An employee goes on Facebook and makes a snarky comment about his boss. Or posts a picture of a co-worker that includes a confidential document open on her laptop. Or simply mentions your company name when sharing something online. All of these are examples of potential trouble.
That email from HR? RSA attendees say you’d better check twice for phishing.
When the security world gathered at RSA 2018, CofenseTM surveyed attendees about phishing attacks and defenses. The #1 phishing concern? Malicious emails that appear to be internal communications, from your boss, HR, or the help desk, making them extra-hard to resist.
Doubling Down on PhishMe with New Features and Awareness Focus
Back in 2008, Cofense™ (PhishMe®) pretty much invented the phishing awareness industry when we unveiled the first phishing simulation program for businesses. Cofense PhishMe™ made it easy to condition employees to recognize and report phishing emails and today, over 27 million (and counting) end users in 160 countries, including employees at half the Fortune 100, rely on our expertise.
New Name, Same People, Stronger Balance Sheet
Rohyt Belani, CEO & Co-founder, Cofense
So far, it’s been a very exciting 2018 here at Cofense, with our recent acquisition and announcement of our new name and brand. We continued performing well as a company and launching numerous new features across our products.
PhishMe is now Cofense.
On February 27th 2007, while on the phone with my friend and co-founder Rohyt Belani, I typed the name phishme.com into GoDaddy™. We couldn’t believe our good luck and immediately registered it. As the co-founder who named this company PhishMe®, the emotional attachment is real. Somewhere in the pile of entrepreneurial startup books, I have a branding book that suggested your name is a vessel that should be big enough to carry your future products and services. We outgrew that boat quite some time ago.
PhishMe is SOC 2 compliant. Here’s how that helps you.
Information security is important to everyone, in particular organizations that outsource operations to third-party vendors (like SaaS or cloud-computing providers). If data isn’t handled securely, an organization’s risk of exposure to data theft, extortion and malware increases dramatically.
Missing in Action: Several Prominent Malware of 2017
Thus far in 2018, PhishMe Intelligence™ has observed a lull in multiple malware families that were prominent throughout 2017. There are several possible reasons for this hiatus.
Another wave of Brazilian malspam leads to banking trojan
In October of 2017 we blogged about a phishing campaign specifically targeting Brazilian Portuguese- speaking users.
Back then, the campaign distributed a malicious Chrome browser extension. More recently, we have observed a wave of emails that have remarkably similar characteristics. This time around, the malware of choice is a banking trojan.
New Enhancements Help Streamline Incident Response with PhishMe Triage
With security analysts pulled in many directions, they must be able to prioritize and invoke incident response on ransomware, business email compromise (BEC), malware infections, and credential-based theft emails. The key to this is the automation and streamlining of the incident response. PhishMe Triage™ has been updated with new features to help security analysts and incident response teams streamline their processes and secure administrative access.
Key Features this Release
- Tighter Integration – Authenticated API for integration across the incident response team
- Additional Security – Two-factor authentication for PhishMe Triage users
- More Accountability – Audit logs are generated for all users of PhishMe Triage
- Better Visibility – System status alerts can be distributed via syslog
Tighter Integration
The new API is designed to help PhishMe Triage interact with other systems across the incident response process. This authenticated API enables other systems to “talk” to PhishMe Triage to automate the process and get the right teams involved, faster. The fully documented REST API can be used to pull information from PhishMe Triage on emails, clusters, attachments, reporters, integrations, health stats and more. The API can be used in the preprocessing stage to notify malicious attachments at soon as they are reported. Join the conversation in the PhishMe Community PhishMe Triage API discussion to share ideas and code samples for building solutions using the API.
Additional Security
This release adds in an additional layer of security for PhishMe Triage users. Two-factor authentication can be turned when a user logs in to PhishMe Triage. End users will install a standard two-factor authentication app on their mobile device, and then simply scan a QR code to register their phone with PhishMe Triage. At log in, they will be prompted for code generated by the app. This makes authentication based upon “something you know”, the password, and “something you have”, the app. There is support Google Authenticator and other two-factor tools.
More Accountability
This release also introduces audit logging in PhishMe Triage. With the audit log, visibility about who did something in PhishMe Triage, what they did and when they did it is captured. The audit log tracks over 145 Event ID’s across PhishMe Triage. This enables the tracking of all of the actions users of PhishMe Triage. These logs can be viewed directly inside of PhishMe Triage, or exported to another tool for more analysis.
Better Visibility
This release also extends syslog alerting with PhishMe Triage. With syslog enabled, PhishMe Triage can send out alerts to other systems. Syslog alerts can be used to share information like the cluster velocity, operational SLA alerts, platform health, ingestion health and triage recipe monitoring. This enables PhishMe Triage to share alerts across the entire incident response team.
If you have any questions, please email support@phishme.com. Full details on the release are available in PhishMe Community. To access it, simply log in to your PhishMe Triage appliance and then click the “Visit PhishMe Community” icon.
Don’t ever miss another threat – sign up for PhishMe® Threat Alerts today and receive updates on new and emerging phishing and malware threats, completely free.
Here’s How Boards Should Measure Anti-Phishing Programs
In board rooms across the globe, directors are asking the question, “How is phishing affecting the organization and are we able to handle the risks?”