It’s fitting that National Security Awareness Month ends on Halloween. It’s the time to contemplate scary things, whether ghouls, men in lederhosen stumbling about with steins or the real deal, phishing emails loaded with ransomware.
BY MIKE SAURBAUGH AND GEOFF SINGER Visualize Phishing Relationships with PhishMe Intelligence™ and Maltego Fishing (without the “P”) is not a lot of fun when you just drop a line in the water and hope for the best. When fishermen want to see where the fish are, they look to the fish finder on the bridge to “look underwater” to find schools of fish. Similarly, when an analyst is looking to “catch” a phishing campaign, correlating the attacker’s campaigns and their payloads can benefit by being able to visually graph and link phishing threats. PhishMe Intelligence combined with Maltego can...
Do we really need another Halloween-themed security blog? Yep. We do. Not because our edgiest holiday triggers more cyber threats. No, Halloween season is scary because it’s been absorbed by the winter holidays—the spendiest, cyber-riskiest time on the retail calendar, beginning in mid-September and lasting until…it ends, right?
When considering your organization’s response to a simulated phish, it is critical to understand that we are emulating / practicing for real life events with the purpose of conditioning appropriate response patterns in our user base.
PhishMe has been named a consecutive leader in Gartner’s 2017 Security Awareness Computer-Based Training Magic Quadrant. It’s the second year we’ve been recognized as a leader and positioned highest in “ability to execute.”
In early 2017, the Sage ransomware distinguished itself with a fresh take on the business model for criminal ransomware operations. Built with an engaging, intuitive user interface for requesting the ransom payment, it also reinforced the fact criminals are willing to invest in developing new versions of established ransomware tools. Sage has reasserted itself as a relevant player on the already-saturated ransomware threat landscape with version 2.2.
PhishMe®’s Phishing Defence Centre has observed multiple emails with a subject line that includes a reference to tax declarations in Switzerland (Original subject in German: “Fragen zu der Einkommensteuerklaerung”) as shown in Figure 1. The sender pretends to be a tax officer working for the tax administration (Eidgenoessische Steuerverwaltung ESTV) and is asking the victim to open the attached file to answer questions about the tax declaration.
Part 4 in a weekly blog series, “How Attackers Target Trust,” running during October, National Cyber Security Awareness Month and European Cyber Security Month. Over the past decade, mobile phones and social media have become essential to how we ingest news and communicate friends and families.
Last fall, PhishMe® warned you about scams that use phishing to steal your health savings account (HSA) details during open enrollment periods. This year we are seeing a variety of phishing scams that can take advantage of your year-end diligence in managing personal and corporate assets.
With it being flu season, no one wants to hear that a new strain of the flu has been discovered. Just as network defenders will not be excited that Locky ransomware has evolved yet again. This time however, threat actors decided to add a darker theme to code.