KnowBe4's New Report Reveals Rising Cyber Threats From Legitimate Platforms in 2025

Introduction

In 2025, cyber threats have evolved dramatically, leading to unprecedented levels of phishing and vishing attacks. According to the latest findings from KnowBe4’s 2025 Phishing Threat Trends Report, attackers are increasingly finding ways to bypass conventional security measures by exploiting legitimate platforms.

Key Findings

The report reveals several alarming trends in how cybercriminals operate today. Notably, they are leveraging well-established platforms such as QuickBooks, PayPal, and Zoom to carry out their attacks. This trend has seen a remarkable 67% rise in the abuse of these platforms for malicious purposes, allowing attackers to masquerade as trusted users while their operations completely evade traditional security protocols.

Rise in Vishing Attacks

One of the most striking changes reported is a staggering
449% increase in phone-based voice phishing (vishing) attacks compared to 2024. Such attacks often accompany phishing emails, where victims are encouraged to call back using AI-generated voices that impersonate company representatives. The research indicates that 77% of callback numbers feature such technology, highlighting a sophisticated tactic designed to manipulate and deceive unsuspecting victims.

Exploiting Seasonal Events

The timing of attacks has also taken a seasonal character, with attackers honing in on specific events and deadlines throughout the year. For example, themes related to human resources were prevalent in January, Valentine's promotions became a focus in February, and reports on tax season showed spikes in phishing attempts during April. This calculated approach indicates that attackers are not only well-organized but also informed about potential vulnerabilities that can be exploited during these critical periods.

The Scattered Spider Gang

Particularly concerning is the activity of the cybercriminal group known as Scattered Spider. This gang has conducted high-profile breaches impacting some major retail brands, leading to losses running into hundreds of millions of dollars. Their strategy combines various advanced techniques such as sophisticated social engineering, vishing, and MFA bombing to penetrate organizational defenses. As part of their operations, they also launch subsequent phishing attacks targeting compromised brand customers, making it imperative for these organizations to fortify their security protocols.

The Call for Action

Given these developments, Jack Chapman, the Senior Vice President of threat intelligence at KnowBe4, emphasizes the urgent need for organizations to enhance their workforce trust management protocols. As attackers become more adept at bypassing technical safeguards, organizations are called upon to rethink their approach towards cybersecurity, prioritizing a comprehensive human risk management strategy that integrates advanced AI-driven detection tools.

Conclusions

As cyber threats continue to evolve, staying one step ahead of attackers necessitates a multifaceted approach to security. The KnowBe4 report underscores the importance of recognizing that employees can either be the weakest links or the strongest defenders in cybersecurity. Educating staff about the latest threats, implementing robust defenses against social engineering tricks, and fostering a culture of security awareness are crucial steps for organizations looking to protect themselves in the ever-changing landscape of cybercrime.