When people refer to PhishMe as the awareness company, we smile and nod. I want to correct them, but the label ‘security awareness’ is comfortable and relatable. One of the activities that organizations commonly believe will help reduce risk is mandatory security awareness computer-based training (CBT) lessons. The hope is that if we enroll our humans in online courses about how the bad guys hack us, they will walk away with a wealth of new-found awareness and avoid being victimized. (Try to visualize how far in the back of my head my eyes are rolling…)
It’s that time of year again. No, it’s not the arrival of the pumpkin spiced latte at your local coffee shop. It’s National Cyber Security Awareness month (NCSAM) as proclaimed by President Barack Obama last year. “National Cyber Security Awareness Month — celebrated every October — was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online,” as stated by the National Cyber Security Alliance located on their StaySafeOnline.org website. At PhishMe, we are proud to once again play a lead role in the cyber security community as a 2015 NCSAM “Champion” sponsor.
Over the last few months, we’ve been seeing a huge influx of attackers using VistaPrint for business email compromise (BEC) scams. Losses due to account takeovers total over a billion dollars, and given the nature of these wire fraud attempts, it’s pretty easy to get the money, unless you’re the VP of finance for PhishMe. Why are attackers using VistaPrint, and what makes them such a middle-man for these attacks?
(VIDEO UPDATE LINK: Defending Against Phishing Attacks: Case Studies and Human Defenses by Jim Hansen
• A human centric method of defense
• Attack case studies & attacker technique analysis
• Proactive simulation methods: educating workforces & detecting / thwarting attacks)
(^ say that title ten time fast)
Every year PhishMe Simulator sends millions of phishing emails to its 500+ enterprise customers’ employees worldwide. PhishMe is hands down the most robust and sophisticated phishing platform in existence. To say that we are a little obsessive about Phishing is a bit of an understatement. In fact, we are sitting on innovations in phishing that the bad guys have yet to figure out.
The difference in PhishMe emails versus the bad guys, is that ours are carefully crafted to deliver a memorable experience. Our experiences are masterfully designed to change human behavior to avoid phishing. So what happens when one of our own employees is on the receiving end of a wire fraud phish? Read on…
Hello everyone, and thank you for coming to check out the Yara CTF answers! We had a TON of folks who were interested in the challenge, many submitted answers, and many folks enjoyed the challenges. Some of the best feedback we received was “This was the shortest plane ride over to Vegas. Thanks, PhishMe!” [Read more…]
People are often curious about what percentage of users will fall for a phishing attack, and it’s tempting to try to create this kind of statistic. At PhishMe, we’ve found that trying to assign a blanket statistic is counterproductive – however this hasn’t stopped others in the industry from trying to do so. The most recent company to try is Intel Security (formerly McAfee), which declared that 97% of people globally were unable to correctly identify phishing emails. While this statistic certainly makes for a nice headline, it is broad-based and flawed in a number of ways. [Read more…]
For a long time, attackers have used .zip files in order to carry their bad stuff to organizations. Typically attackers include the malware in an .exe or screensaver file in the .zip , but we’ve noticed attackers trying to tell a different story in a recent wave of attacks. Here’s a screenshot of one of the emails:
Once opened, the user is prompted to download a .zip file. We can see this in the iframe of the html file inside, as well as the .zip file that is downloaded. [Read more…]
It’s been over a year since Dyre first appeared, and with a rise of infections in 2015, it doesn’t look like the attackers are stopping anytime soon. At PhishMe we’ve been hit with a number of Dyre attacks this week, so to make analysis a little easier, I tossed together a quick python script that folks can use for dumping the configurations for Dyre.
For those who may have lost track of time, it’s 2015, and phishing is still a thing. Hackers are breaking into networks, stealing millions of dollars, and the current state of the Internet is pretty grim.
We are surrounded with large-scale attacks, and as incident responders, we are often overwhelmed, which creates the perception that the attackers are one step ahead of us. This is how most folks see the attackers, as being a super villain who only knows evil, breathes evil, and only does new evil things to trump the last evil thing.
This perception leads to us receiving lots of questions about the latest attack methods. Portraying our adversaries as being extremely sophisticated, powerful foes makes for a juicy narrative, but the reality is that attackers are not as advanced as they are made out to be.