The PhishLabs Blog

Why Security Awareness Training – Alone – Doesn’t Solve the Spear Phishing Problem

Posted by Jon Hilfiger on Jul 14, '16

Every CISO, in every industry, is aware that spear phishing can be a problem – a big one – despite millions of dollars invested in (necessary) layers of technology defenses. In May 2016, CSO Online reported ANOTHER three firms were hit by targeted phishing attacks – attacks that stole employees W2 data. I guarantee all of these firms had security devices in place on their networks. These attacks were a form of social engineering that bypasses traditional security technologies and much can be done to help enlist employees to be part of any company’s overall defense. Many CISO’s have done just that - taken steps to ensure their employees are aware and work to reduce the likelihood of opening a malicious email. But, this still isn’t solving the spear phishing problem. Companies have been conducting varying degrees of security awareness training for years. But, the attacks are still happening and they are successful in spite of the training. So, what is a well-intentioned CISO to do? Give up? Train more? Find a better training approach?

Read More

Topics: Threat Intelligence, Spear Phishing Protection, T2, Employee Defense Training

Is Security Awareness Training a waste of your money?

Posted by Stephanie Fauvelle on Feb 9, '16

With all of the companies out there offering their latest and greatest security awareness training products, it’s worth asking, is this a waste of my company’s money? Jerry Bell and Andrew Kalat, from the Defensive Security Podcast, argue that expecting your employees to be your first line of defense is “completely BS.” They believe that implementing a security awareness training program that includes simulated phishing tests gives a false sense of hope and ultimately, isn’t worth the money. What does the evidence say? 

Read More

Topics: Phishing, Spear Phishing Protection, T2, Employee Defense Training, security awareness training

Spear Phishing Attack Intelligence

Posted by Lindsey Havens on Nov 4, '15

To help security leaders strategically manage their defensive posture, we have created a framework that spans relevant security layers from the start of an attack to its resolution. When applied, this framework helps organizations:

Read More

Topics: Spear Phishing Protection

Camera DDoS Attacks, New BEC Strategies, TalkTalk Hack Arrests, and more | TWIC - October 30, 2015

Posted by Lindsey Havens on Oct 30, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Phishing, PhishLabs, DDoS, Fraud, Exploit, Strategy, The Week in Cybercrime, Data Breach, Botnet, Hacked, Spear Phishing Protection, Breach

Rapid Mitigation of Spear Phishing Attacks

Posted by Lindsey Havens on Oct 27, '15

To help security leaders strategically manage their defensive posture, we have created a framework that spans relevant security layers from the start of an attack to its resolution. When applied, this framework helps organizations:

Read More

Topics: Spear Phishing Protection

High Schooler Hacks, Financial Security Weaknesses/Developments, Dark Web Pricing, and more | TWIC - October 23, 2015

Posted by Lindsey Havens on Oct 23, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Phishing, Malware, Fraud, Exploit, Strategy, Vulnerability, The Week in Cybercrime, Hacked, Patch, Spear Phishing Protection

Analyzing Spear Phishing Attacks

Posted by Lindsey Havens on Oct 20, '15

To help security leaders strategically manage their defensive posture, we have created a framework that spans relevant security layers from the start of an attack to its resolution. When applied, this framework helps organizations:

Read More

Topics: Spear Phishing Protection

Stolen Military Information, ATM Fraud Prevention, Dridex Botnet Takedown, and more | TWIC - October 16, 2015

Posted by Lindsey Havens on Oct 16, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Phishing, Malware, Fraud, Exploit, Strategy, Adobe, Hacker Tools, The Week in Cybercrime, Hacked, Patch, Spear Phishing Protection

Detecting Spear Phishing Attacks that Slip Past Defenses

Posted by Lindsey Havens on Oct 15, '15

To help security leaders strategically manage their defensive posture, we have created a framework that spans relevant security layers from the start of an attack to its resolution. When applied, this framework helps organizations:

Read More

Topics: Spear Phishing Protection

Social Engineering Attacks, End-to-End Encryption Laws, Experian Hack, and more | TWIC - October 9, 2015

Posted by Lindsey Havens on Oct 9, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Phishing, Malware, Exploit, Strategy, Hacker Tools, The Week in Cybercrime, Hacked, Spear Phishing Protection, Breach

   

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Upcoming Events

Calendar_Mock_