Recent Posts

Recent Blog Posts

The PhishLabs Blog

Security Awareness Training and How it Impacts Reported Suspicious Emails

Posted by Dane Boyd on Apr 19, '18

It should not be a surprise, but 95 percent of breaches come through phishing attacks. Nothing more than a simple lure email lands in one of your users inboxes, they click it, and everything unravels from there.

Read More

Topics: security awareness training, Phish, Threat Monitor

Qadars: Modular Features That Make This a True Threat

Posted by Elliot Volkman on Feb 27, '18

In January we released an in-depth technical white paper that pulls apart the Qadars Banking Trojan, a threat that targets financial institutions, POS systems, and even popular online gaming sites.

There was a great deal of information, including just how much effort our R.A.I.D. team had to put into reverse-engineer the malware, which is why we wanted to further highlight exactly why this trojan is such a threat.

Read More

Topics: Qadars, Threat Monitor

How Security Teams Handle Malware Analysis

Posted by Elliot Volkman on Feb 16, '18

During our webinar focused on the Qadars Banking Trojan there was a great deal of analysis provided on just how evasive the threat is.  This begs the question, how does your team handle malware analysis?

Read More

Topics: Phishing, Qadars, Threat Monitor

The Case for 24/7 Threat Monitoring

Posted by Elliot Volkman on Feb 8, '18

You wake up, wipe the sleep away from your eyes, among the first things you do is to reach over and grab your phone. Your work day hasn’t officially begun, but you’re already looking through your emails. The night before? A similar process, but in reverse. According to a Good Technology survey, 68 percent of professionals check their work email before 8 am and another 50 percent check it while in bed. It doesn’t end there though, as 38 percent commonly break from the dinner table to look through their work emails, too.

Read More

Topics: security awareness training, Threat Monitor

Why Timely Analysis of Reported Emails Matters

Posted by Elliot Volkman on Feb 1, '18

When your employees and team report suspicious emails, it’s an indicator that the security awareness training in place is having a positive effect.

Regardless of the email being spam or legitimate, just a single thwarted attack can make the difference between a slight headache or irreparable financial damage. However, this process is a two-way street, and timely analysis of said reported email is important for several reasons, especially for risk mitigation and improving training effectiveness.

To drive home how important the timely analysis of reported emails is we spoke to our Founder and CTO, John LaCour.

Read More

Topics: Threat Monitor

The 11 Types of Reported Emails

Posted by Elliot Volkman on Jan 18, '18

You receive an email, you are unfamiliar with the sender’s name or email address, and they are offering you a new service or deal on something. Is it malicious? Not necessarily. Perhaps you forgot about signing up for a newsletter a while back.

Read More

Topics: Phishing, security awareness training, Threat Monitor

What Type of Emails Get Reported the Most?

Posted by Elliot Volkman on Jan 16, '18

In anticipation of our previous threat monitoring and forensics webinar we asked the Twitterverse what happens after they report a suspicious email. Does it fall into a black hole? Does IT check it out to mitigate potential impact? The results are in, and interestingly a majority of polled respondents simply don’t know what happens to their emails after they report it.

Read More

Topics: security awareness training, business email compromise, Threat Monitor

You Reported a Potential Phish, Now What? [Webinar Recap]

Posted by Elliot Volkman on Dec 28, '17

Have you ever wondered what happens after a phish gets reported? Does it simply fall into a blackhole? That’s what PhishLabs set out to answer during this month’s webinar. 

As you are likely aware, 95 percent of data breaches, an event that occurs on a daily basis, are the direct result of phishing attacks. For as old as phishing is, it continues to be a cyber security threat because it continues to be effective and technology alone can’t combat email attacks. This is not to mention the rise in other phishing attempts through the likes of social media, messengers, and even gaming systems. 

Read More

Topics: Phish, Webinar, Threat Monitor

   

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Upcoming Events

Calendar_Mock_

Posts by Topic

see all