When considering your organization’s response to a simulated phish, it is critical to understand that we are emulating / practicing for real life events with the purpose of conditioning appropriate response patterns in our user base.
PhishMe Named a Consecutive Leader in the 2017 Gartner Magic Quadrant
PhishMe has been named a consecutive leader in Gartner’s 2017 Security Awareness Computer-Based Training Magic Quadrant. It’s the second year we’ve been recognized as a leader and positioned highest in “ability to execute.”
Sage Ransomware Distinguishes Itself with Engaging User Interface and Easy Payment Process
In early 2017, the Sage ransomware distinguished itself with a fresh take on the business model for criminal ransomware operations. Built with an engaging, intuitive user interface for requesting the ransom payment, it also reinforced the fact criminals are willing to invest in developing new versions of established ransomware tools. Sage has reasserted itself as a relevant player on the already-saturated ransomware threat landscape with version 2.2.
Fake Swiss Tax Administration Office Emails Deliver Retefe Banking Trojan
PhishMe®’s Phishing Defence Centre has observed multiple emails with a subject line that includes a reference to tax declarations in Switzerland (Original subject in German: “Fragen zu der Einkommensteuerklaerung”) as shown in Figure 1. The sender pretends to be a tax officer working for the tax administration (Eidgenoessische Steuerverwaltung ESTV) and is asking the victim to open the attached file to answer questions about the tax declaration.
Social Media: It’s Time to <3 Security Awareness
Part 4 in a weekly blog series, “How Attackers Target Trust,” running during October, National Cyber Security Awareness Month and European Cyber Security Month.
Over the past decade, mobile phones and social media have become essential to how we ingest news and communicate friends and families.
Beware: These Scams Turn Open Enrollment into Open Season for Phishing
Last fall, PhishMe® warned you about scams that use phishing to steal your health savings account (HSA) details during open enrollment periods. This year we are seeing a variety of phishing scams that can take advantage of your year-end diligence in managing personal and corporate assets.
Security Awareness: 4 tips on Trusting Technology
Part 3 in a weekly blog series, “How Attackers Target Trust,” running during October, National Cyber Security Awareness Month and European Cyber Security Month.
Malicious Chrome Extension Targets Users in Brazil
Our Phishing Defense Center recently detected a significant increase in the number of emails with malware designed exclusively to target users in Brazil.
Locky or TrickBot? Depends Where You Are. Malicious Payload Delivery Tailored by Geographic Location
BY NEERA DESAI AND VICTOR CORNELL
It is not uncommon for threat actors to deploy malicious payloads from multiple malware families during a single phishing campaign. These malware tools may include ransomware, a financial crimes trojan, or other botnet malware. However, it is not as common for those attackers to deploy different malware tools based upon the geographic location of their victim.
To Raise Security Awareness, Don’t Trust the Process.
Part 2 in a weekly blog series, “How Attackers Target Trust,” running during October, National Cyber Security Awareness Month and European Cyber Security Month.