News & Blog

This anti-phishing checklist outlines key controls that help to prevent phishing, improve phishing detection, and minimize the impact from phishing.

EY is a global leader in in assurance and advisory services. For several decades EY has been conducting a Global Information Security Survey (GISS). The 2018 security survey from EY provides some valuable insight into the cybersecurity threat. Cyb

In its eleventh edition, the Verizon Data Breach Investigations Report (DBIR) continues to be a wealth of information for security professionals. Email threats, such as phishing, continue to be a problem.

Check Point Research has released their 2018 Security Report. This information security report provides insight into today’s threat landscape, including email-borne threats such as phishing.

The Symantec Internet Security Threat Report continues to be a valuable resource for companies to understand current threat vectors. The report highlights current threats and provides specific statistics related to these threats.

PhishingBox launches 'Phishing Reply Tracking' to combat against CEO Fraud and Business Email Compromise phishing scams to help companies spot these attacks and allow them to deploy the necessary employee training and awareness to lower risk.

The PhishingBox team has recently noticed a surge in phishing scams related to renewing domain names, web/email hosting, etc., and we want to give some insights on ways to identify the scam and protect yourself from falling victim.

The Verizon Data Breach Investigation Report (DBIR) provides useful information related to information security. The findings from the report confirm that phishing is a significant threat vector in today's environment.

We are accepting applications for a full-time Account Manager, to work alongside the existing sales team in Lexington, KY. Experience in sales is required. Technology or software sales experience is a plus, but not required.

The APWG Phishing Activity Trends Report for 4th Quarter 2016 indicates that the total number of phishing attacks in 2016 was 1,220,523, which is a 65% increase over 2015. Phishing activity in early 2016 was the highest ever recorded by APWG since i

The Licking County government offices in Ohio, including the police force have been shut down by ransomware. It’s clear that someone in the office caught a bug in a phishing scam or by downloading it and now their servers are locked up.

The style of identity theft is extremely widespread because of the ease with which unsuspecting people share personal information. Phishing scams often lure people with spam email and instant messages requesting people to verify their account or confirm their billing address through what is actually a malicious website. Email phishing scams are carried out by tech-savvy con artists and identity th...

Internet fraud has been around for just about as long as the Internet itself.  According to a Kaspersky Lab 2016 Report, each year, cybercriminals come up with new techniques and tactics to fool their potential victims.  Phishing emails include fake notifications from banks, e-payment systems, email providers, social networks, online games, etc.  The aim of these em...

The Verizon Data Breach Investigations Report Summary highlights key information related to social engineering. Now in its ninth year of publication, the “Verizon 2016 Data Breach Investigations Report” analyzes more than 2,260 confirmed data breaches and more than 100,000 reported security incidents in this year’s report – the highest since the report’s inception in ...

According to Netswitch Technology Management, the Advanced Persistent Threat (APT) kill-chain looks like the following: Social Engineering: Identify individuals that have the needed access privileges. Spear Phishing: Attackers send spoofed e-mails with malicious links to download malware and infect high-value employee machines. Malware Infection: malware is downloaded on a system within ...

To improve your cyber security and successfully prevent, detect and resolve advanced persistent threats, you need to know how APTs work: The cyber-criminal or threat actor gains entry through an e-mail, network, file or application vulnerability and inserts malware into an organizational network. The network is considered compromised, but not breached. The advanced malware probes for addit...

Advanced Persistent Threat (APT) campaigns comprise a growing part of the current threat landscape. Some APT campaigns remain active, in fact, even after drawing extensive media attention. APT Campaign routines may vary over time but their primary goal remains the same – to gain entry to a target organization’s network and obtain confidential information.There are two ways to look...

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. Spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or website with a broad membership base, such as eBay or PayPal. In the case of spear phishing, the apparent source of t...

Phishing is the attempt to acquire sensitive informative such as usernames, passwords and credit card details, often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. Phishing is the illegal attempt to acquire sensitive information for malicious reasons.Traditional phishing attacks are usually conducted by sending malicious e-mails to as many people...

Semi-annually, the Anti-Phishing Working Group (APWG) publishes the Phishing Activity Trends Report. These reports address phishing trends and underscore the significance of phishing by quantifying the scope of the global phishing problem.Key findings in the APWG Phishing Trends Report for Q4 2015: The Retail/Service sector became the most-targeted industry sector in the fourth quarter...