Overview
- KnowBe4’s latest Phishing Threat Trends report finds that 86% of campaigns in the past six months used AI, marking a further rise from prior years.
- Attackers are moving beyond email into calendar invites and workplace chat, with a 49% jump in calendar‑invite lures and a 41% rise in Microsoft Teams impersonation attempts.
- Use of reverse proxies to steal Microsoft 365 logins surged 139%, as these look‑alike gateways sit between a user and the real site to capture credentials and session tokens.
- Microsoft reports AI‑crafted lures are 4.5 times more effective than human‑written ones, and FBI data shows US cybercrime losses hit $20.87 billion last year with about $893 million tied to AI‑related fraud.
- Industry voices urge defenses that watch behavior and protect identities, including continuous leak monitoring and Zero Trust access, so a stolen password cannot unlock broad systems.