Recently, there has been a shift in cybercriminals’ behavior, marked by a surge in total phishing attack volume. These attacks are fueled by high-scale automation and a coordinated multi-channel siege targeting corporate collaboration tools. Trusted platforms such as email, Teams, calendars and others are in the cross-hairs, bypassing traditional phishing methods that have worked in the past.
This segment is sponsored by KnowBe4. Visit https://securityweekly.com/knowbe4rsac to learn more about them!
Read the interview summary article from SC Media here: KnowBe4’s Erich Kron on modern phishing attacks
- 0:00 - RSAC 2026 Interview with Eric Kron (KnowBe4)
- 0:25 - Phishing: The Ongoing Cybersecurity Threat
- 0:40 - How AI Is Making Phishing More Dangerous
- 01:11 - Why Traditional Phishing Clues Are Gone
- 01:46 - AI Efficiency: Attackers Doing More with Less
- 02:07 - Defending with AI: New Detection Strategies
- 02:29 - Rise of Polymorphic Phishing Attacks
- 03:09 - Detecting Phishing Through Context & Intent
- 03:55 - Phishing Beyond Email: Teams, Slack & WhatsApp
- 05:07 - How Attackers Move Across Communication Channels
- 05:40 - Smishing Tactics & Social Engineering Tricks
- 06:33 - AI Chatbots Powering Modern Phishing Attacks
- 07:19 - Real-World Example: AI Chatbots in Action
- 08:52 - New Defense Tools: Phish Alert for Teams
- 09:54 - Encryption Creates Security Blind Spots
- 10:00 - The Challenge of Stopping Smishing Attacks
- 11:20 - Human Awareness: The Best Line of Defense
- 11:54 - Trust Issues: Why Familiar Platforms Are Risky
- 12:35 - Rise of Physical Mail & Toll Scam Attacks
- 13:14 - Account Takeover: The Bigger Threat
- 13:47 - Risks of Single Sign-On (SSO) Compromise
- 14:08 - How to Protect Against Modern Phishing
- 14:38 - Why AI Is Essential for Cyber Defense
- 15:36 - The Future of AI Agents in Security
- 15:41 - Closing Thoughts & RSAC 2026 Coverage
Erich Kron, CISO Advisor at KnowBe4 is an author, a podcast host and regular contributor to cybersecurity industry publications. He is a veteran information security professional with over 30 years of experience in the medical, aerospace, manufacturing, and defense fields. His experience has fueled his passion for helping to address the human side of cybersecurity.
He is the former security manager for the US Army’s 2nd Regional Cyber Center and holds CISSP, CISSP-ISSAP, SACP, and many other certifications. Erich has worked with information security professionals around the world to provide the tools, training, and educational opportunities to succeed in Information Security.
