Ransomware Delivered by 97% of Phishing Emails by end of Q3 2016 Supporting Booming Cybercrime Industry

PhishMe Q3 Malware Review finds encryption ransomware has hit record levels, while ‘quiet malware’ remains a significant threat

 LEESBURG, VA November 17, 2016: PhishMe Inc., the leading provider of human phishing defense solutions, released findings today that show the amount of phishing emails containing a form of ransomware grew to 97.25 percent during the third quarter of 2016 from 92% in Q1. Remaining at the forefront is the Locky encryption ransomware, which has introduced a number of techniques to resist detection during the infection process.

Published today, PhishMe’s Q3 2016 Malware Review identified three major trends previously recorded throughout 2016, but have come to full fruition in the last few months:

  • Locky continues to dominate: While numerous encryption ransomware varieties have been identified in 2016, Locky has demonstrated adaptability and longevity
  • Ransomware encryption: The proportion of phishing emails analyzed that delivered some form of ransomware has grown to 97.25 percent, leaving only 2.75 percent of phishing emails to deliver all other forms of malware utilities
  • Increase in deployment of ‘quiet malware’: PhishMe identified an increase in the deployment of remote access Trojan malware like jRAT, suggesting that these threat actors intend to remain within their victims’ networks for a long time

During the third quarter of 2016, PhishMe Intelligence conducted 689 malware analyses, showing a significant increase over the 559 analyses conducted during Q2 2016. Research reveals that the increase is due, in large part, to the consistent deployment of the Locky encryption ransomware. Locky executables were the most commonly-identified file type during the third quarter, with threat actors constantly evolving the ransomware to focus on keeping this malware’s delivery process as effective as possible.

“Locky will be remembered alongside 2013’s CryptoLocker as a top-tier ransomware tool that fundamentally altered the way security professionals view the threat landscape,” explained Aaron Higbee, CTO and Co-founder, PhishMe. “Not only does Locky distribution dwarf all other malware from 2016, it towers above all other ransomware varieties. Our research has shown that the quarter-over-quarter number of analyses has been on a steady increase, since the malware’s introduction at the beginning of 2016, and thanks to its adaptability, is showing no signs of slowing down.”

While ransomware dominates the headlines, the Q3 PhishMe Malware Review reveals that other forms of malicious software delivered using remote access Trojans, keyloggers and botnets still represent a significant hazard in 2016. Unlike ransomware, so-called ‘quiet malware’ is designed to avoid detection while maintaining a presence within the affected organization for extended periods of time. While only 2.75 percent of phishing emails delivered non-ransomware malware, the diversity of unique malware samples delivered by these emails far exceeded that of the more numerous ransomware delivery campaigns.

Rohyt Belani, CEO and Co-founder of PhishMe added, “The rapid awareness and attention on ransomware has forced threat actors to pivot and iterate their tactics on both payload and delivery tactics. This sustained tenacity shows that awareness of phishing and threats is not enough. Our research shows that without a phishing defense strategy, organizations are susceptible to not just the voluminous phishing emails used to deliver ransomware, but also the smaller and less-visible sets of emails used to deliver the same malware that has been deployed for years. Only by preparing for these attacks is it possible to empower users to act as both human sensors for detecting attacks and partners in preventing threat actors from succeeding.”

To download a full copy of the Q3 2016 Malware Review, click here.

 

Connect with PhishMe Online

 About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

PhishMe Ranked No. 152 Fastest Growing Company in North America on Deloitte’s 2016 Technology Fast 500™

Company Attributes Massive Revenue Growth to its Unique Approach to Preventing and Mitigating Cyber Attacks

Leesburg, VA – November 17, 2016 – PhishMe, a global provider of phishing defense and intelligence solutions for the enterprise, today announced it ranked No. 152 on Deloitte’s Technology Fast 500™, a ranking of the 500 fastest growing technology, media, telecommunications, life sciences and energy tech companies in North America based on revenue growth. PhishMe grew 564.1 percent over the last three years, as enterprises implement its suite of products to mitigate cybersecurity threats.

“The  unprecedented increase in frequency and damage caused by cyberattacks in the recent past has created a demand for innovative defensive solutions that can adapt to the attackers changing tools and techniques,” said Rohyt Belani, PhishMe CEO. “Our dogged focus on innovation followed through with strong execution have supported the company’s explosive growth over the last three years. We are honored to be recognized on this coveted list by Deloitte.”

“Today, when every organization can be a tech company, the most effective businesses not only foster the courage to explore change, but also encourage creativity in using and applying existing assets in new ways, as resourcefully as possible,” said Sandra Shirai, principal, Deloitte Consulting LLP and U.S. technology, media and telecommunications industry leader. “This ingenious approach to innovation calls for the encouragement of curiosity and collaboration both within and outside the office walls.”

“This year’s Fast 500 winners showcase that when organizations are open to diverse perspectives and insights, they are able to create an environment for their employees and customers to see the possibilities and ingenious solutions that might lie ahead,” added Jim Atwell, national managing partner of the emerging growth company practice, Deloitte & Touche LLP. “Entrepreneurial environments foster change and innovation within businesses, and we look forward to watching these companies continue to drive change across all sectors.”

PhishMe, Inc. previously ranked number 99 as a Technology Fast 500™ award winner for 2015. Overall, 2016 Technology Fast 500™ companies achieved revenue growth ranging from 121 percent to 66,661 percent from 2012 to 2015, with median growth of 290 percent.

About Deloitte’s 2016 Technology Fast 500™

Deloitte’s Technology Fast 500 provides a ranking of the fastest growing technology, media, telecommunications, life sciences and energy tech companies – both public and private – in North America. Technology Fast 500 award winners are selected based on percentage fiscal year revenue growth from 2012 to 2015.

In order to be eligible for Technology Fast 500 recognition, companies must own proprietary intellectual property or technology that is sold to customers in products that contribute to a majority of the company’s operating revenues. Companies must have base-year operating revenues of at least $50,000 USD, and current-year operating revenues of at least $5 million USD. Additionally, companies must be in business for a minimum of four years and be headquartered within North America.

As used in this document, “Deloitte” means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

PhishMe Appoints Shane McGee as General Counsel & Chief Privacy Officer

Expansion of Management Team Signals PhishMe’s Commitment to Privacy, Compliance and Ethics

 Leesburg, VA – November 10, 2016 – PhishMe, a global provider of phishing defense and intelligence solutions for the enterprise, announced today it has expanded its senior leadership team and appointed Shane McGee as general counsel & chief privacy officer. McGee will be responsible for all of PhishMe’s legal affairs, acting as a strategic business partner and providing advice and oversight in several areas including privacy, compliance and ethics.

“PhishMe is growing and maturing as a company and we’re excited to welcome someone to the team with experience as extensive and impressive as Shane’s,” said Rohyt Belani, CEO of PhishMe. “This addition to the management team is the next step in our continuing growth and ongoing commitment to protect our company and customers globally.”

McGee joins PhishMe from FireEye where he was chief privacy officer and vice president of policy and managed the company’s global privacy program. He also led FireEye’s government affairs team, whose aim was to promote security policy changes around the world to safeguard against the increasing amount of cyberattacks from hackers and state-sponsored actors. He will now bring this expertise to PhishMe to continue those efforts and help lead the way in cracking down on phishing and malware scams, most notably ransomware, which has recently become the top cybercrime.

“In our digital world, cybersecurity is one of the fastest growing market sectors today, and PhishMe is in a position to make a real difference in the business community,” said McGee. “By joining PhishMe, a global leader in cybersecurity, I now have the unique opportunity to work with more than half of the Fortune 100 companies in their efforts to avoid and mitigate the damage done by cyberattacks.”

For nearly 20 years, McGee has been a practicing attorney focusing on data privacy and security law. He served as Mandiant’s General Counsel in charge of handling legal and government affairs for the company, and negotiated and finalized the sale of Mandiant to FireEye for more than $1 billion. Prior to joining Mandiant, McGee was a partner with SNR Denton (now Dentons) a large international law firm, where he was chair of the firm’s U.S.-based Data Protection Group.

Over the course of his career, McGee has counseled some of the world’s largest technology companies on privacy, compliance and security issues. He has represented several clients in privacy-related FTC inquiries, counseled clients on transactions involving large volumes of consumer data, and joined litigation teams on cases involving technology rights and advanced electronic discovery issues. Before going into law, McGee was programmer, consultant and instructor, and remains a Certified Information System Security Professional (CISSP).

 

About PhishMe

 PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

PhishMe Adds International Training Modules to Complimentary Computer Based Training Program

Leesburg, VA – October 31, 2016 – PhishMe, a global provider of phishing defense and intelligence solutions for the enterprise, today announced the availability of new international modules for its complimentary CBT program, CBFree. The release, which follows PhishMe’s recognition as a leader by Gartner in the research firm’s 2016 Security Awareness Computer-Based Training Magic Quadrant, provides six fully translated and localized editions of CBFree. Available to any organization regardless of whether they are a PhishMe customer, CBFree provides employees with security awareness training on today’s greatest cybersecurity threats including spear-phishing, ransomware, and business email compromise (BEC).

Released during National Cyber Security Month in the U.S., the new modules have been delivered as a response to the huge number of localization requests PhishMe receives every month from organizations wanting to meet compliance obligations. Recognizing that cybercrime is a global problem and that many organizations have an internal requirement to provide a broader program for security awareness training to their employees, the localized modules for CBFree enable access to world class non-English CBT lessons.

“CBFree has proved extremely popular among companies looking to provide awareness CBTs to expand their security awareness programs and satisfy compliance requirements,” explained Jeff Orloff, Director of Content at PhishMe. “With our new international modules, we’ve made this valuable educational content available to a much wider audience. That said, PhishMe acknowledges that awareness is not the problem. CBTs alone won’t address the full extent of the cybersecurity problem. By offering CBTs at no cost, PhishMe is enabling organizations to focus their resources on instituting impactful programs to effect real changes in behavior.”

Now available in English, French, German, Japanese, Chinese, Spanish and Portuguese, PhishMe’s current library of complimentary CBTs includes 15 security awareness modules and three compliance training modules. The second phase of the International launch will accommodate for languages in the Middle East, Russia and Italy.

“Cyber Security Month has been illuminating this year for the security industry,” concluded Rohyt Belani, CEO, PhishMe. “The level of discussion around threats faced by the business community is higher and more complex than ever before. This, coupled with the growing popularity of our CBFree program and demand for international modules, emphasizes the growing need for company-wide engagement around cybersecurity. However, if we want to make a dent in the enormous scale of this problem and protect global enterprise now and in the future, we must continually expose employees to safe, managed experiences that condition them to adjust core behaviors. Only then will our line of defense be strong enough to make a difference.”

To learn more and to download these modules, please visit PhishMe CBFree.

To receive a complimentary copy of the Gartner 2016 Security Awareness Computer-Based Training Magic Quadrant, click here.

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision-making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

PhishMe, Inc. Recognized by Washington Business Journal as One of Washington D.C.’s Fastest Growing Companies

LEESBURG, VA – October 28, 2016 PhishMe, Inc. a global provider of phishing defense and intelligence solutions for the enterprise, announced today that the Washington Business Journal has ranked the company as #21 of Washington’s 50 fastest growing private companies of 2016. PhishMe’s team was honored at a public award ceremony on Thursday, October 27, where their ranking on the list was announced. Additionally, the list has been published on the Washington Business Journal’s site.

This highly competitive list is comprised of companies that have recorded consecutive year-over-year growth of more than $2 million in revenue in 2013 and more than $10 million in revenue in 2015. The firms are privately held during the reporting period and must be headquartered in the Washington D.C. area. They cannot be subsidiaries of other companies. The Washington Business Journal then calculates the revenue growth percentages by which the companies are ranked. Only the top 50 make the list.

“Making the Washington Business Journal’s list of the fastest growing companies is a great honor and an indication of all the hard work our team has been doing,” said Rohyt Belani, Co-Founder and CEO of PhishMe. “As cybersecurity continues to be at the forefront of businesses in this digital age, our strong business fundamentals and ability to adapt to the market has afforded us the platform for strong growth.”

PhishMe has recently achieved record cumulative growth of more than 560 percent over the last three years. In addition, the company has helped more than half of the Fortune 100 organizations defend themselves against thousands of phishing attacks perpetrated by cybercriminals across the globe, helping PhishMe attain a 93 percent gross retention and negative net churn. This has resulted in PhishMe also being recognized as a leader in the 2016 Gartner Magic Quadrant for Security Awareness Computer-Based Training.

The company’s growth has landed PhishMe on multiple lists of the nation’s fastest growing companies, including Deloitte’s Technology Fast 500 and the Inc. 500/5000 Awards.

Connect with PhishMe Online

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

PhishMe Recognized by Gartner as a Leader in Magic Quadrant for Security Awareness CBT 2016

 PhishMe positioned as a leader for ability to execute and its completeness of vision

Leesburg, VA – October 28 2016 – PhishMe, a global provider of phishing defense and intelligence solutions for the enterprise, announced today it was positioned as a leader by Gartner, Inc. in the global research firm’s 2016 Security Awareness Computer-Based Training Magic Quadrant for its ability to execute and its completeness of vision.

To receive a complimentary copy of the report, go to the PhishMe website.

“We are especially pleased to be included as a leader in the Gartner Security Awareness CBT Magic Quadrant this year,” stated Rohyt Belani, CEO and Co-Founder, PhishMe. “We take a more interactive approach to security awareness than the traditional vendors. PhishMe creates awareness and training materials as part of its Human Phishing Defense platform, which is designed to modify behavior through experiential learning and engagement. It’s an approach which has been proven to reduce the threat of employees falling victim to sophisticated cyberattacks by up to 95 percent.”

PhishMe provides a complete anti-phishing product portfolio that engages both everyday user and the IT Security response teams.  “PhishMe aggressively invests in new product capabilities and services, which is a critical requirement for any cybersecurity company,” commented Aaron Higbee, CTO and Co-Founder, PhishMe.  “Hackers are always coming up with new ways to circumnavigate our defenses and the onus is on security vendors to develop new ways to respond. We believe that Gartner has recognized PhishMe’s technical innovations and growth in this area.”

To protect against advanced phishing attacks coming from motivated attackers, many modern enterprises rely on PhishMe – including more than 50 percent of the Fortune 100 – as the foundation of their security programs. This is one more indication of PhishMe’s leadership in the security industry, along with many other awards and honors that the company has received, including the most recent accolades from: the 2016 SC Award, 2016 Inc 500/5,000 award, 2016 EY Entrepreneur of the Year finalist, 2016 Information Security Products Guide Global Excellence Award, 2016 CDM Infosec Awards and 2016 Washington Business Journal Best Place to Work Award.

To learn more about PhishMe’s solutions, please visit www.phishme.com.  The PhishMe human defense solution suite includes PhishMe Simulator, PhishMe Reporter, PhishMe Triage, PhishMe Intelligence and PhishMe CBFree.

 

Connect with PhishMe Online

 

Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including all warranties of merchantability or fitness for a particular purpose.

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

PhishMe Honored on the Inc. 5000 List for the Second Year in a Row

After Posting 3-year Cumulative Growth of More than 560 Percent, PhishMe Recognized as One of America’s Fastest-Growing Private Companies

LEESBURG, VA – August 17, 2016 – PhishMe, Inc., the leading provider of human-phishing defense solutions, announced today that Inc. magazine has ranked PhishMe No. 700 on its 35th annual Inc. 5000, the most prestigious ranking of the nation’s fastest-growing private companies. The list represents a unique look at the most successful companies within the American economy’s most dynamic segment— its independent small businesses. Companies such as Microsoft, Dell, Domino’s Pizza, Pandora, Timberland, LinkedIn, Yelp, Zillow, and many other well-known names gained their first national exposure as honorees of the Inc. 5000.

“Making the Inc. 5000 list two-years in a row is a tremendous honor and a testament to all the hard work our team has been doing,” said Rohyt Belani, CEO and Co-Founder of PhishMe. “PhishMe has maintained our focus and executed cleanly over the past several years. Our strong business fundamentals have afforded us the platform for expansive growth while cybersecurity continues to be at the forefront of businesses in this digital age.”

PhishMe has recently achieved record cumulative growth of more than 560 percent over the last three years. In addition, the company has helped more than half of the Fortune 100 organizations to defend themselves against thousands of phishing attacks perpetrated by cybercriminals across the globe, helping PhishMe attain a 93 percent gross retention and negative net churn.

The 2016 Inc. 5000 is the most competitive crop in the list’s history. The average company on the list achieved a mind-boggling three-year growth of 433%. The Inc. 5000’s aggregate revenue is $200 billion, and the companies on the list collectively generated 640,000 jobs over the past three years, or about 8% of all jobs created in the entire economy during that period. Complete results of the Inc. 5000 can be found at www.inc.com/inc5000.

Connect with PhishMe Online:

Follow PhishMe on Twitter: https://twitter.com/phishme

Follow PhishMe’s Blog: http://phishme.com/blog/

Follow PhishMe on LinkedIn: https://www.linkedin.com/company/phishme-inc-

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

More about the Inc. 5000
The 2016 Inc. 5000 is ranked according to percentage revenue growth when comparing 2012 to 2015. To qualify, companies must have been founded and generating revenue by March 31, 2012. They had to be U.S.-based, privately held, for profit, and independent—not subsidiaries or divisions of other companies—as of December 31, 2015. (Since then, a number of companies on the list have gone public or been acquired.) The minimum revenue required for 2012 is $100,000; the minimum for 2015 is $2 million.

 

Lastline, Mimecast, McAfee and More Join Rapidly Expanding PhishMe Technology Alliance Program

Join PhishMe at Black Hat 2016 to Learn How Joint Customers Maximize Investments in Lastline, Mimecast, IBM, McAfee and Recorded Future

LEESBURG, VA – 2 August, 2016 – PhishMe Inc., the leading provider of human phishing defense solutions, today announced the addition of further technology partners to its Technology Alliance Program (TAP), an ecosystem of the world’s leading security providers. TAP has continued to deliver exceptional value to mutual customers since its formation in March 2016, and with the likes of Lastline and Mimecast joining existing members including FireEye and Cisco, the alliance has further strengthened its ability to protect organizations from today’s advanced threats.

TAP launched in early 2016 to provide organizations with simple integrations that bolster security, improve operational workflow and manageability, maximize security investments, and reduce the risk of falling victim to phishing-driven cyberattacks. After considerable success, the program is pleased to welcome more of the industry’s leading solutions and services providers:

  • Lastline: PhishMe Triage and Lastline Analyst have partnered to provide security teams with an integrated phishing incident response malware analysis solution. The integration has made it efficient for mutual customers to automatically and accurately identify malware much faster, and increase the value from existing security investments
  • Mimecast: PhishMe has entered into an alliance with Mimecast as a go-to-market partner. PhishMe has also joined forces with Mimecast as a founding member within their recently announced Cybersecurity Resiliency Alliance Network.
  • Bay Dynamics: User Behavior Analytics (UBA) leader, Bay Dynamics, and PhishMe partner to empower security teams to conduct phishing simulation campaigns against employees based on their risk profile.
  • McAfee: PhishMe Triage and PhishMe Intelligence can send to or ingest into McAfee’s ESM.
  • ThreatQuotient and Anomali: PhishMe Intelligence can be consumed into leading threat intelligence platforms (TIPs) and cross-correlated across other sources of threat intelligence.

PhishMe is also pleased to have expanded integrations with initial TAP partners:

  • Recorded Future: PhishMe and Recorded Future added to their integration for customers to continually pivot between human-verified phishing intelligence and real-time threat intelligence through the OMNI Intelligence Integration.
  • LogRhythm: PhishMe and LogRhythm completed the integration with PhishMe Triage and LogRhythm’s Security Intelligence Platform.
  • IBM: PhishMe Intelligence and PhishMe Triage support IBM QRadar.
  • HPE: PhishMe has achieved ArcSight certification for PhishMe Intelligence and PhishMe Triage.
  • Splunk: PhishMe Intelligence apps are available at Splunk

“We’re excited to be partnering with PhishMe! By combining PhishMe Triage and Lastline Analyst, we’ve made it efficient for our mutual customers to automatically and accurately identify malware much faster. An added benefit is that our customers increase the value from existing security investments,” said Brian Laing, Vice President of Business Development and Product, at Lastline.

“The PhishMe Technology Alliance Program was created to deliver security benefits that can only be achieved through close cooperation and shared intelligence,” explained Allan Carey, Vice President of Business Development at PhishMe. “By collaborating with industry leading security providers such as Lastline, Mimecast, and our existing TAP members, the alliance is actively showing what can be achieved through a shared commitment to increase security operations efficiency and maximize customer value. Together, we are giving organizations the security solutions and intelligence they need to proactively detect and quickly respond to cyber attacks.”

To learn more about the PhishMe Technology Alliance Program, visit booth 1315 at Black Hat 2016 in Las Vegas.

Connect with PhishMe Online:

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

Q2 2016 Firmly Establishes Ransomware as a Mature Business Model for Malicious Actors

PhishMe Q2 Malware Review identifies key security trends including the rise of encryption ransomware and remote malware deployments

LEESBURG, VA – 2 August, 2016 – PhishMe Inc., a leading provider of human phishing defense solutions, has revealed that the second quarter of 2016 saw ransomware firmly establish itself as a mature business model, with the threat showing no outward signs of diminishing. Encryption ransomware now accounts for 50% of all malware configurations, meaning that it is no longer considered simply a means for making a quick profit, but a permanent fixture on the threat landscape.

Published today, PhishMe’s Q2 2016 Malware Review identified three key trends previously recorded earlier in the year, but now firmly established:

  • Encryption ransomware: Given the tenacity and frequency of ransomware phishing attacks, it appears cybercriminals now consider this a tried and trusted business model
  • Rise in evasion techniques: PhishMe encountered an increase in the number and volume of malware deployments incorporating simple evasion techniques to circumvent protection by security solutions
  • Simple attacks still pack a punch: Numerous deployments of malware were recorded with less sophisticated actors who still wield robust feature sets

In March of 2016, PhishMe malware analysis noted a strong diversification of ransomware strains and were responsible for 93% of all malware payloads delivered that month. The Q2 malware research shows that ransomware has begun consolidation in May and June as Cerber encryption ransomware and Locky strongly dominated in the ransomware scene. The research behind this ransomware evolution strongly supports the notion that ransomware has effectively become a major business model for threat actors, seeking the most advantageous and cost-effective means for generating sustainable profits.

“Barely a year ago, ransomware was a concerning trend on the rise. Now, ransomware is a fully established business model and a reliable profit engine for cybercriminals, as threat actors involved treat it as a legitimate industry by selling information, tools and resources to peers based all around the world,” explained Rohyt Belani, CEO & Co-Founder, PhishMe. “Empowering the human element to detect and report these campaigns needs to be a top priority for organizations if they are to protect themselves from a threat that is here for the long term.”
The report also unveils findings on the usage of stenography and ciphers in malware delivery, both increasingly popular anti-analysis techniques designed to bypass security solutions and the efforts of security researchers. Using a common stenographic technique, threat actors are able to hide the Cerber executable of a Cerber malware payload within a seemingly harmless image file – sneaking past layers of security technologies to make its way into the target victim’s inbox. The report provides further examples on how the executables are embedded and what to look for when conducting a deep ransomware analysis.

Additionally, the Q2 2016 Malware Review also sheds light on remote access Trojan utilities which have garnered significant attention recently due to their purported use in the high profile intrusion and apparent theft of data from the Democratic National Committee. While details regarding the attack are still private, deployment of remote access Trojans via phishing email is a frequent occurrence. The risks associated with these less-sophisticated, yet feature-packed malware utilities have been underscored through frequent use by advanced actors.

To download a full copy of the Q2 2016 Malware Review, click here

Connect with PhishMe Online

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

PhishMe Expands Availability of Phishing Incident Response Solution with Cloud and Managed Deployments

PhishMe Triage is now more easily deployed to meet the needs of organizations of all sizes

LEESBURG, VA – London, UK – 2 August, 2016 – PhishMe, Inc., the leading provider of human-phishing defense solutions, announced today that it has added powerful new features and deployment options to its phishing threat management and incident response platform, PhishMe Triage. PhishMe Triage users can now choose between three deployment options to fit their organization’s needs. Still available in its original form as a virtual appliance, PhishMe Triage now offers a secure cloud and a fully managed option to customers.

PhishMe Triage Cloud delivers a faster time to deploy with a dedicated instance hosted in the PhishMe secure cloud infrastructure that allows customers to continue to manage the day-to-day operational and analysis tasks. With PhishMe Triage Cloud, new customers can be up and running in a matter of days. PhishMe Triage Managed gives customers the opportunity to completely outsource their phishing incident response programs, and includes customizable SLAs, reporting and analysis of reporting phishing incidents while freeing SOC and IR teams to concentrate on other critical tasks. The additional deployment options for PhishMe Triage makes phishing incident response more available to organizations of all sizes and needs.

PhishMe Triage Cloud and PhishMe Triage Managed are already in use by dozens of customers today.  John Helt, Cyber Security Analyst at Scripps Networks Interactive, a leading developer of lifestyle-content for television and the Internet, said: “PhishMe Triage allows us to encourage our users to report suspicious messages knowing that each will be carefully analyzed with prompt feedback returned to each individual. The solution provides our response teams the rapid, detailed information they need to address e-mail threats quickly and efficiently without wasting time chasing false positives.”

Further strengthening the Triage capabilities, PhishMe has added new significant features to the solution, these include:

Reputation Prioritization with VIP Reporter

PhishMe Triage now prioritizes suspicious activity reported by trusted “VIPs” within an organization. The ability to set reputation and trust levels for VIPs  helps operators quickly assess and respond to possible threats as reported by the most vigilant and astute reporters in the company.

Streamlined Management with Syslog Alerts

PhishMe Triage can now proactively provide timely threat information to SOC operators even if they are not actively monitoring the solution when a threat is reported. With Syslog Alerts, PhishMe Triage can drive a pre-configured alert into the customer’s SEIM to trigger workflows established to handle security alerts.

Lastline Analyst Integration

PhishMe Triage and Lastline Analyst have partnered to provide security teams with an integrated phishing incident response malware analysis solution. The integration has made it efficient for mutual customers to automatically and accurately identify malware much faster, and increase the value from existing security investments

“As malware attacks continue to grow exponentially, it is important for businesses to rely on a solution that is widely available and accessible. The expansion of PhishMe Triage deployment options enables businesses to scale up and scale down their security efforts for a leaner experience,” said Aaron Higbee, CTO at PhishMe. “Updates to our Triage offerings will also enable our customers to significantly reduce incident response times, whilst allowing them to obtain accurate threat information for timely security alerts.”

For more information on PhishMe’s enterprise phishing defense solution, please visit http://phishme.com/product-services/pm-solution/.

Connect with PhishMe Online:

Follow PhishMe on Twitter: https://twitter.com/phishme

Follow PhishMe’s Blog: http://phishme.com/blog/

Follow PhishMe on LinkedIn: https://www.linkedin.com/company/phishme-inc-

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.