Online Email Security Awareness Training

Although phishing represents the biggest threat to online security, Cofense knows there’s no shortage of other cyber threats. That’s why we’ve created a broader free online security awareness training for employees. In myriad ways, it helps employees and other Internet users better protect themselves, their devices and the company from online theft and fraud.

Specifically, we’ve built a series of SCORM-compliant online security awareness training modules to complement business´ existing training programs. These free security awareness training modules can be downloaded and used whether you’re a Cofense customer or not.

Cofense Security Awareness Training Pricing

CBFree – Complimentary

Cofense PhishMe – Get a Demo

Cofense Vision – Learn More

See the Latest
Trends in Phishing Security

Get ahead of trending threats
with our insights and solutions
into phishing threats & attacks..



What’s in the Online Security Awareness Training Modules?

We’ve made our security awareness training online modules as comprehensive as possible. In addition to covering subjects such as keeping passwords secure and practicing safe web surfing, our modules cover the physical security of devices and protecting data outside the office. All IT administrators are advised to review the module about Insider Threats.

Security Awareness Training Topics

  • Cybersecurity Awareness
  • Spear Phishing
  • Ransomware
  • Security Outside of the Office
  • And Many More …

We know that engaging, interactive models make for better learning. Each module contains concise lessons with interactive play and learning activities to help absorb and retain content. Most of our online security awareness training is available in multiple languages for businesses with a multi-national workforce.

Free Compliance Training Modules Are Available

In many industries, online security awareness training for employees goes hand in hand with privacy and data security compliance. In Europe and elsewhere, there are stricter regulations vs. the U.S. on protecting personal data, implementing security measures, and taking steps to report a breach.

Businesses operating in regulated industries may wish to review these free modules in particular:

  • Health Care Compliance.
  • Payment Data Compliance.
  • Personal Data Compliance.

Like our online security awareness training modules, you can download and run our compliance training modules through a Learning Management System (LMS). For businesses that do not have an LMS system, these modules are also available as interactive PDF files. If you choose to download the PDF files, please note that Cofense refreshes the content regularly to mirror developments in online security and regulatory compliance.

How to Access the Free Online Security Awareness Training Modules

Visit our “CBFree Computer-Based Training” web page. You have the choice of downloading a sample module, the online security awareness training modules, or the compliance modules. Naturally, you can download all three if you wish! If you experiencing any problems, don’t hesitate to contact us.

To complete your online security awareness training program, request a free demo of Cofense PhishMe, our award-winning software for conditioning employees to be resilient against phishing threats. Used by more than 1000 businesses worldwide, including 50 Fortune 100 companies, Cofense PhishMe has reduced the threat of advanced cyber-attacks by up to 95% with cybersecurity awareness training.

It’s impossible to know when the next cyber-attack will hit. Don’t wait to strengthen your defenses. Download our training modules and request your free demo of Cofense simulator today.

1:1 Demo
Powerful Solutions

We'll talk with you about your company'sspecific needs and providedemonstrations of ourrecommended solutions.


10 Most Common Signs of a Phishing Email: Is Your Business Protected?

Why Phishing Awareness is Vital to Organizations

Successful phishing attacks give attackers a foothold in corporate networks, access to vital information such as intellectual property, and in some cases money. The question is how to generate phishing awareness and train your team to spot a phishing email. There are numerous types of phishing, but ultimately it is any type of attack by email that is designed to result in the recipient taking a specific course of action. This could be clicking a link that leads to a compromised website, opening a malware-laden attachment, or divulging valuable information such as usernames and passwords.

Look for a Hook in Phishing Emails

Increasingly, phishing emails are carefully researched and contrived to target specific recipients. Given the number and intensity of data breaches in recent years there is a wealth of information available to phishers to use when honing their prose, making it even tougher to spot signs of a phishing email and discern fact from fiction.

The increasing sophistication of phishing attacks makes it difficult for technology to identify email-borne threats and block them. However, phishing emails typically have a range of “hooks” which, if spotted by the recipient, can prevent the attack from being successful. The following are some of the hooks – or signs of a phishing email – that can indicate an email is not as genuine as it appears to be.

2021 Annual State of Phishing

Learn how you can avoid a breach from the phishing threats that are targeting businesses around the globe.

Read More

10 Most Common Signs of a Phishing Email

1. An Unfamiliar Tone or Greeting

The first thing that usually arouses suspicion when reading a phishing message is that the language isn’t quite right – for example, a colleague is suddenly over familiar, or a family member is a little more formal. For instance, if I personally were to receive an email from Cofense’s CTO that began with “Dear Scott,” that would immediately raise a red flag. In all of our correspondence over the years, he has never begun an email with that greeting so it would feel wrong. If a message seems strange, it’s worth looking for other indicators that this could be a phishing email.

2. Grammar and Spelling Errors

One of the more common signs of a phishing email is bad spelling and the incorrect use of grammar. Most businesses have the spell check feature on their email client turned on for outbound emails. It is also possible to apply autocorrect or highlight features on most web browsers. Therefore, you would expect emails originating from a professional source to be free of grammar and spelling errors.

3. Inconsistencies in Email Addresses, Links & Domain Names

Another simple way to identify a potential phishing attack is to look for discrepancies in email addresses, links and domain names. For example, it is worth checking against previous correspondence that originating email addresses match. If a link is embedded in the email, hover the pointer over the link to verify what ‘pops up’. If the email is allegedly from PayPal, but the domain of the link does not include “,” that’s a huge giveaway. If the domain names don’t match, don’t click.

4. Threats or a Sense of Urgency

Emails that threaten negative consequences should always be treated with suspicion. Another tactic is to use a sense of urgency to encourage, or even demand, immediate action in a bid to fluster the receiver. The scammer hopes that by reading the email in haste, the content might not be examined thoroughly so other inconsistencies associated with a phishing campaign may pass undetected.

5. Suspicious Attachments

If an email with an attached file is received from an unfamiliar source, or if the recipient did not request or expect to receive a file from the sender of the email, the attachment should be opened with caution. If the attached file has an extaension commonly associated with malware downloads (.zip, .exe, .scr, etc.) – or has an unfamiliar extension – recipients should flag the file to be virus-scanned before opening.

Teach users to identify real phish.

Discover how Cofense PhishMe educates users on the real phishing tactics your company faces.

Get a Demo
Wistia video thumbnail

6. Unusual Request

Leading on from the point above, if the email is asking for something to be done that is not the norm, then that too is an indicator that the message is potentially malicious. For example, if an email claims to be from the IT team asking for a program to be installed, or a link to patch the PC followed, yet this type of activity is typically handled centrally, that’s a big clue that you have received a phishing email and you should not to follow the instructions.

7. Short and Sweet

While many phishing emails will be stuffed with details designed to offer a false security, some phishing messages have also been sparse in information hoping to trade on their ambiguity. For example, a scammer that spoofs an email from Jane at a company that is a preferred vendor emailing the company once or twice weekly, has the vague message ‘here’s what you requested’ and an attachment titled ‘additional information’ in hopes they’ll get lucky.

8. Recipient Did Not Initiate the Conversation

Because phishing emails are unsolicited, an often-used hook is to inform the recipient he or she has won a prize, will qualify for a prize if they reply to the email, or will benefit from a discount by clicking on a link or opening an attachment. In cases where the recipient did not initiate the conversation by opting in to receive marketing material or newsletters, there is a high probability that the email is suspect.

9. Request for Credentials, Payment Information or Other Personal Details

One of the most sophisticated types of phishing emails is when an attacker has created a fake landing page that recipients are directed to by a link in an official looking email. The fake landing page will have a login box or request that a payment is made to resolve an outstanding issue. If the email was unexpected, recipients should visit the website from which the email has supposedly come by typing in the URL – rather than clicking on a link – to avoid entering their login credentials of the fake site or making a payment to the attacker.

10. See Something, Say Something

Identification is the first step in the battle against phishers. However chances are if one employee is receiving phishing emails, others are as well. Organizations need to promote phishing awareness and condition employees to report signs of a phishing email – it’s the old adage of “If you see something, say something,” to alert security or the incident response team.

A complication of this is then sifting through the various reports to eliminate false positives. So, how can an organization stop phishing emails and identify phishing attacks? One method is to prioritize alerts received from users who have a history of positively identifying phishing attacks. These employee-sourced, prioritized reports provide the incident response (IR) team and security operations analysts with the information needed to rapidly respond to potential phishing attacks and mitigate the risk from those that may fall prey to them.

Sign Up for a Demo Now!

Teach users to identify real phish. Discover how Cofense PhishMe educates users on the real phishing tactics your company faces.

Phishing Threats to Your Business

The Anti-Phishing Working Group (APWG) is an organization established in 2003 to monitor phishing threats, share data to better protect consumers and businesses, and unify the global response to cybercriminal activity. In the organization´s most recent Phishing Activity Report (July 2018), the APWG identified a 46% increase in phishing websites over the previous quarter.

During the three months phishing activity on which the report was based, the organization detected 263,538 new phishing websites – half of which had .com suffixes, and a third of which had SSL certificates to give the impression they were secure sites. Phishing threats to data were highest in the payments processing industry, with other highly-targeted industries including:

  • Payments Processing 39.4% 
  • SaaS / Webmail 18.7% 
  • Financial Institutions 14.2% 
  • Cloud Storage / File Hosting 11.3% 
  • Other 16.4% 

Definition of a Phishing Threat

The definition of a phishing threat is any attempt to fraudulently solicit personal information from an individual or organization, or any attempt to deliver malicious software (malware), by posing as a trustworthy organization or entity. Threats are most commonly delivered by email, as in the online banking example given below, but they can also manifest as advertisements on genuine websites that have had security vulnerabilities exploited.

A Few Types of Phishing Emails:

  • Urgent or Billing Phishing: A phishing email attack that attempts to mimic a real business in order to trick victims into visiting a malware-infected site. Fictitious power bills or urgent, credit card fraud notices are common templates for a deceptive phishing email.
  • Spear-Phishing: Attacks are generally more dangerous than regular phishing because spear-phishing emails are tailored to attack a specific individual, department or company.
  • Whale Phishing: The main goal is to gain the credentials of top-level executives. While similar to spear-phishing, whale phishing is much more personalized to the target and damaging to the company.

The definition of a phishing threat given above differs slightly from the definition provided by the United States Computer Emergency Readiness Team (US-CERT). That organization´s definition of a phishing threat implies that phishing attacks online are always the result of social engineering. This is not necessarily the case, as some attacks – such as “watering hole” attacks – have become so sophisticated that social engineering is not always necessary for cybercriminals to extract sensitive data or install malware.

Phishing Threats to Your Business

Phishing Threats to Operations
Regardless of whether an employee is doing their online banking or research for a work project, if they access a fake phishing website from their work computer, and download executable malware, the organization´s entire network could be infected. Depending on the nature of the malware, data could be compromised, stolen or encrypted into a format that makes it unusable until a ransom is paid.

Phishing Threats to Data
Phishing threats to data apply whether an employee is responding to a phishing email about their bank account or to any account that requires a login and password – not just e-commerce websites, but also personal email and social media accounts. The consequences of a successful phishing attack on an organization may take years to become apparent, which is why phishing threats to data should be taken seriously and measures implemented to manage the threats.

Spear Phishing Threats
Spear phishing threats are often more successful than random phishing threats due to the victim(s) being specifically targeted by the cybercriminal. The attacker finds personal details of their victim (such as appear on social media profiles) and creates a convincing phishing email that appears realistic because of its content. The massive data breaches at Target, Anthem and Sony Pictures have all been attributed to successful spear phishing attacks.

The delivery of ransomware via email is one of the most serious of all current phishing threats. Ransomware is the easiest form of malware to monetize and there has been a noticeable increase in ransomware attacks on mobile devices (up 1,300% in 2017) and on cloud-based applications which get shared with internal and external users (44% of cloud malware types make up the most common delivery vehicles for ransomware).

See the Latest
Trends in Phishing Security

Get ahead of trending threats
with our insights and solutions
into phishing threats & attacks..



How to Prevent Phishing Threats in an Organization

With there being so many different and sophisticated types of phishing attacks online, managing phishing threats in an organization is a colossal task. Technology can help manage threats to a degree, but enough phishing emails avoid detection to make the activity of phishing still worthwhile for cybercriminals.

Simulations of Phishing Threats Makes Perfect
How can you affect lasting changes in user behavior around phishing threats? Rather than rote training, engaging users by simulating real-life phishing threats drives the point home. Just as fighter pilots train in flight simulators, users can learn by experiencing a simulated phishing threat in a controlled environment.

Mixing an occasional simulated phishing threat into users’ regular email teaches them to stay alert and spot suspicious emails. Whether they click on the simulated phish, or spot and report it to incident responders, the experience is much more likely to leave a mark compared to sitting through a lecture about security.

Users experience phishing threats in terms of how they look and act – how a malicious payload infiltrates a system, spreads across the network, disrupts operations, and steals data. Next time, they will be more attuned to a suspicious email – See Something, Say Something

Recognition is the first step in the battle against phishing threats. Conditioning users to identify phishing emails will reduce the chances they will fall for a real phishing threat. However, the chances are, if one employee is receiving phishing threats through emails, others are as well. Organizations must encourage users to report suspicious messages, including emails, texts or phone calls, to security or incident response teams.

Users who recognize potential phishing threats provide a valuable source of internal, real-time attack and threat intelligence. When they report suspicious emails, incident responders obtain information that they would not have otherwise received or received too late. This internal ‘crowdsourcing’ is especially beneficial with phishing, as it’s the most common attack method.

Overloading the Security Operations Center
A natural complication of internal reporting is to overwhelm security teams with potentially harmful emails and false positives. Being able to quickly identify which reports are more reliable than others is critical to lessening the chance of a breach from a phishing email and a factor when implementing a solution to mitigate phishing threats.

Employee-sourced reports on attacks in progress provide incident response teams and security operations analysts with the information needed to rapidly respond to potential phishing threats and mitigate the risk from those that may fall prey to them. Being able to sort, assess and respond quickly is critical to stopping a phishing breach and mitigating business disruption.

Ultimately, an end-to-end phishing threat mitigation approach is a critical foundation for any security program’s phishing threat management strategy. Instead of just being the target, the workforce becomes cybercrime sensors – sounding the alarm and keeping the organization safe by providing the information SOCs need for managing phishing threats quickly and effectively.

End-to-End Phishing Mitigation from Cofense

Cofense is a testament to this working process.  Cofense has conditioned our own workforce to recognize and report phishing attempts – gathering phishing attack intelligence from our entire employee base. By analyzing these emails, Cofense has avoided compromise as well as discovering and publishing malware samples well before other leading threat intelligence providers.

Even with record investment in cybersecurity, the number of breaches attributed to phishing attacks continues to grow. It’s obvious that technology alone can’t solve the problem. That’s why Cofense solutions focus on engaging the human – your last line of defense after a phish bypasses other technology – for better prevention and response.

1:1 Demo
Powerful Solutions

We'll talk with you about your company'sspecific needs and providedemonstrations of ourrecommended solutions.


Why Phishing Training Needs to be Comprehensive

Comprehensive Phishing Training Involves More Than Awareness

By itself, the term “phishing training” fails to convey the complexity of creating and maintaining an effective defense against email-borne threats. Yes, it’s important to provide security awareness training and educate employees on the risks of clicking on malicious links, opening infected attachments or divulging confidential information in an email, but the best phishing training involves much more.

For example, you need processes for reporting phishing or suspicious emails, along with mechanisms to help security teams prioritize reports. Think about it: after employees receive phishing training they’re likely to report more emails. To manage the volume of phishing reports and contain genuine threats, security teams need to know which employees are best at spotting potential threats.

The hardest part of phishing training is building a business culture of openness and awareness. Mistakes happen. When an employee inadvertently responds to a phishing email, it’s smart to educate and correct. If employees feel shame, they may be reluctant to report errors in the future, denying security teams the chance to contain threats fast. Given the potential consequences of an uncontained threat, phishing training needs to include everyone from the CEO down.


See the Latest
Trends in Phishing Security

Get ahead of trending threats
with our insights and solutions
into phishing threats & attacks..



Phishing Email Training for Employees Need to Be Comprehensive, Interactive and Relevant

Cybercriminals use many tactics to gather the information needed for phishing attacks. Employees and senior management need to be vigilant. Besides learning how to identify suspicious emails, they must also learn how social engineering attacks are constructed, plus the risks of surfing the web from a mobile device connected to the business´s network.

It’s not enough to send phishing awareness emails to employees. . Employees need security awareness training and simulated phishing campaigns that assess and measure their susceptibility to phishing attacks. The results of phishing training show weaknesses in network defenses. Security teams can use this knowledge to prioritize suspicious email reports. A culture of awareness, and one of action, is the goal.

Relevance counts, too. Lower-level employees need to be aware of phishing email threats, but are unlikely to be targets of a business email compromise attack. It’s vital for phishing training to be customizable—relevant to different user groups and the roles they play in your online defense. Without relevance, users become disinterested and phishing training less effective.


Comprehensive Phishing Training from Cofense

Our phishing training is holistic. Through customizable security awareness training and simulated phishing campaigns, your employees will be less susceptible to costly phishing attacks. Simulated phishing campaigns can be designed to use real-world, phishing attack scenarios that target your organization, industry or a specific department. Employees can also report and delete suspicious emails with the click of a button. Incident responders can triage reported emails, prioritize and reduce false positives. Our human-vetted, phishing-specific threat intelligence service further helps security teams work smarter, with better results. The platform integrates seamlessly with existing security information and event management systems. It’s easy to administer and provides deep metrics, benchmarking and reporting options.

Rounding out our security awareness and phishing training, we offer computer-based modules that you can use as stand-alone instruments or as part of our integrated package. We also host a thriving online community where businesses share their experiences and solutions. Be sure to explore our free videos, webinars, and whitepapers with information relevant to all industry sectors.

Request a free demo of Cofense in action. Or contact us with questions about maximizing the effectiveness of your phishing training. Fortify your last line of defense against malware, data loss, and ransomware. Cofense has helped our clients achieve a 95% reduction in susceptibility to phishing emails. Is your current phishing training that good? Learn more today!


Phishing Training Cost

Cofense offers bundled and free solutions that deliver key capabilities to any size business.  To stop rapidly evolving phishing attacks, you need more than a layered defense. You need the right layers. When users act as human sensors, they supply valuable intelligence to security operations teams, giving them the visibility to neutralize threats faster.

Stop Phishing Attacks in as Little as 20 Minutes

100% of the phish Cofense finds in customers’ environments were reported by users. 0% were stopped by perimeter technology. When secure email gateways fail, users are your last line of defense. Cofense intelligent phishing defense equips your teams to find, report, respond to and neutralize phishing threats by fusing human intelligence and advanced technology. Learn More


1:1 Demo
Powerful Solutions

We'll talk with you about your company'sspecific needs and providedemonstrations of ourrecommended solutions.



Cofense PhishMe Free

Now is the time to build a human firewall against phishing attacks. Cofense PhishMe Free is an easily managed phishing campaign tool that simulates email campaigns and provides analytics. It’s designed to help companies with 500 employees or less assess end-user risk exposure and condition employees to be resilient to phishing attacks. Learn More


Phishing Webinars that Help Protect Your Organization

Access our past phishing webinars and see upcoming PhishMe webinars on topics ranging from social media and human sensors to malware and security awareness. Learn More


How to Spot Phishing Emails – 7 Helpful Tips for Employees

Phishing is not a new phenomenon – it has been the most common attack vector for cybercriminals for a number of years – but, due to the increasing complexity of phishing scams, knowing how to spot a phishing email is becoming more important than ever before.

In spite of advances in anti-virus protocols and detection technology, phishing attacks continue to increase in number and impact. Everyone is a target in today’s cyberwar climate but, by educating your workforce about how to spot phishing and deal with phishing attacks appropriately, today’s targets can become the primary defense sentinels of the future.

How to Spot a Phishing Email Begins with Knowing What is a Phish

The first step in spotting a phishing email comes with understanding what a phishing email is. The most accurate definition of a phishing email is an email sent to a recipient with the objective of making the recipient perform a specific task. The attacker may use social engineering techniques to make their email look genuine, and include a request to click on a link, open an attachment, or provide other sensitive information such as login credentials.

Socially engineered phishing emails are the most dangerous. They are constructed to be relevant and appear genuine to their targets. The recipient is more trusting of the email and performs the specific task requested in the email. The results can be devastating. If the recipient clicks on a link to a malware-infected website, opens an attachment with a malicious payload or divulges their login credentials, an attacker can access a corporate network undetected.

2021 Annual State of Phishing

Learn how you can avoid a breach from the phishing threats that are targeting businesses around the globe.

Read More

Phishing Email Examples:

New Credential Phish Targets Employees with Salary Increase Scam

The Cofense Phishing Defense Center (PDC) has observed a new phishing campaign that aims to harvest Office365 (O365) credentials by preying on employees who are expecting salary increases. Learn More

This Advanced Keylogger Delivers a Cryptocurrency Miner

In a new twist, a phishing campaign is delivering the advanced Hawkeye Keylogger malware to act as a first stage loader for a cryptocurrency miner. Learn More

New Credential Phish Masks the Scam Page URL to Thwart Vigilant Users

The Cofense Phishing Defense Center (PDC) has observed a phishing campaign that aims to harvest credentials from Stripe. Making it an attractive target for threat actors seeking to use compromised accounts to gain access to payment card information and defraud consumers. Learn More

Keep up to date with the latest phishing attacks and trends in cybercrime

View more phishing email examples for training on our blog. Cofense is dedicated to keeping our customers safe and informed.  Learn More


Why Socially Engineered Phishing Emails are so Effective

It’s actually quite scary how much you can find out about an individual on the Internet without having to hack databases or trick somebody into divulging confidential information. Hackers can quickly accumulate personal information from social media sites, professional profiles and other online publications in order to identify the triggers that people respond to.

It would not be too difficult to find details of an employee ́s children, the school they attend, and an event happening at the school, in order to send the parent an email inviting them to click on a link or open an attachment about their child’s participation in the event. With the advent of Machine Learning and Artificial Intelligence, phishers will be able to collate this information much more quickly in the future.    

7 Ways to Spot Phishing Email

Socially engineered phishing emails often evade detection by email filters due to their sophistication. They have the right Sender Policy Frameworks and SMTP controls to pass the filter ́s front-end tests, and are rarely sent in bulk from blacklisted IP addresses to avoid being blocked by Realtime Blackhole Lists. Because they are often individually crafted, they can even evade detection from advanced email filters with Greylisting capabilities.

However, phishing emails often have common characteristics; they are frequently constructed to trigger emotions such as curiosity, sympathy, fear and greed. If a workforce is advised of these characteristics – and told what action to take when a threat is suspected – the time invested in training a workforce in how to spot a phishing email can thwart attacks and network infiltration by the attacker.

1. Emails Demanding Urgent Action

Emails threatening a negative consequence, or a loss of opportunity unless urgent action is taken, are often phishing emails. Attackers often use this approach to rush recipients into action before they have had the opportunity to study the email for potential flaws or inconsistencies.

2. Emails with Bad Grammar and Spelling Mistakes

Another way to spot phishing is bad grammar and spelling mistakes. Many companies apply spell-checking tools to outgoing emails by default to ensure their emails are grammatically correct. Those who use browser-based email clients apply autocorrect or highlight features on web browsers.

3. Emails with an Unfamiliar Greeting or Salutation

Emails exchanged between work colleagues usually have an informal salutation. Those that start “Dear,” or contain phrases not normally used in informal conversation, are from sources unfamiliar with the style of office interaction used in your business and should arouse suspicion.

4. Inconsistencies in Email Addresses, Links & Domain Names

Another way how to spot phishing is by finding inconsistencies in email addresses, links and domain names. Does the email originate from an organization corresponded with often? If so, check the sender’s address against previous emails from the same organization. Look to see if a link is legitimate by hovering the mouse pointer over the link to see what pops up. If an email allegedly originates from (say) Google, but the domain name reads something else, report the email as a phishing attack.

5. Suspicious Attachments

Most work-related file sharing now takes place via collaboration tools such as SharePoint, OneDrive or Dropbox. Therefore internal emails with attachments should always be treated suspiciously – especially if they have an unfamiliar extension or one commonly associated with malware (.zip, .exe, .scr, etc.).

6. Emails Requesting Login Credentials, Payment Information or Sensitive Data

Emails originating from an unexpected or unfamiliar sender that request login credentials, payment information or other sensitive data should always be treated with caution. Spear phishers can forge login pages to look similar to the real thing and send an email containing a link that directs the recipient to the fake page. Whenever a recipient is redirected to a login page, or told a payment is due, they should refrain from inputting information unless they are 100% certain the email is legitimate.

7. Too Good to Be True Emails

Too good to be true emails are those which incentivize the recipient to click on a link or open an attachment by claiming there will be a reward of some nature. If the sender of the email is unfamiliar or the recipient did not initiate the contact, the likelihood is this is a phishing email.

“If You See Something, Say Something” – How to Stop Phishing Emails

Conditioning employees in how to spot and report suspicious emails – even when opened – should be a workforce-wide exercise. The chances are that if one of your workforces is the subject of a phishing attack, other employees will be as well. “If you see something, say something” should be a permanent rule in the workplace, and it is essential that employees have a supportive process for reporting emails they have identified or opened.

The reporting of potential phishing attacks and opened suspicious emails enables security personnel to secure the network in good time – mitigating the risk that a threat will spread to other areas of the network and minimizing disruption. It is also a good practice to identify which employees spot actual phishing emails in order to prioritize action when multiple reports of a phishing attack are received.

This is the basis of how Cofense ́s Human Phishing Defenses work. Our solutions provide simulation exercises based on real examples of socially engineered phishing attacks in order to better teach employees how to spot phishing emails and report them – whether they have been opened and actioned or not. In the event a phishing email has avoided detection, our solutions also provide end-to-end phishing mitigation to accelerate response and resolution. Contact us today to find out more.

Sign Up for a Demo Now!

Teach users to identify real phish. Discover how Cofense PhishMe educates users on the real phishing tactics your company faces.

Ransomware Prevention: How Do You Get Ransomware?

A great way to kick off a phishing awareness training course is to ask, “How do you get ransomware?” The majority of trainees will be aware that ransomware attacks can be launched by clicking on a malicious URL or opening an infected email attachment. Conscious of notorious attacks – Colonial Pipeline among others – some may be aware of the importance of keeping software up to date. Other attack vectors are far less familiar and deliver malware such as BazarBackdoor in devious ways.

Depending on trainees´ responses to “how do you get ransomware?” you may be pleasantly surprised or very concerned. At the least, you can better gauge your employees´ appreciation of the threats posed. This insight will inform your decision-making as you take steps to raise phishing awarene

After Asking the Question “How do you get Ransomware?” …

After asking “How do you get ransomware?” the next question should concern how to identify suspicious links and attachments, and how to report those suspicions. In most scenarios, the answers to the first half of the question will be textbook; but the second half, how to report suspicious links and attachments, often draws blank faces. This might reveal a major problem with your company´s online security, especially when a link has been clicked or an attachment opened.

See the Latest
Trends in Phishing Security

Get ahead of trending threats
with our insights and solutions
into phishing threats & attacks..


All employees need to know the reporting procedure and the importance of swiftly reporting a clicked link or opened attachment. Only by quickly alerting the IT security team to the possible risk of an infection can a threat be well contained and the potential damage limited. Furthermore, employees must know that even if a computer has been locked by ransomware, swift action can prevent the infection spreading to the rest of the network or stop secondary malware from being dropped.

Measures a Company can Take for Better Ransomware Prevention

In many areas of life, knowing something and applying that knowledge don’t always follow hand in hand. Although your employees may know “How do you get ransomware?” and even how to report  suspicions, companies should implement measures to protect themselves against ransomware and its consequences. These measures may vary, but generally include:

  • Take frequent back-ups, so if data is encrypted by ransomware, there is a recent restore point.
  • Install a program that will check for and install software updates.
  • Virus scan all external drives and mobile devices connected to the network.
  • Maintain an ongoing program of phishing awareness and keep asking the question “How do you get ransomware?”

The importance of a program approach to phishing awareness is difficult to overstate. You can drastically reduce your company’s vulnerability to ransomware attack by enlisting your employees as human sensors against malware-bearing phishing email. Comprehensive ransomware prevention depends on a last line of defense when malicious emails get past standard filters and secure gateway technology, and land in users’ inboxes. Attackers know how to beat these filters, and successfully do so on a near-daily basis. When employees are well conditioned to spot these emails, and are able to quickly and easily report them, companies can be spared catastrophic expense in lost productivity, revenue and reputational damage. Real-world simulations can radically boost resilience against attacks for measurably improved ransomware prevention.

Maintain an Ongoing Program of Phishing Awareness with Cofense

Cofense is the leading provider of phishing threat management solutions. We determine employees´ susceptibility to online threats by using simulation exercises. These activities show how much employees know about “How do you get ransomware?” It also conditions them to be up to 95% less susceptible to phishing attacks. Our phishing threat management solutions are used by more than 1,000 companies worldwide, including half of all Fortune 100 companies.

Besides simulation exercises to raise awareness and reduce susceptibility, Cofense lets employees report suspicious emails with the click of a mouse. We offer an incident response platform that prioritizes investigations for IT security teams, based on the results of the simulated phishing exercises. Cofense also offers an intelligence feed of known threats, to eliminate false positives and save time identifying and responding to genuine threats.

To learn more about protecting your business, your data and employees from ransomware, contact us for a free Cofense demonstration. Our team will guide you through our solution so you can better understand “How do you get ransomware?” and how to protect against it. Get real-world ransomware attack examples here and learn how to protect yourself.

1:1 Demo
Powerful Solutions

We'll talk with you about your company's specific needs and provide demonstrations of our recommended solutions.


Phishing Awareness Tips

There are plenty of online sources offering phishing awareness tips and advice on how to protect against phishing attacks. Some sources offer good advice. Unfortunately, some don´t. Some are merely clickbait, not useful phishing awareness tips.

If you’re reading a website that doesn’t tell you to be skeptical of all emails, it’s not giving sound advice on how to protect against phishing attacks. After all, every email address can be spoofed.

The right training can provide advice on how to protect against phishing attacks. Look for a program that conditions employees to recognize and report phishing—and become an active part of your cyber defense.

Providing Advice on How to Protect Against Phishing Attacks via Training

The best phishing awareness tips are part of comprehensive, interactive and customizable training. Users need to know why they are being targeted, what the objectives of phishing emails are, and the consequences of clicking on a malicious link, opening an infected attachment or responding to an unauthorized request for information.

Think Like
a Cybercrook

This special report focuseson the realities of phishingand recommends defensesyou can use to reduce your risk.

Read More

The best way to absorb and remember is to learn with interactive tools. This is particularly true when sharing advice on how to protect against phishing attacks. For example, phishing simulations give users a better understanding of the types of threats they face in different scenarios. Results from these exercises can also provide trainers and security teams with information about the weakest and strongest links in their online defenses.

The importance of customizable training cannot be underestimated. Phishing awareness tips, no matter how practical, won’t stick if the advice is irrelevant to their jobs. For instance, employees in finance and those in high-level positions throughout the company need to be on guard against business email compromise attacks. But the time of employees in sales, marketing and development may be better spent learning about threats from social engineering, social media and cloud computing.

Phishing Awareness Tips from the Leader in Phishing Protection

Cofense is the leading provider of phishing threat management for businesses concerned about growing phishing attacks. Cofense’s intelligence-driven solutions include a comprehensive, interactive and customizable simulator that conditions employees to recognize phishing and become a source of attack intelligence. Launched in 2008, Cofense has helped hundreds of businesses across the world reduce susceptibility to phishing up to 95%.

Besides sharing phishing awareness tips via award-winning Cofense PhishMe, Cofense´s Reporter, Triage and Intelligence tools accelerate the reporting, prioritizing and identification of phishing threats. The platform is supported by a rich library of resources, industry-leading customer support and free computer-based training modules with yet more tips on phishing awareness.

To learn more about phishing and arming employees with phishing awareness tips, contact us to request a free demo of Cofense in action. Our team will be glad to discuss your specific vulnerabilities and explain how Cofense can condition employees to help fight phishing. You never know when the weakest link in your online defenses will be break. Don´t wait—a contact us today.

1:1 Demo
Powerful Solutions

We'll talk with you about your company'sspecific needs and providedemonstrations of ourrecommended solutions.


Cofense’s Phishing Intelligence: Insights on Emerging Phishing Threats

Improve Phishing Incident Responses with Cofense´s Phishing Intelligence

Cofense´s phishing intelligence reports enable IT security teams to better protect their networks, data, and employees against phishing threats by providing human-verified and contextualized information that can be used in order to improve phishing incident response and prevent malware infections and ransomware attacks.

There is an old English proverb that states being forewarned is being forearmed. The proverb is believed to have originated in the 16th century, and five hundred years later it is still relevant – especially in the world of cybersecurity, where having advance knowledge of potential phishing threats enables IT security teams to better defend organizations against an attack.

However, there is a big difference between being advised a phishing attack may be launched in the near future and knowing what format the phishing attack will take. Cofense’s phishing intelligence reports better protect organizations against malware and ransomware because they provide insights into what methods attackers are using to circumnavigate security technologies.


How Cofense Collects Such Detailed Phishing Threat Intelligence

The Cofense platform is used by organizations all over the world for conditioning employees to identify potential phishing attempts and report them. Once reported, our Triage program sorts genuine threats from false positives so that IT security teams can act faster and quarantine phishing emails across the organization, or respond more effectively to opened phishing emails to mitigate the consequences.

The data collected by Cofense Triage – from millions of messages received daily from a wide variety of sources – is analyzed to identify new and emerging phishing threats that attempt to skim credentials, install malware, or lock data with ransomware.. Our team of human analysts verify phishing threats and, as soon as they are confirmed, issue phishing intelligence reports to IT security teams subscribed to our service.

Phishing intelligence reports are distributed as easily-digestible email alerts or as Machine-Readable Threat Intelligence (MRTI) reports that integrate automatically with third-party threat intelligence programs such as PaloAlto Networks, Threat Connect, Splunk, Centripetal Networks, etc. due to technical partnerships with these platforms and other Security Information and Event Management applications.

The degree of phishing threat intelligence provided includes compromised IP addresses, URLs, domains, and hashes. Where applicable, intelligence about botnet and command and control infrastructures is also provided, as are correlations between phishing emails, malware families, payload sites and command and control servers. With this information, IT security teams can act quickly and confidently to make well-informed security decisions.

Actionable Phishing Threat Intelligence Where You Need It

The faster your team can be armed with critical knowledge about an attack, the faster they can minimize the threat. That’s why Cofense Intelligence delivers phishing-specific threats to help you defend your network. Learn More


What Difference Does Phishing Intelligence Make?

It is difficult to quantify the difference Cofense’s phishing intelligence reports make because most organizations use this service in tandem with other Cofense services. However, research indicates employee conditioning decreases susceptibility to phishing emails by 97.14%1. Furthermore, with a greater number of suspicious emails being reported, a greater number of phishing threats are mitigated.

It was mentioned at the beginning of this article that being forewarned is being forearmed. Therefore, if IT security teams improve phishing incident responses and are prepared (due to phishing intelligence) to quarantine known phishing emails as they arrive – and before they are delivered to employees inboxes – there is no opportunity to measure how many phishing emails may have been opened and what the consequences may have been.


Tackle Phishing Threats Proactively with Cofense

Our dedicated team of analysts focuses on one thing only – evaluating crowdsourced threats, identifying trends, and alerting organizations to phishing attacks so that in-house IT security teams can tackle phishing threats proactively rather than reactively. This level of service is why Cofense is the leading provider of phishing intelligence and one that more than half of the Fortune 100 trusts to enhance their network security.

As briefly explained above, Cofense’s phishing intelligence service is only part of the full picture. Our multi-level platform combines best-in-class technology with the human instinct to create a cycle of unparalleled vigilance and response – or, in other words, a complete collective defense against email-based cyberattacks. To find out how you can tackle phishing threats proactively with Cofense, do not hesitate to contact us.


1. 2016 Phishing Susceptibility Report (

How to Prevent Phishing Email Breaches: Is Your Business Secure?

So, how to prevent phishing email breaches? Simply put, there is no easy solution to prevent phishing attacks. Phishing has been the number one attack vector for half a dozen years and everyone – every business – is a target. Organizations of all sizes experience frequent, sometimes sophisticated, sometimes simple phishing attacks and it’s unrealistic to expect IT and security teams to fight that battle alone using just the technology they were able to budget. Since people or humans are the ones being targeted, shouldn’t it hold true that they also hold the key to a successful defense?

Rather than being seen as a weak link, how can humans serve as the strongest, last line of defense before attackers gain access to corporate systems?

What is Phishing?

When phishing attacks gain access to corporate systems, they have access to vital information such as intellectual property, and in some cases money. There are numerous ‘definitions’ of phishing, but ultimately it is any type of email-based attack that has the intention of luring recipients to respond in a certain way. The attacker might aim to have the recipient click on a link that takes them to a compromised website, open a malware-infected attachment, or divulging valuable information such as user credentials. And these emails are sent to people – not machines.

Often, phishing emails are carefully crafted and targeted to specific recipients and given the number and intensity of data breaches witnessed over the last several years, there’s a wealth of information available to phishers to make it convincing.

While the sophistication of these social engineering attacks can make them tricky to block, there are common characteristics and indicators of phishing emails that can help everyone better recognize and report phishing email before sensitive information is compromised or money is stolen. However, being told how to find a phish is very different than experiencing a phish.

Think Like
a Cybercrook

This special report focuses
on the realities of phishing
and recommends defenses
you can use to reduce your risk.

Read More

How Simulation Can Help Prevent Phishing Breaches

How to prevent phishing email breaches? Awareness training. Despite being one of the most effective ways to stop phishing breaches, most organizations would just as soon skip testing its workforce with simulation because security forces them to think about unpleasant situations. But it is possible to really engage users by simulating real-life experiences that drive the point home. Just as airline pilots train in flight simulators, computer users can learn by experiencing a simulated phishing attack in a controlled environment. How can you identify a phishing email if you’ve never been trained to do so?

Sending a simulated phishing email into users’ inboxes at irregular intervals teaches a workforce to become vigilant and spot suspicious emails. Whether they fall for the simulated phishing email, or identify it as a threat and report it to security personnel, the experience will serve as a much better reminder to stay vigilant than sitting through a security lecture.

As time goes on – and the simulation process is repeated – users will be more aware of the threats presented by phishing emails, and what action to take when they identify a risk. A workforce that learns how to identify phishing emails helps mitigate the risk of a successful attack.

If Something Looks Weird, Report the Phishing Email

Knowing how to identify a phishing email is the first stage of educating a workforce in order to improve anti-phishing initiatives. However, the likelihood exists that if one member of the workforce is being targeted with phishing emails, other members will be as well. Organizations need to encourage their workforce to report phishing emails, even when a link has been clicked or an attachment opened.

Saying something alerts security personnel, who can then take action to mitigate the threat. Creating vigilance in a workforce is part of phishing prevention best practices and is one of the best ways to stop phishing breaches via email as it is the most commonly-employed attack vector. By engaging a workforce as an internal sensor, security personnel receive information they would have not received until it was too late.

An issue arising from a “say something” policy is that security personnel are overloaded with reports of suspicious emails. Being able to respond quickly to these alarms and research threat levels is critical to stop phishing breaches or lessen the chance of a breach from a phishing email. Security teams should, therefore, monitor who within the workforce is more proficient at spotting phishing emails and prioritize action accordingly.

The Best Phishing Protection – From the Inbox to the Security Operations Center

Being able to sort, respond and research reports of suspicious emails quickly are critical to mitigating phishing attacks. End-to-end phishing mitigation is a critical feature of any security program’s risk management strategy. Work to prevent phishing email breaches by first educating your workforce.

Cofense is evidence that this security process works. Cofense has conditioned our workforce to identify and report suspicious emails. By analyzing potential phishing threats emails quickly, Cofense has been able to discover and publish threats to organizations in advance of other threat intelligence agencies. Information on new and emerging threats is available on the Cofense blog.

Even with record investment, the number of breaches attributed to phishing attacks continues to grow. Technology alone is not the best phishing protection and cannot solve the problem. This is why Cofense’s solution to stop phishing breaches focuses on human intervention – your last line of defense when a phishing email evades detection by technology.

1:1 Demo
Powerful Solutions

We'll talk with you about your company'sspecific needs and providedemonstrations of ourrecommended solutions.