Recent Posts

Recent Blog Posts

The PhishLabs Blog

Is it a Phish? May 25 Edition

Posted by Elliot Volkman on May 25, '18

This week we are putting our brand new marketing team member, Rachel, to the task of hopefully getting us to our first perfect streak. And because she’s new to the team we decided to bring back our classic format.

Read More

Topics: Phish, Is it a phish?

Are Phishing Simulations a Replacement For Training? No.

Posted by Elliot Volkman on May 22, '18

Sending a simulated phishing attack is now more accessible than ever thanks to a recent update from Microsoft and the various other free offerings, and many organizations have been pushing them out for years.

Be it once a year, once a quarter, or once a month, these simulated phishing attacks both create awareness for your users and provide valuable feedback to an organization’s security team. However, can simulations on their own be a replacement for training? No. Nein. Non. Nah.

Read More

Topics: security awareness training, Phish

Is it a Phish? May the Fourth Be With You Edition

Posted by Elliot Volkman on May 4, '18

Welcome back to another episode of Is it a Phish? With today being Star Wars Day (May 4), we have decided to spice this up just a little bit by adding in a special themed lure in just for Sandy. Ah spoilers, it looks like you’re getting one freebie this week.

Read More

Topics: security awareness training, Phish, Is it a phish?

The 2018 Phishing Trends & Intelligence Report Now Available

Posted by Elliot Volkman on Apr 24, '18

Today we are excited to announce the release of PhishLab’s annual Phishing Trends and Intelligence (PTI) Report. This year’s report provides first-hand, in-depth data and analysis of the events and trends currently shaping the cybersecurity threat landscape.

As with past PTI reports, the goal of the information within is to provide the context and perspective needed to understand why changes are happening and how to better defend against rising threats.

Read More

Topics: Phish, PTI Report

Is It a Phish? April 20 Edition

Posted by Elliot Volkman on Apr 20, '18

As you are aware, phishing is certainly not a new cyber threat, yet it continues to be one of the most pervasive and costly to businesses and consumers. With nearly endless examples, we have decided to develop a new series that not only highlights some of these attacks, but also sharing helpful tips along the way for spotting them.

Read More

Topics: Phishing, Phishing Simulation, Phish

Security Awareness Training and How it Impacts Reported Suspicious Emails

Posted by Dane Boyd on Apr 19, '18

It should not be a surprise, but 95 percent of breaches come through phishing attacks. Nothing more than a simple lure email lands in one of your users inboxes, they click it, and everything unravels from there.

Read More

Topics: security awareness training, Phish, Threat Monitor

Understanding Google Chrome’s Upcoming https Changes

Posted by Elliot Volkman on Mar 6, '18

Can a single word create broad-sweeping implications to how we use the internet? It most certainly can, and an upcoming software update to Google Chrome may drive a false sense of security while shaming other sites all due to a single word: Secure.

Read More

Topics: Brand Abuse Lure, Phish, Google, https

You Reported a Potential Phish, Now What? [Webinar Recap]

Posted by Elliot Volkman on Dec 28, '17

Have you ever wondered what happens after a phish gets reported? Does it simply fall into a blackhole? That’s what PhishLabs set out to answer during this month’s webinar. 

As you are likely aware, 95 percent of data breaches, an event that occurs on a daily basis, are the direct result of phishing attacks. For as old as phishing is, it continues to be a cyber security threat because it continues to be effective and technology alone can’t combat email attacks. This is not to mention the rise in other phishing attempts through the likes of social media, messengers, and even gaming systems. 

Read More

Topics: Phish, Webinar, Threat Monitor

A Quarter of Phishing Attacks are Now Hosted on HTTPS Domains: Why?

The push for more widespread adoption of HTTPS has been in full-force this year as a way to increase the number of websites that securely transmit information on the Internet. In January, both Chrome and Firefox browsers began alerting users whenever sensitive information, such as passwords or credit card information, was entered on a non-HTTPS web page. In October, Google took this a step further by displaying a “Not Secure” label in the URL bar whenever a user enters any text on an HTTP website.

Read More

Topics: Threat Intelligence, Phishing Trends and Intelligence Report,, Phish

Enterprise Credential Theft: How to Spot a Phish

Today, we are going to look at a phish that takes advantage of the massive user base of Office 365 products. It’s safe to speculate that this phish is specifically targeting enterprise employees given most users of Office 365 products are using it for business purposes.

Read More

Topics: Phishing, Phish


What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Upcoming Events


Posts by Topic

see all