Products
Products
Detection
Intelligence
About Cofense
About Cofense
Leadership
Free Tools
Free Tools
Build Resilience
Create Transparency
Speed Response

COFENSE PHISHING PREVENTION & EMAIL SECURITY BLOG

STAY CURRENT ON INDUSTRY TRENDS & COFENSE NEWS

Phishless Christmas Halfway Point Update

December 19, 2012 by Cofense in Phishing

We’re at the halfway point of our 12 Days of Phishless Christmas campaign, and we have been having a great time interacting with our followers while also raising money for some great charities. We’d like to recognize our first five winners, as well as the charities they have chosen for their donations.

READ MORE

On the first day of Phishless Christmas, PhishMe gave to me…

December 13, 2012 by Cofense in Phishing

It’s been an excellent year for us all here at PhishMe, and to celebrate the holidays and give thanks, we’re giving our followers a chance to earn money for charity through what we are calling the 12 Days of Phishless Christmas. Starting Friday, December 14, and continuing each day until Christmas Day, we’ll be tweeting every day with a new opportunity for our followers to win a donation to charity in their name.

READ MORE

What Trend Micro’s research means for organizations

November 29, 2012 by Rohyt Belani in Malware AnalysisPhishingThreat Intelligence

Trend Micro has just published research confirming what we at PhishMe already knew – spear phishing is the top threat to enterprise security. Trend Micro’s report estimates that spear phishing accounts for 91% of targeted attacks, making it the most prevalent method of introducing APT to corporate and government networks. Industry recognition of the severity of the dangers posed by spear phishing is always a positive development, but merely acknowledging the problem doesn’t provide a solution. Fortunately, many of the underlying issues Trend Micro identifies are problems PhishMe is already helping our customers address.

READ MORE

Cyber Monday phishing scams could affect the workplace

November 21, 2012 by Cofense in Phishing

If you’re like me, then the idea of fighting the midnight crowds on Black Friday holds limited appeal, even if it means getting an 80% discount on a big screen TV. But thanks to Cyber Monday, people can get ridiculous deals without peeling themselves away from their computers – or offices.

READ MORE

Presidential Phishing Scams: Examining Voter Vulnerability

November 5, 2012 by Cofense in Phishing

With emotions running high during election season, an email with the name Romney or Obama in the subject line could make even an experienced user click on a malicious link. Spammers are taking advantage of the Presidential election buzz and using malware-laden emails to target users. Many of these emails don’t have any visible consequences, so users may not even realize when malware is infiltrating their personal computers or mobile devices. But what about the potential danger this malware can bring into your workplace from these spear phishing scams?

READ MORE

Breaking the Myths of Social Engineering

October 1, 2012 by Rohyt Belani in Internet Security AwarenessPhishing

Last week, a Washington Post article by Robert O’Harrow offered an interesting look at the most common attack vector used by cybercriminals to penetrate enterprises today: spear phishing. While we applaud (loudly) the thrust of the article – that enterprises need to educate users on the dangers of spear phishing – there are some very real challenges in user education that the article does not address.

READ MORE

Why PhishMe makes Pentesters Uncomfortable

August 31, 2012 by Aaron Higbee in Cofense NewsPhishing

I read Aitel’s article right before leaving for BlackHat: “Why you shouldn’t train employees for security awareness” Popcorn in hand, this should be a fun read. After all, we agree that traditional awareness methods don’t seem to be sticking.

READ MORE

LinkedIn password leak: What it means for phishing

June 6, 2012 by Aaron Higbee in Phishing

Spoiler: LinkedIn password leak: What it means for phishing?  Answer:  Not Much! When people talk to us about phishing, they often want to know “What’s next in phishing? What else are you seeing?” This gets asked a lot, and is one of my least favorite questions because the truth is, email based spear phishing works as-is It has no reason to evolve right now.

READ MORE

Educause 2012 SPC: Quick Review

May 22, 2012 by Aaron Higbee in Internet Security Awareness

Last week I attended the Educause Security Professionals Conference 2012 in Indianapolis Indiana and was lucky enough to co-present with Emory University to discuss the phishing problems higher education face. This event had an entire track devoted to Awareness & Training and of course a major topic for discussion was phishing.

READ MORE