For effective security awareness, keep it focused
In their book, “Switch: How to Change Things When Change is Hard” authors Chip and Dan Heath examine how influencing humans to change requires appealing to two parts of the brain: the rational and the...
View ArticleNegative reinforcement: How NOT to improve user behavior
One of the interesting aspects of security awareness training is the intersection of information security with human resources. We know from experience that security practitioners are not always...
View ArticlePopular holiday-themed phishing attacks
The holidays are a busy time for everyone… especially for hackers trying to phish your employees. Phishing is most effective when it exploits human emotions—fear, greed, anxiousness, curiosity,...
View ArticleThe Resurgence of Data-Entry Phishing Attacks
‘Old School’ email social engineering or data-entry phishing is an attack method that has been on the rise in recent months, notably employed by the Syrian Electronic Army to hack seemingly every major...
View ArticlePhishing for passwords with malware
Reports from the Target breach investigation continue to trickle in, with Brian Krebs now citing multiple sources close to the investigation that have traced the initial compromise to login credentials...
View ArticleWatering Holes vs. Spear Phishing
Watering-hole attacks have been established as an effective attack technique for a while now. As the industry has analyzed some prominent examples, many have come to the conclusion that watering-holes...
View ArticleWhat we’re reading about the Chinese hacking charges
While the full implications from yesterday’s DoJ indictment of five Chinese hackers on charges of cyber crime are yet to be fully seen, these charges have already succeeded in elevating cyber crime...
View ArticleNational Cybersecurity Awareness Month 2014
With National Cyber Security Awareness month (NCSAM) upon us, the national spotlight is on best practices to stay safe and protect your data online. Thanks to the support of the National Cyber Security...
View ArticleThe Danger of Sensationalizing Phishing Statistics
People are often curious about what percentage of users will fall for a phishing attack, and it’s tempting to try to create this kind of statistic. At PhishMe, we’ve found that trying to assign a...
View ArticleSilicon India Magazine: Combating Phishing attacks through Human Resource
A deep inside look at digital security threats and human behavior through various verticals. “Business firms seem to have forgotten that hackers target human vulnerability and weakness to break the...
View Article
