Why Phishing Training Is Important

Why Phishing Training Is Important

In 2017, an email prankster targeted the White House. The prankster’s goal was simple: to trick White House staff into responding to fraudulent emails for nothing more than a cheap thrill. With little to gain from the endeavour, the prankster’s efforts were basic. The trickster wrote a simple email purporting to be from Donald Trump’s son-in-law, Jared Kushner. He sent it off to Tom Bossert (at the time Homeland Security Advisor). And he waited to see if the security advisor would respond. The importance of phishing awareness training The nature of the prank alone goes a long way to...
Can phishing be prevented?

Can phishing be prevented?

As phishing filters are far from perfect, can phishing ever really be prevented? Today, with phishing attacks on the rise and the cyber threat landscape constantly evolving, most companies employ some form of technological phishing filter to help prevent phishing. Such filters typically rely on machine learning to check and categorise incoming emails and, after doing, prevent suspicious emails from making it into corporate inboxes. Phishing filters are imperfect Unfortunately, as Mimecast research shows, phishing filters are far from perfect. They might be able to counter dated and known...
How to identify a phishing email

How to identify a phishing email

You’ve received an email. As no phishing filter can keep out 100% of all phishing attacks, there’s a chance the email could be malicious – no matter what it looks like. How do you check whether or not the email is a phishing attack?   Step 1: Is the email expected? When trying to identify a phishing email, first, take stock. Before beginning to dissect the email, ask yourself whether or not it was expected. Phishing emails are typically unsolicited and it’s that that makes them conspicuous. An unsolicited email is the first clue an email might be phishing. Step 2: Does the email ask you...
5 ways to get more from cyber security awareness campaigns

5 ways to get more from cyber security awareness campaigns

Incredibly, traditional cyber security awareness training may actually decrease security awareness. Here’s how to ensure your security awareness campaigns increase resilience. Last year, researchers looking into the security of mobile devices inadvertently uncovered something quite striking. Researchers found that, as the reported frequency of security training increased, staff security awareness decreased. According to their findings, with every additional security awareness training session an organisation held, security awareness among employees dropped. To many in security, it’s been...
Why are phishing attacks successful?

Why are phishing attacks successful?

Phishing attacks often seem rudimentary. With their spelling and grammar errors, blurry replicas of company logos and conspicuous twists on sender names, they should be easy to spot, shouldn’t they? So why is it, instead of dying down, phishing attacks are on the rise? Why is it phishing emails are more likely to cause a breach than any other form of cyber attack? Why are phishing attacks successful?   Phishing emails rely on psychology Dig beneath the skin of a typical phishing email and you’ll soon see it isn’t as “rudimentary” as it might first appear. Phishing emails – even the most...
How are phishing attacks used in identity theft?

How are phishing attacks used in identity theft?

People are more likely to be a victim of identity theft than any other type of cybercrime… and phishing can be a precursor In order to steal your identity, criminals need to get hold of your personal information. That’s all it really takes to begin opening bank accounts, applying for credit cards and even obtaining false identity documents in your name. Cyber criminals use a number of techniques to steal personal information – but among the most common is phishing.   How phishing is used in identity theft Phishing campaigns can help criminals harvest the information they need to steal...