About Cofense
About Cofense
FAQs for PhishMe Submerge
Registration & Event Information How do I register? Please use the…
Learn More

Cofense Blog


Phishing ‘tests’ are… USELESS

June 24, 2016 by Cofense in Phishing

While perusing, a well-known social hotbed of ‘intellectual superiority’, I came across the following string: *sigh* Asked by the boss man to phish the team… What I discovered is what appears to be a never ending lamentation on the ‘uselessness’ of phishing tests. I couldn’t agree more.  Phishing ‘tests’ are indeed useless.


PhishMe Ranked #1 ‘Best Place to Work’ by Washington Business Journal

June 22, 2016 by Cofense in Phishing

PhishMe is proud to announce it has been honored as the best large company to work for in the Washington D.C area, following a prestigious annual employee engagement survey. The Washington Business Journal ranked PhishMe #1 in the ‘large companies’ category, the first time the organization has been honored with the title, having surveyed 85 local firms.


Phishing and Ransomware Threats Soared in Q1 2016

June 9, 2016 by Aaron Higbee in Phishing

Any hopes, however remote, that 2016 might bring relief from the troubling phishing trends prevalent in 2015 have been conclusively dashed by a thorough analysis of malware threats in the first quarter of this year. Not only has phishing intensified, but it’s also increasingly used to deliver ransomware.


PhishMe Launches New ‘Active Threats’ Phishing Simulations To Help Combat Ransomware

June 8, 2016 by Cofense in Cofense NewsPhishingPress Releases

Global leader in enterprise phishing defense and intelligence unveils highly anticipated update to help organizations resist Ransomware, Business Email Compromise (BEC) and other timely threats  LEESBURG, VA – London, UK – June 8 2016 – PhishMe Inc., the leading provider of human phishing defense solutions, announced today the integration of critical content into PhishMe Simulator™ to help prepare employees for trending phishing attacks and damaging payloads. The Active Threats update allows operators to quickly utilize phishing templates based on current real-world attacks that are targeting organizations, such as Business Email Compromise (BEC) and Ransomware. Simulating these types of attacks ensures...


2016 Q1 Malware Review – Available Now

June 1, 2016 by Cofense in Malware AnalysisCofense News

Today, our research team released our 2016 Q1 Malware Review, detailing more than 600 Active Threat Reports and the waves of phishing emails that delivered malware to victims across the globe each day last quarter. Among the sea of threats reported, the proliferation of ransomware stood out as one of the most common types of malware used through soft targeting and massively distributed attacks.


New Tactic Bypasses Existing Security Controls – Most Recent PayPal Phish Reveals Stealthy HTML Attachment

May 25, 2016 by Heather McCalley in Phishing

Incident response is always a cat and mouse game.  Organizations spend heavily on people and technology to help protect their enterprise, while threat actors continue to find new and unique ways to bypass those controls.  We’ve seen this trend continue over time, whether it be with the shift to MHTML files by Locky or the delivery of malicious PowerPoint show files.  The PhishMe intelligence team has noticed another change, this one by the actors who are phishing for login credentials, and their tactics reveal that they are actively working to bypass security controls.


Ransomware targeting US Congress specifically? Probably not.

May 24, 2016 by Cofense in Phishing

In another highly visible ransomware event, Techcrunch recently reported that Congress was warned about ransomware attacks that were impacting the House of Representatives. While ransomware is by no means new, Congress was warned that these attacks were personalized and are specifically targeting third-party email services such as Yahoo or Gmail. Additionally, Congress was warned that their machine could be encrypted by simply clicking the link within the message.


Bolek: Leaked Carberp KBot Source Code Complicit in New Phishing Campaigns

May 19, 2016 by Cofense in Phishing

Reuse of infrastructure supporting malware distribution is a well-documented characteristic of online crime and a key way to track and classify threat actors. While it may seem simplistic for monitoring threat actor activities, the IP addresses, domains, hostnames, and URLs contacted by malware tools betray a significant amount of information about threat actor groups. For some malware attacks, it’s possible to determine the threat actor’s identity based on the infrastructure used, but, other times, the lines are blurred because some organizations harbor cyber criminals.


You spoke, we listened: What’s new for CBFree

May 12, 2016 by Cofense in Internet Security Awareness

You spoke…we listened. PhishMe CBFree Computer Based Learning modules launched in October 2015 and was extremely well received among users.  As an initial launch, we listened heavily to our customer’s feedback and have a new set of modules.


User Awareness: A Growing Concern Among Organizations

September 6, 2011 by Cofense in Internet Security Awareness

Phishing has always been a challenge for companies, but in recent months high profile breaches have cast a bright light on a more pressing aspect of the phishing threat – user awareness; or the lack there of! The reason phishing attacks are so effective is because most employees have a basic level of phishing awareness. Companies attending recent events such as Black Hat and SANSFIRE, reiterate a common theme; “we need more effective ways to increase our employees’ awareness to help minimize the success of phishing attacks.” Once thought of as a threat that could be mitigated simply by an...


Spear Phishing Impersonators: Beware of familiar names from free email services

July 29, 2011 by Cofense in Phishing

There is a common spear phishing tactic that we help our PhishMe customers combat, and that is attackers using familiar names with fake free webmail accounts. The attacker wants to break into Widget, Inc.  The first thing they do is research Widget, Inc., looking business units who may have access to the information assets they are targeting.  Once they have picked their target, they need familiar names to make their spear phish more enticing to the eventual victim. They will pick a real name inside of Widget, Inc, that will serve as the From: line of the spear phishing email. Sometimes...


Phishing and Spear-Phishing and APTs, oh my!

April 22, 2011 by Cofense in Phishing

With all of the media coverage on the recent flurry of successful phishing attacks targeting RSA, Epsilon’s clients and their customers, and Oak Ridge, it’s come to our attention that the fire hose of terms might leave some people confused.  We thought it might be a good opportunity to explain what some of these terms are (and aren’t). Phishing Phishing essentially boils down to an adversary tricking a victim into doing something. Email is, by far, the most common medium used but others are certainly possible (snail mail, telephone calls, etc.). A traditional consumer email phish is what most of...


RSA breach: Lessons Learnt

April 18, 2011 by Cofense in Internet Security AwarenessPhishing

Most of you have probably heard about the “RSA hack” by now. It was hot news three weeks ago when an employee at RSA fell prey to a targeted phishing attack as explained in this blog post: . A couple of issues highlighted in this article really caught my attention. The article states – “These companies deploy any imaginable combination of state-of-the-art perimeter and end-point security controls, and use all imaginable combinations of security operations and security controls. Yet still the determined attackers find their way in. What does that tell you?“.  That tells me that technology by-itself is...


Solve spear phishing with another appliance?

April 15, 2011 by Cofense in Phishing

Have a spear phishing problem? You are not alone.  Spend some time at the excellent contagio malware dump blog: So how is the multiple racks of endpoint security malware detection equipment protecting you today? If namelist.xls was emailed into your organization, how would you fare?


Education vs. Technology

April 14, 2011 by Cofense in Internet Security Awareness

Trusteer recently released a study containing the results of a spear phishing test against 100 LinkedIn users. Their findings had a 68% failure rate. While a 68% failure rate seems high, it is not an unusual number for a group that has received no prior education or training in how to spot phishing – or at least training that is meant to be effective. We know this based on having sent well over a million spear phishing emails to employees of corporations across multiple industry verticals. Trusteer, a company that specializes in the creation of information security software products, stated...



April 12, 2011 by Cofense in Internet Security Awareness

This is the official rebirth of our blog. For a while now, this blog lay dormant, while the team at PhishMe was anything but. Sales and Marketing has been trying to keep up with the interest while Dev, Operations, and support have consistently delivered the most cutting edge phishing awareness services on the market. It’s a pity the blog hasn’t kept up because we have a lot of interesting thoughts and statistics to share, better late than never. Stay tuned for the latest on phishing news, our lessons learnt from successfully training people to thwart targeted phishing, and anything else we feel like rambling...


RSA Conference: Circus of Vendors

April 16, 2008 by Rohyt Belani in Phishing

In past years I never attended the RSA conference; it always came across as too much of a vendor show to me. This year I didn’t think I would go, until rsnake convinced me otherwise. So I bought myself an Expo Only pass. I had a lot of fun, meeting old time buddies from Foundstone and Mandiant, a bunch of clients, and partners. But I had the most fun just watching the show on the Expo floor. Must have been 300 booths and a gazillion sales people swarming them with those annoying mics trying to outspeak each other like barkers outside...


SCADA hacking? What if they used

April 10, 2008 by Cofense in Internet Security Awareness

At this year’s RSA conference Ira Winkler went on to tell the audience about hacking into an energy company (via an authorized penetration test) using a targeted phishing email. Details are in this networkwold article: “The penetration team started by tapping into distribution lists for SCADA user groups, where they harvested the e-mail addresses of people who worked for the target power company. They sent the workers an e-mail about a plan to cut their benefits and included a link to a Web site where they could find out more.” Are we surprised they were successful? Absolutely not. We’ve...


Whitepaper: The State of Information Security 2008

February 8, 2008 by Aaron Higbee in Internet Security Awareness

I just got back from The Credit Union Information Security Professionals Association 3rd annual National event in Austin Texas where Rohyt and I were talking to the folks about I have never attended a CUISPA event before and welcomed the opportunity. It was refreshing to see this industry work together. Credit unions don’t have the budgets larger institutions do and many of their technologists wear multiple hats. Security is a group effort. (as it should be) Two major takeaways I had from the conference: 1.) Credit Union security professionals have a can-do attitude and value networking with their peers...