Phishing Defense and Awareness Solutions for Energy and Utilities


If a credential phish or ransomware attack helped to shut down the grid—power plants, hydroelectric dams, and nuclear power facilities—the impact could be catastrophic. Attacks on utilities are usually launched for political or social motives, not money. Unfriendly governments could shut down the grid as part of a broader strike or terrorists could disrupt it to make political demands.

Attackers have been probing industry systems for years. Foreign governments have already targeted US energy and utilities companies1. The Dragonfly 2.0 Attack of 2017 began in 2015, likely launched by a foreign government. The hackers penetrated the industry in the US and Europe, using compromised data gained by phishing the likes of Facebook and Google.2  Also in 2017, attackers phished the energy sector with emails disguised as resume submissions and job applications. The files were so genuine-looking, containing no macros or other exploits, that they initially fooled researchers.

Cofense delivers solutions that train employees at all levels to spot and report phishing so security teams can stop it. Our energy and utilities customers, including those featured in case studies below, rank among the largest organizations in the industry.

Train employees with content relevant to Energy and Utilities.

Cofense PhishMeTM. Don’t throw hundreds of random phishing simulations at your employees. Condition them to report attacks with phishing simulations based on active threats the industry has seen or is experiencing. To view an example, click the image.

Learn the value of education in phishing defense programs for energy and utilities.

Malware Review. The 2019 Annual Phishing Report shows key measures of readiness in technology. See how frequent, relevant simulations and a culture of reporting equals higher resiliency and a more durable phishing defense.

View the Report

Learn the value of training and education in phishing defense programs for energy and utilities.

Cofense Customer Video. One reason: thanks to Cofense training, an employee checked an email asking the CEO to wire funds—a classic whaling scam. Learn why this utility’s cyber-program director believes that phishing awareness is everybody’s job.

View the Video

Build a multi-cultural anti-phishing program.

Case Study. A Fortune 200 energy company with 19,000 employees turned to Cofense to train its global workforce. Learn how this organization tailors phishing simulations in English, Spanish, Portuguese, Vietnamese, and more.

Read the Case Study

Read how one company avoids fines of up to $1M a day.

Case Study. A diversified energy and utility company with over $30 billion in assets chose Cofense PhishMe and Cofense ReporterTM to arm employees against phishing. Learn how this business protects the nation’s infrastructure—and itself against regulatory penalties.

Read the Case Study

“Why Cofense” Datasheet

See our suite of collaborative phishing defense solutions and why companies choose Cofense.

View Now

Cofense PhishMe Datasheet

The solution that invented the phishing awareness industry helps energy companies around the world train users to spot attacks.

View Now

Cofense Triage Datasheet

Top energy and utility companies use Cofense Triage to respond to phishing attacks faster and more efficiently.

View Now

1. “North Korean Actors Spear-Phish US Electric Companies,” Fire Eye, 2017.
2. “Phishing Attacks in the Energy Industry,” InfoSec Institute, 2018.
3. “Phishing Attacks in the Utilities Industry,” InfoSec Institute, 2018.