Collaborate Disseminate
It’s that time of year again.
A day of romance, crowded restaurants, overblown gestures of love, and…
Well. You get the idea.
For those of us in the security world there’s another, less enjoyable component to Valentine’s Da… Continue reading Who Says Holiday Romance is Dead? Catphishers, That’s Who
Wouldn’t it be great if every one of your users could be turned into an anti-phishing specialist?
Like sleeper agents, they’d be ready at any moment to drop their day jobs and sniff out every last malicious email that makes it past you… Continue reading The Targeted Approach to Anti-Phishing: Improving Core Skills
In observance of National Cyber Security Awareness month, we are releasing several videos to help employees and consumers spot a phish. In the second video, we take a look at the sender’s email address to help spot a potentially malicious email. To view all videos released in this series, visit this page: https://info.phishlabs.com/2017-cyber-security-awareness-month.
The post Email Sender Domain: How to Spot a Phish Video appeared first on Security Boulevard.
Continue reading Email Sender Domain: How to Spot a Phish Video
Historically, security awareness training (SAT) in the healthcare industry… isn’t great. In fact, if you start talking about SAT to a healthcare CISO, you can see the frustration on their face almost immediately.
Back in February we attended HIMSS, one of the biggest healthcare IT shows in the US. We wanted to find out exactly what healthcare providers needed from a SAT program, and show them that (done properly) SAT can have a tremendous positive effect on the operational security of healthcare organizations.
Continue reading Coming Soon – Healthcare Security Awareness Training, the 2017 Buyer’s Guide
In the fight against phishing, there’s far more to think about than simply blocking malicious email.
In fact, as a security vendor, our analysts spend a huge amount of time trying to disrupt the phishing landscape in a way that makes all of us safer.
Continue reading How Malicious Domain Correlation is Fueling the Fight Against Phishing
When you’re attempting to mitigate the risk of phishing, threat intelligence plays a vital role.
After all, what better way to predict and intercept future phishing attacks than by analyzing past attacks for patterns and indicators?
This post is the second in a series breaking down lessons learned from our recent consumer-focused phishing webinar. In the first post we covered the value of phishing intelligence, and explained how to use source code analysis to link individual phishing sites back to the phishing kits and actors responsible.
Continue reading How To use URL Pattern Analysis for Phishing Detection & Mitigation
If you want to protect your organization from phishing attacks, threat intelligence is a vital tool. From phish kits and phishing sites to individual email lures, there’s a huge amount to learn from each section of the phishing kill chain.
Last month we kicked off our new webinar series, in which we’ll be taking a deep dive into specific phishing attacks to help members of the infosec community understand precisely how and why each attack vector works.
Continue reading How Source Code Analysis Helps Defend Against Phishing
Mention security awareness training in a healthcare setting and stress levels start to rise.
But it doesn’t have to be that way.
Last month we attended HIMSS, one of the largest healthcare specific IT conferences in the US. We wanted to show healthcare providers that security awareness training doesn’t have to be a huge burden, and that (done well) it can have a profound impact on a healthcare organization’s security profile.
But to do that, we needed to have frank conversations with as many healthcare providers as possible. We needed to find out what healthcare security professionals require from their security awareness training in terms of structure, content, and results.
And that’s exactly what we did.
Over the last decade phishing has exploded. Volume has increased every year, with threat actors reliably focusing the majority of their efforts on the same five or six industries.
It was a serious threat, of course, but it had become somewhat… predictable.
But in 2016, some major changes occurred. In just 12 months, the entire phishing landscape shifted.
Continue reading How and Why the Phishing Threat Landscape Has Changed
In late 2015, malware trends hinted a ransomware epidemic was on its way.
And what happened? Less than three months into 2016, security analysts had branded it the ‘year of ransomware’.
Even popular media outlets were covering ransomware cases on an almost daily basis, and both consumers and businesses the world over would come to understand exactly what the word ransomware really means.
So what happened? After all, ransomware has been around for decades, so why the sudden explosion?
Continue reading Picking on the Little Guy: Ransomware Trends