Since 2015 there has been a steady increase in threat actors’ use of SSL certificates to add an air of legitimacy to malicious websites. By the end of 2017 almost a third of phishing sites had SSL certificates, meaning their URLs began with HTTPS:// and (most) browsers displayed the all-important padlock symbol.
Topics: https
Phishing simulations come with a range of emotions for the users who interact with them. Some will simply ignore them, others may fail by clicking on a link or attachment, and for the well-trained, they may even report them.
Even if there is a negative outcome, training leads and organizations should not be worried, yet. Just like in school, these simulations are just that, simulations or quizzes. They are designed to prepare users for the real test or a potential attack or phishing lure from a threat actor.
Topics: security awareness training
Phishing attacks have become increasingly sophisticated. From tricking users into sending confidential information to crafting well executed emails that can slip past the most advanced technology, social engineering is still incredibly effective.
This month we discussed this very topic and how organizations and their users should respond to phishing incidents.
Topics: Phishing Incident Response, Webinar
An email lands in your box, it looks suspicious, but what should you do with it? This very situation happens to enterprise organizations countless times a day, and there are so many solutions for tackling it. How can you best use this information to protect your enterprise, brands, and customers?
Topics: Webinar
To wrap up our Cyber Security Awareness Month activities we’re bringing back a crowd favorite, Is it a Phish? And since it’s Halloween, we, of course, had to find the scariest, most terrifying phishing examples we could drum up for our very special guest, T Rex.
Topics: Is it a phish?
In our ongoing contributions to Cyber Security Awareness Month today we’re launching a two-part series designed to introduce you to some of our team.
For those who have been fortunate (unfortunate) enough to be on the receiving end of one of our phishing simulations, interacted with our microlearning modules, or training materials, you likely are unaware of some of the minds behind them.
Topics: security awareness training
Trojans have been around for ages, but up until the last few years they have primarily targeted desktop users. Due to the continued adoption of mobile devices, now overtaking that of desktop users, threat actors have placed a larger target on smartphones and tablet users.
Topics: Digital Risk Protection
In our ongoing contributions to Cyber Security Awareness Month today we’re launching a two-part series designed to introduce you to some of our team.
For those who have been fortunate (unfortunate) enough to be on the receiving end of one of our phishing simulations, interacted with our microlearning modules, or training materials, you likely are unaware of some of the minds behind them. That’s why we’ve put together some brief interviews so that you can become more acquainted with people that power our security awareness training programs.
Topics: security awareness training
Since September 21, PhishLabs analysts have detected a number of phishing sites hosted on emoji domains. So far, all detected sites have a few things in common:
Topics: Phish, Threat Analysis
Each year in the month of October there are more things to be cognizant of than ghosts and ghouls, in fact something far scarier. That’s right, Cyber Security Awareness month is back, and with it our team is bringing you some new and updated resources.
This month marks the 15 anniversary of the awareness program that DHS continues to lead.
“NCSAM 2018 is a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online, while increasing the resiliency of the Nation during cyber-threats.” You can access the official NCSAM toolkit here.
Topics: Cyber Security Awareness Month
