The PhishLabs Blog

Ambassadors of security training programs often struggle with the most effective way to drive success. The ultimate purpose of these programs is to change employee behavior and create a more secure organization.

One way to verify if an email is legitimate is to look at the sender’s address, the actual sender’s address, not just the sender’s name. One tactic cyber criminals employ is using the sender’s name to trick the recipients.

You have carefully selected a training program. Employees are completing the courses. And yet, they are not reporting suspicious emails and their passwords are made up of favorite sports teams and graduation dates. What is missing?

In honor of National Cybersecurity Awareness Month (CSAM), Dane Boyd, PhishLabs’ Security Training Manager, and I will share a series of posts covering topics from cybersecurity to organizational learning and development. We are kicking off the series by covering a topic near and dear to my heart: taking a programmatic approach to implementing a security training program.

In the past 48 hours, PhishLabs has identified and successfully thwarted a sophisticated phishing campaign targeting the Office 365 credentials of high-value targets. this however campaign is still active, and security teams should familiarize themselves with the tactics, indicators, and remain vigilant. In these attacks, the threat actor(s) is posing as private equity firms submitting non-disclosure agreements.

This week APWG released its findings from Q2 of this year that compiles insights from their member companies and provides an analysis of how phishing is changing. This quarter's report shows that phishing attacks continue to increase, both SaaS and email service providers are prime targets, BEC attacks are focused on getting gift cards, and more than half of phishing sites continue to abuse HTTPS.

On a daily basis, around 42% of the global population, or 3.2 billion people, uses some form of social media. Of that number, people spend a daily average of 2.2 hours on these networks, too. These two numbers are exactly why threat actors continue to flock to social media to abuse them for phishing purposes; however, there is far more to this story. Phishing threats extend well beyond Twitter, Telegram, Snapchat, and the other big networks.

Today, social media is a daily medium for communication for much of the modern world, and adoption only continues to grow. Because of this, much like how threat actors started to target mobile users, they have begun to abuse social media, too.

As the manager of a security awareness team, whose primary goal is to educate users on how to spot phishing attacks, I often get asked, “can you make the phishing simulations look like real-world phish?”

This is when I show people what real-world phishing attacks look like.

Business Email Compromise (BEC) attacks are the most costly and effective forms of phishing. In most cases, these attacks use highly research social engineering to go after the top brass in a company with a motive of stealing corporate dollars or breaching their network.