In observance of National Cyber Security Awareness month, we released several videos to help employees and consumers spot a phish. In the final video, we take a look at a number of phish to apply what we have learned. To view all videos released in this series, visit this page: https://info.phishlabs.com/2017-cyber-security-awareness-month.
In observance of National Cyber Security Awareness month, we are releasing several videos to help employees and consumers spot a phish. In the second video, we take a look at the sender's email address to help spot a potentially malicious email. To view all videos released in this series, visit this page: https://info.phishlabs.com/2017-cyber-security-awareness-month.
In observance of National Cyber Security Awareness month, we are releasing several videos to help employees and consumers spot a phish. In this first video, we are going to look at red flags that would identify an email as unsafe.
It would be easy to feel defeated by the statistics continuously reported on cyber attacks. Even with an organization’s next-gen firewall, threat intelligence capabilities, and a host of sophisticated tech tools, threat actors still manage to access valuable data.
How is this happening? Here’s a hint: we’ve all seen them…those sneaky, often carefully crafted emails that lure us into giving up our valuable information. Yes, you guessed it…
Topics: Cyber Security Awareness Month
Historically, security awareness training (SAT) in the healthcare industry… isn’t great. In fact, if you start talking about SAT to a healthcare CISO, you can see the frustration on their face almost immediately.
Back in February we attended HIMSS, one of the biggest healthcare IT shows in the US. We wanted to find out exactly what healthcare providers needed from a SAT program, and show them that (done properly) SAT can have a tremendous positive effect on the operational security of healthcare organizations.
Topics: security awareness training
In the fight against phishing, there’s far more to think about than simply blocking malicious email.
In fact, as a security vendor, our analysts spend a huge amount of time trying to disrupt the phishing landscape in a way that makes all of us safer.
When you’re attempting to mitigate the risk of phishing, threat intelligence plays a vital role.
After all, what better way to predict and intercept future phishing attacks than by analyzing past attacks for patterns and indicators?
This post is the second in a series breaking down lessons learned from our recent consumer-focused phishing webinar. In the first post we covered the value of phishing intelligence, and explained how to use source code analysis to link individual phishing sites back to the phishing kits and actors responsible.
Mention security awareness training in a healthcare setting and stress levels start to rise.
But it doesn’t have to be that way.
Last month we attended HIMSS, one of the largest healthcare specific IT conferences in the US. We wanted to show healthcare providers that security awareness training doesn’t have to be a huge burden, and that (done well) it can have a profound impact on a healthcare organization’s security profile.
But to do that, we needed to have frank conversations with as many healthcare providers as possible. We needed to find out what healthcare security professionals require from their security awareness training in terms of structure, content, and results.
And that’s exactly what we did.
Topics: security awareness training
Over the last decade phishing has exploded. Volume has increased every year, with threat actors reliably focusing the majority of their efforts on the same five or six industries.
It was a serious threat, of course, but it had become somewhat… predictable.
But in 2016, some major changes occurred. In just 12 months, the entire phishing landscape shifted.
In late 2015, malware trends hinted a ransomware epidemic was on its way.
And what happened? Less than three months into 2016, security analysts had branded it the ‘year of ransomware’.
Even popular media outlets were covering ransomware cases on an almost daily basis, and both consumers and businesses the world over would come to understand exactly what the word ransomware really means.
So what happened? After all, ransomware has been around for decades, so why the sudden explosion?