KnowBe4 launches AI-based phishing simulations

Get a free Techzine subscription!

KnowBe4 has introduced a new feature that allows employees to be trained to recognise phishing emails. The feature uses AI to simulate personal phishing attacks.

With the phishing platform, administrators can test how resistant their employees are to phishing attacks. The platform sends out phishing messages to different employees and administrators get an overview of who all buys into it.

Personalised phishing campaigns

The new update of the platform allows phishing campaigns to be more personalised. Using machine learning, and based on users’ training history and history of previous phishing campaigns, administrators can run new user-specific phishing tests.

The AI looks at a number of factors, including the number of failed phishing security tests, the types of attack vectors in those failures, how often suspicious emails are reported via the Phish Alert button, and how recently and regularly training has been completed.

Increasing threat from phishing

KnowBe4 sees an increasing threat in the use of phishing to attack corporate networks. The company refers to the Q4 2020 Phishing Activity Trends Report from the Anti Phishing Working Group. This shows that the number of phishing attacks doubled during 2020. In January 2020, the organisation received 100,000 reports of phishing, compared to 200,000 in December.

Phishing is a major risk for businesses. After all, the weakest link in any security policy is the user. IT managers may have completely secured their networks, but if an inattentive employee gets fooled by a phishing email into giving away important login credentials or installing malware on the company network, an attacker can still do harm. Of course, there are methods to protect against such attacks, but it never hurts to educate employees on what to look out for in their emails and other messages.

Improve the security culture

“People learn differently and are prone to click on various phishing emails depending on their role within the organization, life experiences and a number of other factors,” said Stu Sjouwerman, the CEO of KnowBe4. “Providing this new feature with more personalized phishing templates to our customers helps them to better prepare their end users to spot and report real-world attacks while increasing security culture across the company. At KnowBe4, we make a concerted effort to develop new features based on customer feedback to make their jobs easier and ultimately, their organizations more secure.”

Tip: Security company KnowBe4 acquires MediaPRO