Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

How a simple “I found your photo” message can quietly take over your account.

Deepfake attacks have become more compelling and realistic than ever before. Attackers are impersonating trusted leaders with convincing videos and voice, making it harder for employees to know what is real. Traditional awareness training is a good start, but nothing replaces first-hand exposure to real and synthetic content when it comes to telling deepfake videos from authentic ones. That’s why today we’re introducing KnowBe4’s Deepfake Training Content.

As with previous years, we asked identity and fraud experts to reflect on the closing year and share a few predictions for the next. You’ll get unique perspectives from fraud fighters, researchers, and an executive. We asked them about unexpected fraud trends, which tactics will become more valuable, leadership’s changing perceptions, and AI, of course. But we kicked things off with a lighthearted question.

In a recent appearance on the CanadianSME Small Business Podcast, INETCO CEO and Founder Bijan Sanii shared strategic insights for Canadian companies pursuing global growth, particularly in fast-moving underserved markets where payment fraud and infrastructure challenges are rising. Here are the five most important takeaways from the conversation.

When it comes to cyber threat trends in 2026, risk will increasingly be defined less by new attack techniques and sophistication, and more by when defenses engage. Across malware delivery, identity abuse, fraud, misinformation, and brand impersonation campaigns, the same pattern keeps emerging. Damage rarely occurs because controls are missing entirely. It occurs because protection activates after exploitation has already begun. In short, attackers aren’t simply becoming more sophisticated.

BlueVoyant’s Threat Fusion Cell (TFC) observed a Bookingcom references relate solely to adversary brand impersonation.

Let’s face it: humans are creatures of habit, and nothing rattles us quite like the prospect of change. (Just ask anyone who’s dared to swap out the office coffee brand—revolutions have started over less.) According to SHRM's research on change fatigue, today’s relentless pace of disruption is exhausting employees faster than a budget ergonomic chair. But here’s where it gets fascinating—where security, HR, and fraud analysis converge in ways you might not expect.

Multi-factor authentication (MFA) became the industry’s default safeguard for login security. Yet attackers now bypass MFA at scale, often in seconds. Banks, fintech platforms, and digital enterprises are discovering the hard truth. MFA isn’t account takeover (ATO) prevention. It only verifies the user – and attackers have learned to compromise the session itself. Modern ATO defenses must protect beyond the login, inside the browser, and in real time.

Avast advises how to spot fake e-shops, recognize new methods scammers use, and remain safe this holiday season. Holiday shopping is in full swing, and so is the hunt for great deals. As online shopping becomes the default for many, a shadowy industry of fake e-shops is growing right alongside it. The holiday season is the perfect time for scammers. People are hurried, stressed and busy getting the best gifts for their loved ones, which makes it harder to stay alert.