KnowBe4 Security Awareness Training

We’ve long defined cybersecurity as the technical discipline of protecting networks, data and systems. But when viewed through a geopolitical lens, then this definition is no longer sufficient. What we are dealing with today goes beyond protecting organisational data, to protecting economies, sovereignty, and increasingly, human perception.

2026 has officially become the year of speed, scale and support The delta between a phishing email landing and a full organizational compromise has shrunk to mere seconds.

World Password Day is no longer just a nudge to pick stronger passwords, it’s a moment to rethink identity. Attackers rarely “hack” systems today; they log in as you. Combine expert guidance on phishing, MFA, password managers, behavioral defenses, and new threats from AI and quantum computing to better secure your accounts now and for the future.

Researchers at Google’s Threat Intelligence Group (GTIG) are tracking a new threat actor that’s impersonating help desks to trick users into installing malware. The threat actor, which GTIG tracks as “UNC6692,” begins by sending a large volume of spam emails to the victim, then initiates contact via Microsoft Teams to ostensibly help the user block the spam.

Cybercriminals are getting smarter and faster. Social engineering attacks are evolving rapidly, and AI is making them more convincing than ever. According to the 2025 Verizon Data Breach Investigations Report, up to 68% of cyberattacks involve some form of social engineering. Meanwhile, 95% of cybersecurity professionals say AI is making phishing attacks harder to detect, and 65% believe attackers will soon rely on AI as their primary tool.

Deepfake-driven fraud has caused $2.19 billion in losses globally, with $1.65 billion reported in 2025 alone, according to an analysis by Surfshark. More than half of these losses were due to investment scams using deepfakes of high-profile figures.

A phishing campaign is targeting senior executives with social engineering attacks conducted over Microsoft Teams, according to researchers at ReliaQuest. The researchers believe former associates of the Black Basta criminal gang are running this operation.

John N Just, Ed.D. – Chief Learning Officer What’s New: Celebrating World Password Day and BeyondHappy May! This month, we are putting a major spotlight on World Password Day (May 7). While the “traditional” password might be evolving into passkeys and biometrics, the human element of authentication remains the #1 target for social engineers. To help you celebrate, we’ve released a dedicated suite of content designed to move your users beyond “Password123!” and into a mindset of strategic defense. From deep dives into the psychology of a credential harvest to practical guides on mastering password managers, our updates are built to help you strengthen your organization’s defenses. Just in time for World Password Day!  World Password Day and YouVideo ModuleCelebrate the first Thursday in May by reinforcing strong, unique password practices. This video highlights the fundamental habits needed to protect your digital identity. Cybersecurity Essentials for the Kingdom of Saudi ArabiaTraining ModuleProtect national infrastructure with NCA-aligned controls. Learn to identify social engineering warning signs and defend the Kingdom’s critical government services from evolving cyber threats. Identity Theft ExplainedVideo ModuleTrace the evolution of identity theft from phone scams to digital crimes. Understand the personal and financial impact on the real people whose information you handle.  Privileged User Security: Secure Windows Administration Training ModuleSecure the backbone of your IT infrastructure. Master privileged account management and defend Windows environments against modern attacks, including secure AI tool integration. Report It! Use the Phish Alert Button (PAB)Video ModuleMaster email security using the Phish Alert Button (PAB). Learn how to report phishing attempts to help your security team investigate attacks.  What is AI?Video ModuleBoost productivity with generative AI tools like ChatGPT. Understand data-driven learning while managing the essential privacy and cybersecurity risks of the modern AI landscape.  Why Phishing WorksVideo ModuleSee how one click triggers devastating data breaches. This video reveals the high stakes of phishing scams, including identity theft and malware infections.  Avoiding Gift Card ScamsPosterStop scammers in their tracks with this targeted awareness guide. Learn how gift card scams operate and the best ways to avoid them.  Fake Sites, Real Danger: Understanding Typosquatting DocumentOne mistyped letter could lead to a fake website. Learn how scammers profit from your honest typos by mimicking trusted URLs to steal your data.  Gift Card Scams: How They Work and How to Avoid ThemDocumentThis document reviews how gift card scams work and how to avoid them. Sir Hackalot: Royal Ravens GameGameDefend the castle in this fantasy-themed game. Sharpen your wits as you review messenger birds to distinguish legitimate royal decrees from dangerous phishing scrolls. Zero Trust: Verify EverythingDocumentStop unauthorized access and maintain continuous identity verification for every device. Master the three core principles: verify explicitly, use least privilege access and assume breach.   信頼が裏目に！取引先詐欺の手口と対策(Betrayed by Trust: Understanding and Preventing Vendor Fraud )Training ModuleProtect your organization from business email compromise. Learn to spot fradulent payment requests and implement verification steps to safeguard long-term partner relationships.*Available in Japanese only 参考資料：信頼が裏目に！取引先詐欺の手口と対策 (Document: Betrayed by Trust: Understanding and Preventing Vendor Fraud )DocumentA vital summary of scam tactics and prevention. Use this guide to enforce approval processes and multi-factor authentication for all financial requests. *Available in Japanese only ポスタ-：信頼が裏目に！取引先詐欺の手口と対策 (Poster: Betrayed by Trust: Understanding and Preventing Vendor Fraud )PosterNever skip approval processes, even with trusted partners. This poster reminds employees to stay vigilant against sophisticated impersonation scams that exploit long-term business relationships. *Available in Japanese only   NEW! – Quarterly Product Update Videos At KnowBe4, we’re always adding new features and improving our products. Watch the latest Quarterly Product Update to catch up on all the fresh content and new features that we’ve added to your KnowBe4 platform over the last quarter.  Here’s the direct link to the KnowBe4 platform support article and video: https://support.knowbe4.com/hc/en-us/articles/360015575313-Video-KSAT-and-AIDA-Quarterly-Product-Update-April-2026 Here’s the direct link to the PhishER support article and video: https://support.knowbe4.com/hc/en-us/articles/1500005726381-Video-PhishER-and-PAB-Quarterly-Product-Update-April-2026  To see all the features of the KnowBe4 platform, request your demo today! KB4-CON is one week away, have you secured your spot? This year’s event is built to help you stay ahead of today’s biggest security challenges with sessions covering:  AI-driven threats and defenses: Understand how attackers are using AI and what it takes to defend against it Product innovation and what’s coming next: Get a firsthand look at new capabilities, live demos and platform updates Real-world insights from security leaders: Hear how teams are adapting to evolving threats and building stronger security cultures  With over 40 breakout sessions, you’re sure to find plenty of reasons to join us in Orlando.  

Microsoft warns that a new criminal threat actor dubbed “Storm-2755” is launching payroll-pirate attacks against Canadian users. These attacks use social engineering to compromise employee accounts and divert salary payments to attacker-controlled bank accounts.

The AI said: Apologies. I panicked.