Products
Products
Awareness
Awareness
Cofense PhishMe
Cofense LMS
Detection
Detection
Cofense Reporter
Cofense Triage
Response
Response
Cofense Vision
Cofense PDC
Intelligence
Intelligence
Cofense Intelligence
Solutions
Solutions
Solutions by Industry
Solutions By Industry
Critical Infrastucture
Financial Services
US Federal Government
Healthcare
Higher Education
Legal & Professional Services
Manufacturing
Energy/Utilities
Technology
Retail
Solutions by Topic
Solutions by Topic
Phishing Defense
Incident Response
Security Awareness
Compliance Resources
Election Security
Anti-Phishing
Phishing Training
Solutions by Role
Solutions by Role
Security Leadership
Incident Response
Threat Intelligence
Security Awareness
About Cofense
About Cofense
Our Company
Our Company
About Us
Events
Awards
Investors
Careers
News Center
Cofense Labs
Cofense Dev
Leadership
Leadership
Management Team
Board of Directors
Learn More
Learn More
FAQs for PhishMe Submerge
Registration & Event Information How do I register? Please use the…
Learn More
Free Tools
Free Tools
Build Resilience
Build Resilience
Email Gateway Infocenter
Coronavirus Infocenter
Remote Work Infocenter
Cofense CBFree
Create Transparency
Create Transparency
Real Phishing Examples & Threats
CloudSeeker
Speed Response
Speed Response
Threat Alerts
Resources
Resources
Resource Library
Resource Library
All Resources
Whitepapers
Videos
Infographics
Webinars
Podcasts
Resources by Topic
Resource by Topic
Security Awareness
Ransomware
Sextortion
Email Gateways
Community & News
Community & News
User Community
Blog
News & Press Releases
Request a Demo

Cofense Blog

STAY CURRENT ON INDUSTRY TRENDS & COFENSE NEWS

How phishing will forever be a problem

October 22, 2020 by Cofense in Phishing

Two-plus decades ago Aaron Higbee, now Cofense CTO and co-founder, was hired by a company to help counter their exploding email spam problem, a role that evolved to addressing other internet-abuse issues. He took on threat tactics that evaded technical controls, and he never looked back.    Aaron shares what he learned in his article, My ‘Ah-Ha’ Moment: Phishing Will Forever Be A Problem, published by the Forbes Technology Council. In the article, he discusses what he‘s seen and uncovered about phishing attacks on organizations during his lengthy career in cybersecurity.   In particular, Aaron mentions that he has learned: “…technologies can’t predict the future and that when attackers are sufficiently frustrated by an emerging preventative control, they will innovate around it.” But that by, “Actively training users to report suspicious...

READ MORE

Exploiting the Current COVID-19 Health Crisis Through Multiple Email Providers

October 22, 2020 by Cofense in Phishing

READ MORE

Mandatory Internal Company Communications: The Best Time to Phish

October 20, 2020 by Cofense in Phishing

READ MORE

FISSEA Recognizes Cofense with the Best Security Blog Award

October 19, 2020 by Michael Callahan in Phishing

This week, the Cofense blog post, Invoice Themed Phishing Emails Are Spreading from Trusted Links, was named 2020 Best Security Blog by Federal Information Security Educators (FISSEA). Founded in 1987, FISSEA is an organization run by and for federal government information security professionals to assist federal agencies in strengthening employee cybersecurity awareness and training programs. Each year – with dozens of entries in varied categories – FISSEA recognizes a best entry in the FISSEA Training Exercise Contest. To meet the criteria, training exercises must have a security theme and be a part of an organization’s current security training program. Judging is based on originality, security message and graphic concept.  “We are honored to be recognized for our efforts to help companies find and remove phish in their environments,” said Michael Callahan, Cofense SVP...

READ MORE

Where Do Security Awareness Programs Belong on the Org Chart?

October 19, 2020 by Tonia Dudley in Phishing

READ MORE

“We’re Grateful For The Trust!”

October 16, 2020 by Cofense in Phishing

READ MORE

Phish Found in Proofpoint-Protected Environments – Week ending October 23, 2020

October 23, 2020 by Cofense in PhishingProofpointSEG Misses

READ MORE

Phish Found in Proofpoint-Protected Environments – Week Ending October 16, 2020

October 16, 2020 by Cofense in PhishingProofpointSEG Misses

READ MORE

Threat Actors Use Canva Templates for Credential Phishing

October 14, 2020 by Cofense in Phishing

READ MORE

Security Awareness: Choosing Methods and Content that Work

October 12, 2020 by Tonia Dudley in Phishing

READ MORE

GuLoader Rises as a Top Malware Delivery Mechanism in Phishing

July 31, 2020 by Cofense in PhishingThreat Intelligence

READ MORE

“You’re Invited!” to Phishing Links Inside .ics Calendar Attachments

June 25, 2020 by Cofense in SEG MissesMicrosoft 365PhishingPhishing Defense CenterProofpoint

READ MORE

Practice Makes Perfect

June 19, 2020 by Cofense in SEG MissesPhishingPhishing Defense CenterProofpoint

READ MORE

New Mass Logger Malware Could Be Massive

June 10, 2020 by Cofense in Threat IntelligencePhishing

READ MORE

Zoom Phish Zooming Through Inboxes Amid Pandemic

June 10, 2020 by Cofense in SEG MissesCisco IronPortInternet Security AwarenessMicrosoft 365PhishingPhishing Defense CenterProofpoint

READ MORE

Phishers Cast a Wider Net in the African Banking Sector

May 29, 2020 by Cofense in SEG MissesMicrosoft 365PhishingPhishing Defense CenterProofpoint

READ MORE

MFA Bypass Phish Caught: OAuth2 Grants Access to User Data Without a Password

May 18, 2020 by Cofense in SEG MissesMicrosoft 365 EOPPhishingPhishing Defense CenterSymantec

READ MORE

A Not So Relieving Tax Relief Email: Threat Actors Take Aim at US Stimulus Efforts

May 8, 2020 by Cofense in SEG MissesMicrosoft 365 EOPPhishingPhishing Defense CenterProofpoint

READ MORE

Phishers Continue to Spoof WebEx

May 7, 2020 by Cofense in SEG MissesCisco IronPortMicrosoft 365 EOPPhishingPhishing Defense Center

READ MORE

Available Today: The Cofense Intelligence Q1 2020 Phishing Review

April 21, 2020 by Cofense in PhishingThreat Intelligence

READ MORE

How phishing will forever be a problem

October 22, 2020 by Cofense in Phishing

Two-plus decades ago Aaron Higbee, now Cofense CTO and co-founder, was hired by a company to help counter their exploding email spam problem, a role that evolved to addressing other internet-abuse issues. He took on threat tactics that evaded technical controls, and he never looked back.    Aaron shares what he learned in his article, My ‘Ah-Ha’ Moment: Phishing Will Forever Be A Problem, published by the Forbes Technology Council. In the article, he discusses what he‘s seen and uncovered about phishing attacks on organizations during his lengthy career in cybersecurity.   In particular, Aaron mentions that he has learned: “…technologies can’t predict the future and that when attackers are sufficiently frustrated by an emerging preventative control, they will innovate around it.” But that by, “Actively training users to report suspicious...

READ MORE

Exploiting the Current COVID-19 Health Crisis Through Multiple Email Providers

October 22, 2020 by Cofense in Phishing

READ MORE

Mandatory Internal Company Communications: The Best Time to Phish

October 20, 2020 by Cofense in Phishing

READ MORE

FISSEA Recognizes Cofense with the Best Security Blog Award

October 19, 2020 by Michael Callahan in Phishing

This week, the Cofense blog post, Invoice Themed Phishing Emails Are Spreading from Trusted Links, was named 2020 Best Security Blog by Federal Information Security Educators (FISSEA). Founded in 1987, FISSEA is an organization run by and for federal government information security professionals to assist federal agencies in strengthening employee cybersecurity awareness and training programs. Each year – with dozens of entries in varied categories – FISSEA recognizes a best entry in the FISSEA Training Exercise Contest. To meet the criteria, training exercises must have a security theme and be a part of an organization’s current security training program. Judging is based on originality, security message and graphic concept.  “We are honored to be recognized for our efforts to help companies find and remove phish in their environments,” said Michael Callahan, Cofense SVP...

READ MORE

Where Do Security Awareness Programs Belong on the Org Chart?

October 19, 2020 by Tonia Dudley in Phishing

READ MORE

“We’re Grateful For The Trust!”

October 16, 2020 by Cofense in Phishing

READ MORE

Phish Found in Proofpoint-Protected Environments – Week ending October 23, 2020

October 23, 2020 by Cofense in PhishingProofpointSEG Misses

READ MORE

Phish Found in Proofpoint-Protected Environments – Week Ending October 16, 2020

October 16, 2020 by Cofense in PhishingProofpointSEG Misses

READ MORE

Threat Actors Use Canva Templates for Credential Phishing

October 14, 2020 by Cofense in Phishing

READ MORE

Security Awareness: Choosing Methods and Content that Work

October 12, 2020 by Tonia Dudley in Phishing

READ MORE

“You’re Invited!” to Phishing Links Inside .ics Calendar Attachments

June 25, 2020 by Cofense in SEG MissesMicrosoft 365PhishingPhishing Defense CenterProofpoint

READ MORE

Practice Makes Perfect

June 19, 2020 by Cofense in SEG MissesPhishingPhishing Defense CenterProofpoint

READ MORE

Zoom Phish Zooming Through Inboxes Amid Pandemic

June 10, 2020 by Cofense in SEG MissesCisco IronPortInternet Security AwarenessMicrosoft 365PhishingPhishing Defense CenterProofpoint

READ MORE

Phishers Cast a Wider Net in the African Banking Sector

May 29, 2020 by Cofense in SEG MissesMicrosoft 365PhishingPhishing Defense CenterProofpoint

READ MORE

MFA Bypass Phish Caught: OAuth2 Grants Access to User Data Without a Password

May 18, 2020 by Cofense in SEG MissesMicrosoft 365 EOPPhishingPhishing Defense CenterSymantec

READ MORE

A Not So Relieving Tax Relief Email: Threat Actors Take Aim at US Stimulus Efforts

May 8, 2020 by Cofense in SEG MissesMicrosoft 365 EOPPhishingPhishing Defense CenterProofpoint

READ MORE

Phishers Continue to Spoof WebEx

May 7, 2020 by Cofense in SEG MissesCisco IronPortMicrosoft 365 EOPPhishingPhishing Defense Center

READ MORE

Want to simulate a holiday phish? This one’s from your friends at Emotet.

December 23, 2019 by Cofense in PhishingCofense Solutions

By Tonia Dudley Tis the season when organizations are looking to send out the year’s last phishing simulation. Often the Security Awareness team lands on a holiday theme – holiday party, holiday raffle, or even the fun ugly sweater lure. In the past, when I worked with teams to advance their phishing defense programs, I would recommend staying away from holiday themed scenarios. I’ll explain why in a moment. But my opinion has changed, thanks to the threat actors behind Emotet.

READ MORE

Trickbot Is Using Google Docs to Trick Proofpoint’s Gateway

August 29, 2019 by Cofense in Phishing Defense CenterProofpointSEG Misses

READ MORE

Remote Access Trojan Uses Sendgrid to Slip through Proofpoint

August 14, 2019 by Marcel Feller in Phishing Defense CenterProofpointSEG Misses

The CofenseTM Phishing Defense CenterTM observed a malware campaign masquerading as an email complaint from the Better Business Bureau to deliver the notorious Orcus RAT, part of the free DNS domain ChickenKiller which we blogged about in 2015. Here’s how it works:

READ MORE

Cofense Headquarters

1602 Village Market Blvd, SE #400
Leesburg, VA 20175
Tel: 1-888-304-9422

Sitemap
Copyright © 2020 Cofense. All rights reserved.

Privacy Policy | Legal

Under 500 employees?

Cofense PhishMe Free, our no-cost phishing defense solution, was created just for you!

Sign up for your free account