Recent Posts

Recent Blog Posts

The PhishLabs Blog

Meet the Cyber Security Awareness Team: Kimber

Posted by Elliot Volkman on Oct 18, '18

In our ongoing contributions to Cyber Security Awareness Month today we’re launching a two-part series designed to introduce you to some of our team.

For those who have been fortunate (unfortunate) enough to be on the receiving end of one of our phishing simulations, interacted with our microlearning modules, or training materials, you likely are unaware of some of the minds behind them. That’s why we’ve put together some brief interviews so that you can become more acquainted with people that power our security awareness training programs.

Read More

Topics: security awareness training

Threat Announcement: Phishing Sites Detected on Emoji Domains

Posted by Olivia Vining on Oct 12, '18

Since September 21, PhishLabs analysts have detected a number of phishing sites hosted on emoji domains. So far, all detected sites have a few things in common:

Read More

Topics: Phish, Threat Analysis

15 Years of Cybersecurity Awareness Month

Posted by Elliot Volkman on Oct 11, '18


Each year in the month of October there are more things to be cognizant of than ghosts and ghouls, in fact something far scarier. That’s right, Cyber Security Awareness month is back, and with it our team is bringing you some new and updated resources. 

This month marks the 15 anniversary of the awareness program that DHS continues to lead.

“NCSAM 2018 is a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online, while increasing the resiliency of the Nation during cyber-threats.” You can access the official NCSAM toolkit here.

Read More

Topics: Cyber Security Awareness Month

How Social Media Can Cost You Thousands of Dollars

Posted by Alexa Villanueva on Sep 27, '18

When it comes to social media, there is a fine line between letting people know your holiday plans and just plain handing over personal sensitive information for unscrupulous people to use it against you. For instance, if you upload a photo announcing you will be away with your family for some time, once you return from your trip and realize your possessions have been stolen, it’s too late. Insurance companies won’t make it any easier on you either since they will review all your online activity and argue you didn’t properly secure your possessions and mark the claim as “ineligible for compensation”. How? Sometimes, oversharing is like leaving the front door unlocked: you’ve given the opportunity for anyone to enter your home.

Read More

Topics: Digital Risk Protection

Targeting the Brand: Your C-Suite May Be at Risk

Posted by Elliot Volkman on Sep 19, '18

Social media is impacting the world around us.

Most organizations have social media accounts, cloud-based drives, access cloud platforms, are filled with employees who use messengers like Slack, and tap into any other piece of the ever expanding digital world.

Because of the growth rate of each of these types of technology and the associated user adoption, ideal security best practices and tools are still sorely lagging behind in place of innovation. Because of this, any user, and in particular executives or the C-suite with keys to the castle, are constantly a potential target to threat actors.

Read More

Topics: Digital Risk Protection, Executive Monitoring

The Light in the Dark: Myths and Truths about the Dark Web

Posted by Alexa Villanueva on Sep 11, '18

There are many misconceptions about the dark web and what goes on in the digital underground. Though the dark web is usually associated with criminal activities including drug dealing, human trafficking, selling counterfeit consumer goods and many other malicious acts, not everything in the dark web is completely dark.

Read More

Phishing 101: Targeted Phishing Attacks

Posted by Alexa Villanueva on Sep 5, '18

 

The most likely way that you will be compromised online is through a simple phish or a socially engineered attack. Today, these two techniques are often combined to create an even more threatening attack, an intelligently targeted phish.

Read More

Defining and Managing Success for Security Teams

Posted by Elliot Volkman on Aug 30, '18

Big or small, global or local, almost every organization uses some form of technology, and therefore has security needs within it. Due to the nature of the work and variables in play, metrics and success are often a subjective matter from organization to organization.

Read More

Topics: Digital Risk Protection

Geolocation Tracking Poses Risks to Your Employees

Posted by Alexa Villanueva on Aug 21, '18

Exposing your geolocation information publicly can lead to increased personal and business risk. This is particularly important to note in the wake of Google's location tracking, even if you explicitly told them not to.

Read More

Topics: Digital Risk Protection

So You Got a SaaS Security Awareness Training Platform, Now What?

Posted by Elliot Volkman on Aug 14, '18

After months of talks, budget approvals, and getting stakeholder buy in, you finally have the security awareness tool of your choice ready to be used. You get some welcome emails, an onboarding conversation with a customer account manager, and then…..?

Read More

Topics: security awareness training, Awareness Training

   

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Upcoming Events

Calendar_Mock_

Posts by Topic

see all