The PhishLabs Blog

Stacy Shelley

Recent Posts

Q1 2017 Phishing Trends & Intelligence Report

Posted by Stacy Shelley on Jun 8, '17

We all know that the only constant in life is change, but it is often surprising how quickly we must pivot and re-evaluate what we know to be true. In the words of General Shinseki, former U.S. Army Chief of Staff,  “I f you don’t like change, you’re going to like irrelevance even less.”   
What' s most imp ortant is how we respond to the shifts, and, when talking about cyber security, how we continue to effectively mana ge risk in the midst of shifting threats. 
Read More

Topics: Phishing, Phishing Trends and Intelligence Report,

FFIEC issues new guidance on mobile risks

Posted by Stacy Shelley on May 2, '16

This past Friday, the Federal Financial Institutions Examination Council (FFIEC) released new guidance to banks, credit unions, and other financial institutions regarding mobile financial services (MFS). These are the services that institutions provide to their customers through mobile devices, such as electronic payments, remote deposits, mobile apps, etc.

Read More

Topics: ATO, Mobile, Compliance, FFIEC

#PHISHRAGE shirts at RSA USA 2016

Posted by Stacy Shelley on Feb 11, '16

It's frustrating when users get phished. Especially when you've told them repeatedly not to open untrusted links or attachments.  But remember, violence isn't the answer.

Instead, express yourself in a safe way that keeps you gainfully employed: by sporting a fresh, new #PHISHRAGE shirt!

Made with a comfortable blend of high quality cotton and seething rage, you'll want to wear it to work every day. 

 You can get yourself one at the upcoming RSA USA Conference. We'll be there in the North Expo, Booth 3845. Give us your shirt size in advance and we'll have it waiting for you:  

I want a #PHISHRAGE shirt.

Read More

Employees are going to get phished. Why even bother with awareness training?

Posted by Stacy Shelley on Feb 4, '16

Recently, I had a call with a rather prominent analyst in the cyber security community. We were having a pretty good conversation about security awareness training, focusing on the T2 Employee Defense Training service we launched this week. As the conversation was wrapping up, he said, “You know, I’ve always believed that trying to train employees for phishing emails was pointless. No matter how good the training is, someone is still going to fall for an attack. So why even bother?”

Read More

Topics: Awareness Training, T2, Employee Defense Training, security awareness training

Preventing Payload Delivery via Spear Phishing

Posted by Stacy Shelley on Oct 8, '15

To help security leaders strategically manage their defensive posture, we have created a framework that spans relevant security layers from the start of an attack to its resolution. When applied, this framework helps organizations:

Read More

Topics: Spear Phishing Protection

Introducing the Defensive Framework for Spear Phishing

Posted by Stacy Shelley on Sep 24, '15

Spear phishing is the preferred attack method for advanced threat actors. Well-crafted spear phishing attacks easily slip past layers of defenses and target the only vulnerability that cannot be patched – people. The vast majority of headline data breaches in recent years have all begun with spear phishing attacks.  If your organization has intellectual property, customer data, or critical systems that are valuable, your employees are being targeted with spear phishing emails.

Read More

Topics: Spear Phishing

PhishLabs Named a Top-Performing Company

Posted by Stacy Shelley on Sep 16, '15

PhishLabs is one of the fastest growing firms in South Carolina

Read More

Topics: Company News

Think community financial institutions aren’t in the crosshairs for account takeover? Think again.

Posted by Stacy Shelley on Oct 24, '14

There is clear evidence that account takeover (ATO) is a big problem and growing worse. The Federal Reserve Bank of Atlanta sounded the alarm in a report delivered last year, estimating 69% growth in account takeover fraud and $69 billion in losses from 2011 to 2012.

Read More

Topics: Account Takeover

As expected, Shellshock is being used for phishing attacks

Posted by Stacy Shelley on Oct 17, '14

Via Lancope, a botnet built by exploiting the Shellshock vulnerability is being used for phishing attacks:

Read More

Topics: Phishing, Vishing, Shellshock

PhishLabs partners with VirusTotal

Posted by Stacy Shelley on Sep 24, '14

We're pleased to announce that VirusTotal has joined our global network of cybercrime intelligence partners. Intelligence sharing is a vital part of the fight against cybercrime, providing threat visibility and insight to aggressively mitigate attacks and protect our clients. Our partnership with VirusTotal provides an additional layer of intelligence, expanding our threat visibility.

Read More

Topics: Threat Intelligence, Company News


What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Upcoming Events


Posts by Topic

see all