Recent Posts

Recent Blog Posts

The PhishLabs Blog

Elliot Volkman

Find me on:

Recent Posts

2019 Phishing Trends & Intelligence Report: The Growing Social Engineering Threat

Posted by Elliot Volkman on Apr 16, '19

Phishing has and will continue to be a threat to anyone connected to the web. This is a fact set in stone, and regardless of advancements in technology, social engineering will allow these attacks to continue to be successful.

Read More

Topics: PTI Report

5 Tips for Smarter Detection and Collection of Digital Risks

Posted by Elliot Volkman on Mar 26, '19

Recently, our Director of Product Management, Cary Hudgins, discussed how to develop a digital risk protection plan for the modern enterprise. One of the many reasons why such a plan should be created is because, in today’s world, an enterprise organization’s digital footprint can be vast and will continue to grow.

Read More

Topics: Digital Risk Protection

Romanian Vishing/SMiShing Threat Actors Plead Guilty

Posted by Elliot Volkman on Mar 15, '19

In May of 2018, we reported on three Romanian threat actors who were extradited to the U.S. for their involvement in a SMiShing and Vishing fraud scheme. At the time of reporting, the expected losses were listed around $18 million but have since risen to more than $21 million.

Read More

Topics: Vishing, SMiShing

Less Than 3 Percent of ‘Collection #1’ Data Dump Passwords are Unique

Posted by Elliot Volkman on Jan 23, '19

This month the largest recorded data dump in history, 87GB filled with passwords and user credentials, was made available. Dubbed Collection #1 consists of 1,160,253,228 unique combinations of email addresses and passwords. Though historic, there are two positive notes regarding this information: The first is that this data set was circulated on hacking forums back in December of 2018 and is considered a few years old, and the second being that none of this data is the result of a new breach. In short, this is a very large collection of already breached data from at least 340 different websites.

Read More

Topics: security awareness training

Social Risk Monitoring: All Press Good Press?

Posted by Elliot Volkman on Jan 4, '19

It happens on a daily basis, it’s even likely that at some point it happened to you: social media account takeovers. A quick Google search shows a new batch of celebrities, politicians, companies, and other high profile users becoming the victim of account takeovers on a weekly basis.

Read More

Topics: Digital Risk Protection

49 Percent of Phishing Sites Now Use HTTPS

Posted by Elliot Volkman on Dec 6, '18

Since 2015 there has been a steady increase in threat actors’ use of SSL certificates to add an air of legitimacy to malicious websites. By the end of 2017 almost a third of phishing sites had SSL certificates, meaning their URLs began with HTTPS:// and (most) browsers displayed the all-important padlock symbol.

Read More

Topics: https

Users Failing Phishing Simulations? That’s ok

Posted by Elliot Volkman on Nov 29, '18

Phishing simulations come with a range of emotions for the users who interact with them. Some will simply ignore them, others may fail by clicking on a link or attachment, and for the well-trained, they may even report them.

Even if there is a negative outcome, training leads and organizations should not be worried, yet. Just like in school, these simulations are just that, simulations or quizzes. They are designed to prepare users for the real test or a potential attack or phishing lure from a threat actor.

Read More

Topics: security awareness training

Learn About Phishing Incident Response on Nov 15

Posted by Elliot Volkman on Nov 7, '18

An email lands in your box, it looks suspicious, but what should you do with it? This very situation happens to enterprise organizations countless times a day, and there are so many solutions for tackling it. How can you best use this information to protect your enterprise, brands, and customers?

Read More

Topics: Webinar

Is it a Phish? Halloween Edition

Posted by Elliot Volkman on Oct 30, '18

To wrap up our Cyber Security Awareness Month activities we’re bringing back a crowd favorite, Is it a Phish? And since it’s Halloween, we, of course, had to find the scariest, most terrifying phishing examples we could drum up for our very special guest, T Rex.

Read More

Topics: Is it a phish?

Meet the Cyber Security Awareness Team: Dane

Posted by Elliot Volkman on Oct 25, '18

In our ongoing contributions to Cyber Security Awareness Month today we’re launching a two-part series designed to introduce you to some of our team.

For those who have been fortunate (unfortunate) enough to be on the receiving end of one of our phishing simulations, interacted with our microlearning modules, or training materials, you likely are unaware of some of the minds behind them. 

Read More

Topics: security awareness training

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Posts by Topic

see all