Recent Posts

Recent Blog Posts

The PhishLabs Blog

Is It a Phish? April 20 Edition

Posted by Elliot Volkman on Apr 20, '18

As you are aware, phishing is certainly not a new cyber threat, yet it continues to be one of the most pervasive and costly to businesses and consumers. With nearly endless examples, we have decided to develop a new series that not only highlights some of these attacks, but also sharing helpful tips along the way for spotting them.

Read More

Topics: Phishing, Phishing Simulation, Phish

Getting Past Gotcha: Reframing Anti-Phishing Training

Posted by Dane Boyd on Jan 9, '18

If you’ve been following our blog for a while, you’ll already be aware of our stance on anti-phishing training.

Experience has taught us that the only way to reliably improve a user’s ability to spot and report phishing emails is to test them in the real world. To put it another way, they need to see realistic phishing emails in their inbox on a regular basis… and you need to put them there.

It’s tempting (oh so tempting…) to treat this as a gotcha exercise.

Read More

Topics: Phishing, Phishing Simulation, security awareness training

What Makes a Good Simulated Phish?

Posted by Stephanie Fauvelle on Mar 31, '16


If your security awareness training provider offers personal banking phishing templates, then it’s a good idea to re-think your provider. Why? Because phishers aren’t sending fraudulent banking alerts to corporate accounts. Besides, who links their bank account to their work email anyway? Phishers continue to up their game, moving away from sloppy phishing emails ripe with spelling mistakes and other recognizable signs to sending craftier, what we’ll call, “lite” spear phish.

Read More

Topics: T2, Phishing Simulation, Employee Defense Training, EDT

Building a Business Case for Effective Security Awareness Training

Posted by Jenny Dowd on Mar 18, '16

Security education programs are sometimes mandated, always important, and often difficult to justify the investment. It is easy to get the powers that be to sign off on a once-per-year security awareness training program that will satisfy compliance requirements, but we all know by now that compliance does not equal security.

The Information Security Forum (ISF) has defined information security awareness as an ongoing process of learning that is meaningful to recipients, and delivers measurable benefits to the organization from lasting behavioral change.

So to achieve this, a bigger investment, in both time and money, is needed to implement a continuous security awareness training program that is effective at changing employee behavior – one that includes ongoing simulation training. More money, more time invested, and a goal to change employee behavior means more stakeholder approval will be required.

Read More

Topics: Awareness Training, T2, Phishing Simulation, Employee Defense Training

The first spear phishing protection solution driven by real-world intelligence

Posted by John LaCour on Feb 2, '16

Today we announced a new solution that I believe will transform how organizations counter spear phishing attacks. We call it T2 Spear Phishing Protection, and it takes advantage of our deep insight into phishing attacks to prepare organizations for the real-world attacks they're most likely to be targeted with, and then mitigate those attacks before damage is done. To do this, it enlists employees in the defensive network and uses our 24/7 SOC to analyze and respond to threats.  

Read More

Topics: Spear Phishing, Awareness Training, T2, Phishing Simulation


What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Upcoming Events


Posts by Topic

see all