Security Program Controls/Technologies, Channel partners, Content

KnowBe4 Uses Human Intelligence, AI to Combat Phishing Attacks

Phishing, E-Mail, Network Security, Computer Hacker, Cloud Computing

KnowBe4 has released PhishER Plus, a product that utilizes more than 10 million trained users globally to identify, block and remove phishing email threats before they reach users' inboxes, according to the company.

PhishER Plus is available as a standalone product or upgrade option for current PhishER customers, KnowBe4 said.

KnowBe4 PhishER Plus Uses Triple-Validated Phishing Threat Feed

PhishER Plus users are trained to spot and report phishing attacks, KnowBe4 stated. The information these users gather about phishing attacks is incorporated into the PhishER Plus Global Blocklist.

The Global Blocklist is a continually updated threat feed managed by KnowBe4, the company noted. It automatically blocks new messages from entering users' inboxes and can be synced with an organization's Microsoft 365 mail server.

PhishER Plus utilizes the following sources to power its Global Blocklist:

  • Global network of trained KnowBe4 end-users and their PhishER administrators
  • PhishML AI model trained on phishing emails that other filters commonly miss
  • Human-curated threat intelligence from KnowBe4's Threat Research Lab

PhishER Plus Contains Phishing Threats

Along with its Global Blocklist, PhishER Plus offers a Global PhishRIP feature that identifies and quarantines confirmed phishing threats reported by PhishER customers, KnowBe4 indicated.

Global PhishRIP removes email threats before they are spotted or reported within an organization, KnowBe4 said. It also can shut down active phishing attacks and preemptively "rip" new phishing attacks out of users' inboxes.

How PhishER Plus Works

PhishER Plus lets users report phishing threats, which are ingested by PhishER, KnowBe4 explained. Next, PhishML triages these threats and separates clean emails from spam and threats. Then, the PhishER Admin determines if threats should be added to an organization's private blocklist. Finally, KnowBe4's Threat Research Lab reviews and verifies each threat before it is added to the Global Blocklist.

Once a threat is added to the Global Blocklist, it syncs to PhishER Plus customers' email servers, KnowBe4 said. This enables PhishER Plus to block known threats before they can reach other organizations.

However, if a threat is identified before it gets added to the Global Blocklist, Global PhishRIP removes and quarantines it from all PhishER Plus customers' inboxes.

KnowBe4 Offers Free Ransomware Resource Kit

In addition to releasing PhishER Plus, KnowBe4 started offering a free ransomware resource kit as part of its efforts to promote Ransomware Awareness Month in July 2023. KnowBe4's kit includes the following resources:

  • On-demand ransomware master class webinar featuring KnowBe4 Data-Driven Defense Evangelist Roger Grimes
  • Ransomware Hostage Rescue Manual and supplemental Attack Response and Prevention Checklists
  • A seven-minute video that explains the evolution and future of ransomware
  • An infographic on the global cost of ransomware
  • Posters and digital signage to warn employees about ransomware attacks

KnowBe4 provides a security awareness training and simulated phishing platform used by more than 60,000 organizations, the company said. It also offers a partner program for MSSPs, MSPs and other technology providers.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.