Don’t Respond to Suspicious Emails

Don’t Respond to Suspicious Emails

Sometimes when sending phishing simulations to our clients, we setup a reply-to address to see if people will reply to suspicious emails and many do ... Read More
Beware of Account Takeover

Beware of Account Takeover

One way to verify if an email is legitimate is to look at the sender’s address, the actual sender’s address, not just the sender’s name. One tactic cyber criminals employ is using the sender’s name to trick the recipients ... Read More
Phishing Simulations: Should they Reflect Real-World Attacks?

Phishing Simulations: Should they Reflect Real-World Attacks?

As the manager of a security awareness team, whose primary goal is to educate users on how to spot phishing attacks, I often get asked, “can you make the phishing simulations look like real-world phish?” This is when I show people what real-world phishing attacks look like ... Read More
Using Reported Phish to Hunt Threats

Using Reported Phish to Hunt Threats

| | Phishing, Threat analysis
Reported phishing emails are useful for plenty of reasons ... Read More
Security Training Video 0001: How to Secure Your Office-Ish

How To Change Security Behaviors: Information Security

Let’s be honest, employees make mistakes. And sometimes those mistakes have catastrophic consequences ... Read More
How To Change Security Behaviors: Mobile Security

How To Change Security Behaviors: Mobile Security

| | Mobile
Let’s be honest, security has never been simple ... Read More
6 Steps to Quickly Defang Reported Phishing Emails

6 Steps to Quickly Defang Reported Phishing Emails

So here it is… the first one you’ve received. Everything has been building up to this. You spent days preparing the business case, weeks designing the training program… and it’s finally paid off. The first user-reported phishing email has hit your inbox ... Read More
Security Awareness Training and How it Impacts Reported Suspicious Emails

Security Awareness Training and How it Impacts Reported Suspicious Emails

It should not be a surprise, but 95 percent of breaches come through phishing attacks. Nothing more than a simple lure email lands in one of your users inboxes, they click it, and everything unravels from there ... Read More
How To Fight the War Against Phishing

How To Fight the War Against Phishing

Making the move from the typical security awareness training approach to a powerful anti-phishing program isn’t an easy sell ... Read More
How To Make Reporting a Phish So Easy Even Your Busiest Execs Will Do It

How To Make Reporting a Phish So Easy Even Your Busiest Execs Will Do It

Frustrating, isn’t it? You design a powerful anti-phishing program, secure funding from your executive board, provide world-class training. You do everything right… ... Read More