KnowBe4 Reports Surge in Cybercriminal Abuse of Legit Platforms

KnowBe4’s 2025 Phishing Threat Trends Report Volume Six reveals conventional defenses bypassed, enhance in vishing utilization and retail manufacturers breached

KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human and AI agent threat administration, at present introduced new analysis from its 2025 Phishing Threat Trends Report Vol. Six, which finds elementary shifts in cybersecurity attacker techniques, prompting a major enhance in phishing assault quantity from compromised accounts.

“As cybercriminals bypass technical defenses utilizing strategies comparable to hijacking official platforms and manipulate victims by way of a range of subtle social engineering strategies, organizations have to prioritize workforce belief administration,” stated Jack Chapman, SVP menace intelligence, KnowBe4. “The findings from this report revealed that attackers demonstrated clear seasonal concentrating on all through 2025, exploiting HR matters in January, Valentine’s promotions in February, tax deadlines in April, and main occasions just like the U.S. Open. As extra assaults discover their means by way of conventional e-mail safety defenses, it’s essential that organizations evolve their tech stack to implement AI-driven detection that works inside a holistic human threat administration (HRM) ecosystem.”

Key findings from the report embrace: 

• Scattered Spider Destruction: The cybercriminal gang Scattered Spider breached a number of high-profile retailers in 2025, together with M&S, Co-Op, Harrods and others, which triggered tons of of tens of millions in damages and losses. These breaches spawned secondary phishing campaigns concentrating on clients, with attackers impersonating the compromised manufacturers to reap credentials. Scattered Spider’s signature techniques (together with combining subtle social engineering, vishing, MFA bombing and credential harvesting) mix strategies that concentrate on each the technical and human layers as half of their assault methodology.
• Voice Phishing Surge: Phone-based vishing assaults elevated 449% in comparison with 2024, with cellphone numbers showing as the only real payload in 5.5% of phishing emails. Researchers found that 77% of callback numbers used AI-generated voices, whereas 69% of vishing assaults had been financially motivated, requesting financial institution element modifications, fraudulent refunds or transfers. 
• Legitimate Platform Hijacking: Perhaps most regarding, cybercriminals elevated their abuse of official platforms like QuickBooks, Zoom, SharePoint, and PayPal by 67% year-to-date. These assaults go DMARC authentication 100% of the time and sometimes bypass conventional defenses as a result of they originate from trusted domains. 

The put up KnowBe4 Reports Surge in Cybercriminal Abuse of Legit Platforms first appeared on AI-Tech Park.