We’ve long defined cybersecurity as the technical discipline of protecting networks, data and systems. But when viewed through a geopolitical lens, then this definition is no longer sufficient. What we are dealing with today goes beyond protecting organisational data, to protecting economies, sovereignty, and increasingly, human perception.
2026 has officially become the year of speed, scale and support
The delta between a phishing email landing and a full organizational compromise has shrunk to mere seconds.
World Password Day is no longer just a nudge to pick stronger passwords, it’s a moment to rethink identity. Attackers rarely “hack” systems today; they log in as you. Combine expert guidance on phishing, MFA, password managers, behavioral defenses, and new threats from AI and quantum computing to better secure your accounts now and for the future.
Researchers at Google’s Threat Intelligence Group (GTIG) are tracking a new threat actor that’s impersonating help desks to trick users into installing malware. The threat actor, which GTIG tracks as “UNC6692,” begins by sending a large volume of spam emails to the victim, then initiates contact via Microsoft Teams to ostensibly help the user block the spam.
Cybercriminals are getting smarter and faster. Social engineering attacks are evolving rapidly, and AI is making them more convincing than ever. According to the 2025 Verizon Data Breach Investigations Report, up to 68% of cyberattacks involve some form of social engineering. Meanwhile, 95% of cybersecurity professionals say AI is making phishing attacks harder to detect, and 65% believe attackers will soon rely on AI as their primary tool.
Deepfake-driven fraud has caused $2.19 billion in losses globally, with $1.65 billion reported in 2025 alone, according to an analysis by Surfshark. More than half of these losses were due to investment scams using deepfakes of high-profile figures.
John N Just, Ed.D. – Chief Learning Officer
What’s New: Celebrating World Password Day and Beyond
Happy May! This month, we are putting a major spotlight on World Password Day (May 7). While the “traditional” password might be evolving into passkeys and biometrics, the human element of authentication remains the #1 target for social engineers. To help you celebrate, we’ve released a dedicated suite of content designed to move your users beyond “Password123!” and into a mindset of strategic defense.
From deep dives into the psychology of a credential harvest to practical guides on mastering password managers, our updates are built to help you strengthen your organization’s defenses.
|
Just in time for World Password Day! |
World Password Day and You |
|
Cybersecurity Essentials for the Kingdom |
Identity Theft Explained |
|
Privileged User Security: Secure Windows Administration |
Report It! Use the Phish Alert Button (PAB) |
|
What is AI? |
Why Phishing Works |
|
Avoiding Gift Card Scams |
Fake Sites, Real Danger: Understanding Typosquatting Document One mistyped letter could lead to a fake website. Learn how scammers profit from your honest typos by mimicking trusted URLs to steal your data. |
|
Gift Card Scams: How They Work and How to Avoid Them |
Sir Hackalot: Royal Ravens Game Game Defend the castle in this fantasy-themed game. Sharpen your wits as you review messenger birds to distinguish legitimate royal decrees from dangerous phishing scrolls. |
|
Zero Trust: Verify Everything |
| 信頼が裏目に!取引先詐欺の手口と対策 (Betrayed by Trust: Understanding and Preventing Vendor Fraud ) Training Module Protect your organization from business email compromise. Learn to spot fradulent payment requests and implement verification steps to safeguard long-term partner relationships. *Available in Japanese only |
参考資料:信頼が裏目に!取引先詐欺の手口と対策 (Document: Betrayed by Trust: Understanding and Preventing Vendor Fraud ) Document A vital summary of scam tactics and prevention. Use this guide to enforce approval processes and multi-factor authentication for all financial requests. *Available in Japanese only |
|
ポスタ-:信頼が裏目に!取引先詐欺の手口と対策 (Poster: Betrayed by Trust: Understanding and Preventing Vendor Fraud ) |
NEW! – Quarterly Product Update Videos
At KnowBe4, we’re always adding new features and improving our products. Watch the latest Quarterly Product Update to catch up on all the fresh content and new features that we’ve added to your KnowBe4 platform over the last quarter.
Here’s the direct link to the KnowBe4 platform support article and video: https://support.knowbe4.com/hc/en-us/articles/360015575313-Video-KSAT-and-AIDA-Quarterly-Product-Update-April-2026
Here’s the direct link to the PhishER support article and video:
https://support.knowbe4.com/hc/en-us/articles/1500005726381-Video-PhishER-and-PAB-Quarterly-Product-Update-April-2026
To see all the features of the KnowBe4 platform, request your demo today!
KB4-CON is one week away, have you secured your spot? This year’s event is built to help you stay ahead of today’s biggest security challenges with sessions covering:
AI-driven threats and defenses: Understand how attackers are using AI and what it takes to defend against it
With over 40 breakout sessions, you’re sure to find plenty of reasons to join us in Orlando.
Microsoft warns that a new criminal threat actor dubbed “Storm-2755” is launching payroll-pirate attacks against Canadian users. These attacks use social engineering to compromise employee accounts and divert salary payments to attacker-controlled bank accounts.
