Don’t Respond to Suspicious Emails
Sometimes when sending phishing simulations to our clients, we setup a reply-to address to see if people will reply to suspicious emails and many do ... Read More
Beware of Account Takeover
One way to verify if an email is legitimate is to look at the sender’s address, the actual sender’s address, not just the sender’s name. One tactic cyber criminals employ is using the sender’s name to trick the recipients ... Read More
Phishing Simulations: Should they Reflect Real-World Attacks?
As the manager of a security awareness team, whose primary goal is to educate users on how to spot phishing attacks, I often get asked, “can you make the phishing simulations look like real-world phish?” This is when I show people what real-world phishing attacks look like ... Read More
Using Reported Phish to Hunt Threats
Reported phishing emails are useful for plenty of reasons ... Read More
How To Change Security Behaviors: Information Security
Let’s be honest, employees make mistakes. And sometimes those mistakes have catastrophic consequences ... Read More
How To Change Security Behaviors: Mobile Security
Let’s be honest, security has never been simple ... Read More
6 Steps to Quickly Defang Reported Phishing Emails
So here it is… the first one you’ve received. Everything has been building up to this. You spent days preparing the business case, weeks designing the training program… and it’s finally paid off. The first user-reported phishing email has hit your inbox ... Read More
Security Awareness Training and How it Impacts Reported Suspicious Emails
It should not be a surprise, but 95 percent of breaches come through phishing attacks. Nothing more than a simple lure email lands in one of your users inboxes, they click it, and everything unravels from there ... Read More
