Knowbe4 Warns Of Rising AI-Driven Phishing Threats

The latest findings from KnowBe4 serve as a firm warning: the digital battle is becoming more intense, and enterprises are facing an increase in complicated phishing attacks—and every industry be concerned!

Prior to this alarming analysis, KnowBe4's earlier report exposed the education sector's obvious vulnerability and emphasized a systemic lack of readiness for growing cyberattacks. This context highlights how serious this particular danger scenario is and shows that no industry is secure.

TechDogs-"An Image Showing Cybersecurity Shield With Digital Network"

Source

How Are Cybercriminals Outsmarting Security?

The analysis of information from KnowBe4 Defend verifies a startling fact: traditional security measures are being weakened by cybercriminals using AI-driven tactics with alarming efficiency.

Why Are Phishing Emails So Hard To Spot Now?

The numbers are self-evident. A notable 17.3% rise in phishing emails was seen between September 15, 2024, and February 14, 2025, indicating a purposeful and more intense effort of the attack.

The complexity of these attacks is more alarming than their sheer volume. AI integration was examined in a resounding 82.6% of phishing emails that were investigated enabling attackers to create incredibly convincing and flexible campaigns intended to escape detection.

Why Is Ransomware Becoming More Common?

The growth in ransomware payloads presents a critical threat. There's been a 22.6% rise over six months, with a 57.5% increase in the last three, which shows the escalating risk. The potential impact of attacks like the INC Ransom payload, detected by KnowBe4 Defend, is disastrous, threatening not only data integrity but operational continuity and financial stability.

How Are Hackers Getting In?

According to the report, phishing hyperlinks, malware, and social engineering payloads invade systems at shocking rates—36.8%, 20%, and 14.2% increases, respectively—indicating a serious breach in standard security measures defenses. Additionally, a 57.9% increase in attacks coming from hacked accounts points to a serious weakness in the monitoring methods in place.

TechDogs-"An Image Showing Phishing Key"

Source

Think You Can Trust That Email?

The report points out the platforms and brands most often exploited. DocuSign, PayPal, Microsoft, Google Drive, and Salesforce are prime vectors, using their trusted status to deceive users. Similarly, Microsoft, DocuSign, Adobe, PayPal, and LinkedIn are consistently impersonated, exploiting brand recognition for malicious gain.

Polymorphic phishing, which changes with each attack and is now in 76.4% of campaigns, is a major step up in threat level. These AI-driven variations dodge traditional security measures, presenting a dynamic and elusive threat.

Furthermore, the employment process is being deliberately targeted by the attackers, as seen by the 64% of attacks aimed at engineering positions and the intentional exploitation of unauthorized access to vital data and systems.

Why Are Traditional Security Measures No Longer Effective?

Jack Chapman, SVP of threat intelligence at KnowBe4, emphasizes the imperative for a holistic security strategy. He states, “As ever, innovation in phishing threats and defenses is accelerating rapidly.”

“In this report, we have observed cybercriminals evolving their tactics, leveraging ransomware and polymorphic campaigns with new strategies to evade detection by both traditional and advanced technologies. As we move through 2025, both phishing threats and defenses will continue to evolve, emphasizing a holistic approach that integrates technical defenses with human risk management. A strong security culture starts with detection but is reinforced by awareness, continuous education, and adaptive technology.”

Why Should You Act Now On Cyber Threats?

The message is clear: Looking at the curve, organizations are required to adapt to the evolving threat landscape with urgency. Investment in cutting-edge technologies, comprehensive employee education, and a fortified security culture are non-negotiable.

Do you think your organization is fully prepared for the latest cyber threats?

Let us know in the comments below.

First published on Fri, Mar 21, 2025

Enjoyed what you read? Great news – there’s a lot more to explore!

Dive into our content repository of the latest tech news, a diverse range of articles spanning introductory guides, product reviews, trends and more, along with engaging interviews, up-to-date AI blogs and hilarious tech memes!

Also explore our collection of branded insights via informative white papers, enlightening case studies, in-depth reports, educational videos and exciting events and webinars from leading global brands.

Head to the TechDogs homepage to Know Your World of technology today!

Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. While we aim to provide valuable and helpful information, some content on TechDogs' site may not have been thoroughly reviewed for every detail or aspect. We encourage users to verify any information independently where necessary.

Tags:

Cyber AttackCyber ThreatCybercrimeInternet SecurityRansomwareKnowBe4 Phishing Attacks AI-Driven Threats Ransomware Surge Cyber Threat Landscape Polymorphic Phishing Cybersecurity Employee Awareness Advanced Threat Detection

Join The Discussion