Recent Posts

Recent Blog Posts

The PhishLabs Blog

How To Change Security Behaviors: Social Media

Posted by Stacy Shelley on Jun 19, '18

Changing behaviors is never an overnight fix. There’s no special formula for an annual training session that will transform employees into security-savvy superhumans.

Read More

Topics: security awareness training

How To Change Security Behaviors: Identity Management

Posted by Elliot Volkman on May 31, '18

Account compromise is a big deal. Especially when it’s privileged account compromise.

Read More

Topics: security awareness training

Mobile Adoption is Setting Security Awareness Training Back

Posted by Elliot Volkman on May 24, '18

Phishing is one of the oldest forms of cyber attacks, but until recent years it was commonly thought of as an entirely desktop attack vector. This was primarily due to the flow of web traffic coming through laptops and desktop computers; however, the overtaking of mobile traffic has also drawn the attention of threat actors.

Read More

Topics: Mobile, security awareness training, Rogue Mobile Applications

Are Phishing Simulations a Replacement For Training? No.

Posted by Elliot Volkman on May 22, '18

Sending a simulated phishing attack is now more accessible than ever thanks to a recent update from Microsoft and the various other free offerings, and many organizations have been pushing them out for years.

Be it once a year, once a quarter, or once a month, these simulated phishing attacks both create awareness for your users and provide valuable feedback to an organization’s security team. However, can simulations on their own be a replacement for training? No. Nein. Non. Nah.

Read More

Topics: security awareness training, Phish

Is it a Phish? May the Fourth Be With You Edition

Posted by Elliot Volkman on May 4, '18

Welcome back to another episode of Is it a Phish? With today being Star Wars Day (May 4), we have decided to spice this up just a little bit by adding in a special themed lure in just for Sandy. Ah spoilers, it looks like you’re getting one freebie this week.

Read More

Topics: security awareness training, Phish, Is it a phish?

Security Awareness Training and How it Impacts Reported Suspicious Emails

Posted by Dane Boyd on Apr 19, '18

It should not be a surprise, but 95 percent of breaches come through phishing attacks. Nothing more than a simple lure email lands in one of your users inboxes, they click it, and everything unravels from there.

Read More

Topics: security awareness training, Phish, Threat Monitor

How To Avoid Bursting the Buy-In Bubble

Posted by Stacy Shelley on Apr 12, '18

You know the feeling.

You’re excited about something. It’s new, it’s interesting, and you’re ready to go.

But then something happens and all of a sudden that excitement just drains away, to be replaced with a resounding “Meh.”

Read More

Topics: Employee Defense Training, security awareness training

Webinar Announcement: Microlearning for Macro Results

Posted by Elliot Volkman on Feb 28, '18

Training and education models of the past are antiquated and ineffective, and when it comes to the risk of your company and clients that simply isn’t good enough.

Our webinar for March will focus on a new and improved education model that can be built out as part of an organization’s security awareness training.

Read More

Topics: security awareness training

The Case for 24/7 Threat Monitoring

Posted by Elliot Volkman on Feb 8, '18

You wake up, wipe the sleep away from your eyes, among the first things you do is to reach over and grab your phone. Your work day hasn’t officially begun, but you’re already looking through your emails. The night before? A similar process, but in reverse. According to a Good Technology survey, 68 percent of professionals check their work email before 8 am and another 50 percent check it while in bed. It doesn’t end there though, as 38 percent commonly break from the dinner table to look through their work emails, too.

Read More

Topics: security awareness training, Threat Monitor

7 Reasons Why Spotting a Phishing Email is Just the Beginning

Posted by Dane Boyd on Feb 6, '18

bigstock-Portrait-Of-Businessman-With-C-80860418.jpgIn most organizations, a user who can identify and delete phishing emails is considered a huge asset.

And, let’s be honest, they’re certainly a big step in the right direction. Users who can't spot a simple phishing email can easily jeopardize the security of an entire organization, even with a comprehensive set of technical security controls in place.

But in our eyes, there’s still a long way for these users to go. Deleted phish are better than clicked phish, but they shouldn’t be the end goal.

Read More

Topics: Phishing, Employee Defense Training, security awareness training

   

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Upcoming Events

Calendar_Mock_

Posts by Topic

see all