AI and the New Misinformation Playbook

When You Cannot Consider Your Eyes: AI and the New Misinformation Playbook

Within the early hours following studies of a U.S. army operation involving Venezuela, social media feeds had been flooded with dramatic photographs and movies that appeared to point out the seize of Venezuelan president Nicolás Maduro.

Inside minutes, AI-generated images of Maduro being escorted by U.S. regulation enforcement, scenes of missiles putting Caracas and crowds celebrating within the streets racked up tens of millions of views throughout numerous social media channels.

The issue? A lot of this content material was fabricated or deceptive.

Pretend photographs circulated alongside actual footage of plane and explosions, making a convincing—however deeply complicated—mixture of reality and fiction. The shortage of verified, real-time data created a vacuum, and superior AI instruments rushed in to fill it.

In line with fact-checking organizations, a number of broadly shared photographs had been generated or altered utilizing AI, regardless of showing real looking sufficient to idiot informal viewers—and even public officers.

That is precisely how trendy social engineering works.

Attackers do not depend on clearly pretend alerts anymore. Simply as phishing emails now mimic trusted manufacturers and actual conversations, AI-generated photographs more and more “approximate actuality.” They do not must be wildly inaccurate to be efficient, simply plausible sufficient to bypass skepticism and set off an emotional response.

Even skilled customers struggled to find out what was actual. Reverse picture searches, AI-detection instruments and watermarking applied sciences like Google’s SynthID will help establish manipulated content material, however they’re removed from foolproof. When pretend visuals carefully resemble actual occasions, detection turns into inconsistent and misinformation spreads quicker than fact-checkers can reply.

That uncertainty is the purpose.

In cybersecurity, we warn workers that urgency, authority and incomplete knowledge are basic manipulation ways. The identical strategies had been on full show right here. Breaking information, excessive emotional stakes and a flood of convincing visuals pushed individuals to share first and confirm later—if in any respect.

The takeaway for organizations and people is obvious: visible content material can now not be trusted at face worth, particularly throughout fast-moving occasions. Coaching individuals to pause, query sources and search for verification is simply as vital for information consumption as it’s for e mail safety.

As a result of whether or not it is a phishing e mail or an AI-generated picture, the purpose is identical: get you to consider one thing earlier than you may have time to suppose. And in right now’s risk panorama, believing is usually step one towards being misled.

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/when-seeing-isnt-believing-ai-images-breaking-news-and-the-new-misinformation-playbook

Deepfake: Empowering Your Customers to Acknowledge What AI Can Pretend

Your customers are being focused proper now. Deepfake assaults occur each jiffy, and practically half of all organizations have already been hit. When a deepfake lands in your consumer’s inbox, will they spot it or fall for it?

On this session, Perry Carpenter, Chief Human Danger Administration Strategist, and Chris Littlefield, Product Supervisor, pull again the curtain on the subsequent period of social engineering. Deepfakes, AI brokers and artificial narratives are reshaping the risk panorama and conventional coaching now not prepares customers for assaults that really feel actual.

You may learn to construct a workforce that stays calm, curious and grounded in fact, even when a rip-off sounds precisely like somebody they belief.

You may discover:

• How attackers use plausibility, framing and myth-direction to make AI-generated impersonations really feel immediately professional
• Current deepfake and voice-clone incidents that expose the place human judgment faltered—and the way higher cognitive defenses would have modified the end result
• Coaching strategies that construct narrative consciousness and emotional self-regulation, stopping each overreaction and paralysis
• Sensible verifications your workers can apply to acknowledge a pretend even when an e mail sounds proper, a voice sounds acquainted or a video “appears shut sufficient”
• NEW! KnowBe4’s Deepfake Coaching Content material reveals how you can create a customized deepfake coaching expertise that includes your individual leaders to rework summary threat into unforgettable studying moments

You may go away the webinar with the technique and instruments to assist workers acknowledge and validate AI-driven manipulation, plus measurable methods to show to management how one can scale back real-world deepfake dangers.

Date/Time: TOMORROW, Wednesday, January 14 @ 2:00 PM (ET)

Cannot attend reside? No worries — register now and you’ll obtain a hyperlink to view the presentation on-demand afterwards.

Save My Spot:
https://data.knowbe4.com/new-deepfake-training-na?partnerref=CHN2

Phishing Marketing campaign Targets WhatsApp Accounts

Researchers at Gen warn {that a} phishing marketing campaign is trying to trick customers into linking malicious gadgets to their WhatsApp accounts.

The assault begins with an unsolicited message stating, “Hey, I simply discovered your photograph!” together with a hyperlink to a spoofed Fb login web page. As a substitute of making an attempt to steal customers’ Fb credentials, nevertheless, the attackers are trying to achieve entry to victims’ WhatsApp accounts.

“This web page has two functions,” the researchers clarify. “First, it creates a way of familiarity that encourages the consumer to belief the web page. Folks anticipate Fb to ask for some sort of affirmation now and again. Seeing a login button or a verification step feels regular.

“Second, it acts because the attacker’s management panel. The web page just isn’t connecting with Fb however somewhat mediating between the sufferer and the professional WhatsApp Internet infrastructure that the attacker is abusing.”

The phishing web page both reveals a QR code or incorporates a area for the consumer to enter their cellphone quantity. The assault proceeds as follows:

• The sufferer varieties their cellphone quantity on the pretend web page.
• The web page forwards that quantity to WhatsApp’s professional “hyperlink system by way of cellphone quantity” characteristic.
• WhatsApp generates a pairing code that’s meant to be seen solely by the account proprietor.
• The attacker’s web site takes that code and shows it again to the sufferer with textual content that means they need to ‘enter this in WhatsApp to substantiate the login and see the photograph.’
• The sufferer opens WhatsApp, sees the pairing immediate and enters the code, believing they’re finishing a safety test.

As soon as the malicious system is paired, the attacker has full entry to the sufferer’s WhatsApp account and might ship extra phishing messages to the sufferer’s contacts.

Over 70,000 organizations worldwide belief the KnowBe4 HRM+ platform to strengthen their safety tradition and scale back human threat.

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/phishing-campaign-targets-whatsapp-accounts

Automate Incident Response and Maximize SOC Effectivity

Your safety workforce is drowning in alerts, and threats are slipping by way of. With SOC groups going through greater than 4,400 every day alerts, over 40% of that are false positives, the overwhelming majority of organizations are drowning in backlogs.

The outcome? A five-hour response hole that leaves threats sitting in your worker inboxes for days or even weeks. Cease playing with unaddressed alerts with expertise that collapses the time-to-containment from hours to minutes.

Throughout this demo, you may uncover how PhishER Plus eliminates the damaging vulnerability window between risk detection and containment by combining triple-validated risk intelligence with human oversight:

• Speed up Response instances with AI-powered automation that permits you to code customized guidelines in plain-English, scale back handbook e mail evaluate time by as much as 99%, and eliminates alert fatigue
• Leverage unmatched risk intelligence from 13+ million international customers, KnowBe4 Risk Analysis Lab, and main third-party integrations, catching zero-day threats that bypass SEGs and different ICES defenses
• Keep full visibility and management over AI-driven choices with PhishML Insights, eliminating black-box uncertainty and lowering false positives that waste $875K yearly
• Take away threats routinely from all mailboxes with International PhishRIP earlier than customers can work together with them, eliminating the chance of workers in any other case falling for the assault
• Convert actual assaults into focused coaching alternatives with PhishFlip, reinforcing vigilant worker habits whereas showcasing safety consciousness gaps

Uncover how PhishER Plus clients obtain 650% ROI inside the first 12 months. Rework your workers into your most useful defenders whereas assembly SOC effectivity targets.

Date/Time: Wednesday, January 21 @ 2:00 PM (ET)

Save My Spot:
https://data.knowbe4.com/phisher-demo-1?partnerref=CHN

North Korean Risk Actor Spreads Malware by way of QR Codes

The North Korean risk actor “Kimsuky” is utilizing QR codes to trick customers into putting in malicious cellular apps, in accordance with safety researchers at ENKI.

The phishing websites, which impersonate supply companies, inform customers that the webpage can’t be considered on a desktop. The websites instruct the consumer to scan a QR code as a way to open the web page on their cellphone. This helps the assault bypass safety defenses that could be current on the consumer’s work pc.

“We confirmed that the malicious utility was distributed from the IP deal with 27.102.137[.]181, leveraging a QR code that impersonated a professional package deal supply service,” the researchers clarify.

“Among the many 4 malicious functions found in the course of the investigation, two masqueraded as supply service apps. A earlier report by ESTSecurity documented related circumstances the place the risk actor transmitted URLs internet hosting malicious apps by way of smishing texts that impersonated supply corporations. Consequently, we assess with excessive confidence that the risk actor employed smishing or phishing emails for preliminary entry, in keeping with historic TTPs.”

When the consumer scans the QR code, they’re going to be taken to a phishing web page that makes use of social engineering to trick them into putting in malware or getting into delicate data.

“Whereas clicking the hyperlink doesn’t routinely execute the malicious app, the risk actor designs refined phishing websites to trick victims into operating the malware or getting into private data,” ENKI says.

“To forestall an infection, customers ought to keep away from clicking hyperlinks from unknown senders. For hyperlinks obtained from identified contacts, if the content material seems uncommon or suspicious, customers ought to confirm the message with the sender earlier than clicking.”

AI-powered safety consciousness coaching offers your group a necessary layer of protection in opposition to social engineering assaults.

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/north-korean-threat-actor-spreads-malware-via-qr-codes

[Live Demo] Cease Inbound and Outbound E-mail Threats

With over 376 billion emails despatched every day, your group faces unprecedented dangers from Enterprise E-mail Compromise (BEC), misdirected delicate communications and complex AI-driven phishing assaults. The human component, concerned within the overwhelming majority of information breaches, contributes to email-based threats that value organizations like yours tens of millions yearly.

Uncover how one can cease as much as 97% extra assaults and uncover 10x extra potential knowledge breaches in your Microsoft 365 atmosphere earlier than they occur.

Be part of our reside demo to see how KnowBe4’s Cloud E-mail Safety seamlessly integrates into Microsoft 365 to boost its native safety whereas offering the instruments wanted to establish dangerous communications earlier than they result in breaches.

See KnowBe4’s Cloud E-mail Safety in motion as we present you how you can:

• Defend your group in opposition to refined inbound threats together with BEC, provide chain assaults and ransomware
• Stop pricey outbound errors with real-time alerts that cease misdirected emails and unauthorized file sharing
• Implement data obstacles that maintain you compliant with business laws
• Detect and block knowledge exfiltration makes an attempt earlier than delicate data leaves your group
• Customise incident response workflows to match your safety workforce’s wants

Strengthen your safety posture with AI-native clever e mail safety that reduces human-activated threat and safeguards your group from inbound and outbound threats.

Date/Time: Wednesday, January 21 @ 1:00 PM (ET)

Save My Spot:
https://data.knowbe4.com/ces-demo-month-1?partnerref=CHN

Let’s keep protected on the market.

Heat regards,

Stu Sjouwerman, SACP
Government Chairman
KnowBe4, Inc.

PS: HR professionals don’t anticipate dangerous actors to “apply” for a place. This makes them prone to actual safety threats. Right here is free coaching to your HR Workforce:
https://www.knowbe4.com/free-cybersecurity-tools/secure-hiring-and-onboarding

PPS: Your KnowBe4 Contemporary Content material Updates from December 2025:
https://weblog.knowbe4.com/fresh-content-updates-from-december-2025

“Little or no is required to make a contented life; it’s all inside your self, in your mind-set.”
– Marcus Aurelius – Roman Emperor (121 -180 AD)

“One’s thoughts, as soon as stretched by a brand new thought, by no means regains its authentic dimensions.”
– Oliver Wendell Holmes – Doctor, Poet, and Polymath (1809 – 1894)

You possibly can learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-16-02-when-you-cant-believe-your-eyes-ai-and-the-new-misinformation-playbook

ConsentFix Assaults Pretend Cloudflare Prompts

By Roger Grimes

ClickFix assaults have been round for many years; solely the identify is new. ClickFix assaults use social engineering to trick customers into clicking on buttons and hyperlinks that the consumer is instructed are wanted so their browser or pc can carry out some desired motion.

ClickFix Assaults

The commonest authentic kind of ClickFix assault instance, and the place the identify itself comes from, is the place a consumer deliberately searches for some kind of pc error they’re having, say Home windows error 1F0039a (I made that up), and the browser engine returns plenty of hyperlinks relating to that error.

Unbeknownst to the consumer, the web search engine outcomes have been gamed (i.e., “poisoned”) so {that a} easy seek for an answer returns a malicious web site excessive up within the outcomes. Normally, the attacker has both created a pretend web site with the error message embedded into the web site time and again (however not seen to customers), or they’ve paid the search engine vendor to have their web site returned when that exact key phrase is searched on. Both approach, the attacker’s web site hyperlink finally ends up excessive on the checklist of internet sites with options.

When the consumer goes to the malicious web site, the scammer makes an attempt to social engineer the consumer into performing an motion that’s in opposition to the consumer’s greatest pursuits. Usually, it’s to click on a button to repair one thing (therefore, the “ClickFix” identify).

Generally the button click on takes the consumer to a different malicious web site, typically it downloads a malicious doc or content material, and typically it brings up directions that the consumer is meant to repeat and run on their pc.

Today, in case you hear of the ClickFix assault, it’s normally the kind of assault the place the sufferer will get tricked into copying/pasting assault code into their very own desktop atmosphere, unwittingly executing malware on their pc. It bypasses firewalls, antivirus scanners and content material filters.

[CONTINUED] on the KnowBe4 Weblog:
https://weblog.knowbe4.com/consentfix-attacks-fake-cloudflare-prompts

Phishing Marketing campaign Abuses Google’s Infrastructure to Bypass Defenses

Researchers at RavenMail warn {that a} main phishing marketing campaign focused greater than 3,000 organizations final month, primarily within the manufacturing business. The phishing messages posed as professional enterprise notifications, resembling file entry requests or voicemail alerts, and had been designed to ship customers to credential-harvesting login pages.

Notably, the marketing campaign abused professional Google infrastructure and hyperlinks to keep away from being flagged by safety instruments.

“In every case, emails had been despatched from professional Google infrastructure, handed SPF, DKIM and DMARC, and used trusted Google-hosted URLs as payloads,” RavenMail says. “This essentially breaks the belief mannequin that almost all e mail safety platforms depend on.

“Safety researchers have repeatedly noticed that these campaigns bypass each safe e mail gateways and native e mail protections as a result of there’s nothing technically ‘fallacious’ with the message supply itself.”

The marketing campaign did not contain any breach of Google’s methods, however the attackers had been in a position to “manipulate workflow automation companies meant to streamline enterprise processes.” The researchers be aware that that is a part of a broader pattern by which attackers are abusing professional companies to bypass defenses.

“Attackers are additionally internet hosting phishing pages and multi-stage redirectors on Google Cloud Storage (GCS) – a completely trusted, HTTPS-served area house,” RavenMail says. “As a result of many URL status methods deal with cloud supplier domains as benign, these hyperlinks steadily evade detection.

“Individually, different campaigns have exploited Google platforms like Google Classroom and Google Kinds to distribute phishing content material at huge scale and keep away from safety filters that block unknown or low-reputation domains.”

AI-powered safety consciousness coaching offers your group a necessary layer of protection in opposition to evolving social engineering assaults.

RavenMail has the story:
https://ravenmail.io/weblog/phishing-using-google-infra

What KnowBe4 Prospects Say

“Thanks for reaching out! I hope you had vacation and I’m glad to have this chance to provide a shout out to our CSM, Kim A. She has genuinely supplied the perfect buyer assist I’ve ever skilled, in a company or non-public setting. We had a couple of uncommon necessities and skilled some surprising points with our personal inner methods, and she or he’s been extremely responsive and useful all through. I can’t say sufficient good issues about how nicely our onboarding journey has gone thus far. Thanks once more!”

– A.D., International Supervisor, Safety Consciousness

“I simply needed to drop you a fast be aware and let you understand how AWESOME Tom is. He’s displaying us issues within the platform we by no means knew existed. He’s serving to us tweak our campaigns, educating us to make use of among the newer options and simply been an all-around pleasure to work with.

“We stay up for our month-to-month calls and are always pondering of the way (or Tom helps form a few of these thought processes) to enhance the platform and general safety consciousness right here.

“We’re a brilliant small workforce with a large workload. Having a CSM that may level us within the correct course and assist get issues configured, has been an superior change for our workforce. Whereas we’d like to spend time and turn into consultants in all our platforms, it’s not possible. Having a trusted useful resource like Tom, taking a look at our account settings, making suggestions, and displaying us how you can configure these suggestions, has been a recreation changer for us.

“Please give that dude a elevate!!!!!!!

“Aspect Word: We could cry if we ever lose him from our account now! That’s how a lot we love Tom. You ought to be proud to have somebody as thorough, caring, and straightforward to work with, in your workforce. I do know I’d be!

“Thanks to your time and for letting Tom change our notion of KB4. It has been an superior journey these final couple months! Finest needs on a incredible remainder of your day!”

– B.J., AVP of Infrastructure and IT Safety