees and communities in the last year.

For more information on KnowBe4, visit www.knowbe4.com. 

KnowBe4, the world-renowned platform that comprehensively addresses human and agentic AI risk management, today announced its inclusion in the Microsoft Security Store Partner Ecosystem. KnowBe4 was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.

KnowBe4 is collaborating with Microsoft to help shape the development of the Microsoft Security Store, providing feedback on new features, integration experiences, and customer needs. By publishing certified offerings and AI agents that integrate seamlessly with Microsoft Security products, KnowBe4 is making it easier for organizations to discover, purchase, and deploy trusted security technologies. Through the Security Store, KnowBe4 is helping customers accelerate their security outcomes and simplify operations with products that are vetted, easy to deploy, and designed to work together.

The Microsoft Security Store is setting a new benchmark for cybersecurity procurement and deployment. By centralizing a wide range of security solutions and AI agents—organizations can now streamline how they discover, acquire, and operationalize advanced security technologies. With features like industry framework alignment, simplified billing, and guided deployment, the Security Store helps security teams reduce complexity, accelerate adoption, and maximize the value of their security investment.

KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today announced its Security Awareness Training (SAT) software has maintained its position as the number one leader in the G2 Grid Fall 2025 Report, marking over six years of leadership. Additionally, KnowBe4’s PhishER has been named the number one leader for the fourth consecutive year in the Incident Response category.

The G2 Grid Report compares SAT vendors and Incident Response software vendors based on user reviews, customer satisfaction, popularity and market presence. KnowBe4 SAT and PhishER received the highest G2 scores of 95 and 91 respectively, with KnowBe4 being the only vendor to score in the 90s across both categories.

Based on 2,153 customer reviews, KnowBe4’s SAT remains the top ranked SAT product with 98% of users rating it four or five stars. Additionally, 93% of users recommend KnowBe4 SAT to others. KnowBe4 also maintains the largest market presence among products in the SAT category, solidifying its position as the number one SAT Platform on G2 for over six years.

Based on 418 G2 customer reviews, KnowBe4’s PhishER is the top ranked Incident Response software with the highest satisfaction score among all products in the category. PhishER received multiple awards including “Best Results,” “Best Usability” and “Best Relationship,” with 97% of users rating it four or five stars.

For more information on PhishER, visit www.knowbe4.com/products/phisher-plus

To download a copy of the report on the Incident Response market, visit www.knowbe4.com/hubfs/G2-Fall-2025-Grid-Report-for-Incident-Response.pdf

For more information on KnowBe4’s SAT, visit www.knowbe4.com/products/security-awareness-training

To download a copy of the report on the SAT market, visit www.knowbe4.com/hubfs/G2-Fall-2025-Grid-Report-for-Security-Awareness-Training.pdf

KnowBe4 the world-renowned platform that comprehensively addresses human and agentic AI risk management, and Carahsoft Technology Corp., the Trusted Government IT Solutions Provider®, today announced a strategic partnership to address the human element of cybersecurity with AI-driven, behavior-based intelligence. Under the agreement, Carahsoft will serve as KnowBe4’s Public Sector distributor, making the company’s Human Risk Management offerings available to the Public Sector through Carahsoft’s reseller partners and NASA Solutions for Enterprise-Wide Procurement (SEWP) V contract.

KnowBe4’s AI-driven Human Risk Management (HRM+) platform integrates security awareness training, phishing simulation, email security and real-time coaching capabilities. KnowBe4 maintains a robust partner program and takes an innovative approach to help global organizations strengthen their security culture and transform their workforce from a potential vulnerability into a security asset. KnowBe4’s HRM+ platform is FedRAMP authorized and trusted by nearly 4,000 U.S. Federal, State and Local Government agencies.

KnowBe4 Government customer Hossam Reziqa, chief information officer for the City of Daytona Beach finds KnowBe4’s HRM+ platform especially helpful: “Any fault in our technology or error from our staff could impact thousands of city residents. KnowBe4 is, hands down, one of the best platforms to train users on emerging threats. KnowBe4 became not only a training platform, but also a tool for us to retract emails, identify risks and examine details. It’s an integral toolkit for our team to fight cybercrime.”

KnowBe4’s platform is available through Carahsoft’s SEWP V contracts NNG15SC03B and NNG15SC27B. For more information, contact the Carahsoft Team at (844) 445-5688 or KnowBe4@Carahsoft.com; or learn more about KnowBe4’s platform here. 

KnowBe4 today released its whitepaper “A Strategic Framework for Human Risk Management”. The paper outlines the core principles of a modern human risk management (HRM) approach and how organizations can apply the framework to strengthen security culture and drive measurable change in employee behavior. 

Separate from a HRM platform, the HRM framework is defined as a strategic, people-centric approach to cybersecurity that measures, manages and reduces the security risks created by human behavior. The new framework comes as a direct response to the escalating cyber landscape where human behavior continues to be a primary attack vector. Moving beyond traditional security awareness programs, the paper calls for a fundamental shift in how organizations perceive and manage the human element of security.

KnowBe4 identifies several core principles that build an effective HRM approach: 

• Measure and Benchmark: Understand current human risk levels within an organization using a baseline assessment.
• Engage and Empower: Create a culture where security is a shared responsibility, not just an IT concern.
• Adapt and Personalize: Deliver tailored training and coaching based on individual risk profiles.
• Artificial Intelligence (AI) and Automation: Use intelligent AI-driven technology to provide real-time feedback, personalized insights and automated interventions.
• Demonstrate Value: Show the measurable impact of the program on the organization’s overall security culture.

Download a copy of the whitepaper, “A Strategic Framework for Human Risk Management”, here.