News & Blog

59% of GitLab employees who were tested in a recent phishing campaign and clicked on a suspicious link failed by putting in credentials. Even highly tech focused companies such as GitLab have a severe failure rate that can have a significant impact.

Social engineering is the process of attacking the human, or employee, rather than the technology directly. Through social tactics, an employee is tricked into performing an action, such as installing malicious software or performing a transaction.

This anti-phishing checklist outlines key controls that help to prevent phishing, improve phishing detection, and minimize the impact from phishing.

The Verizon Data Breach Investigations Report (DBIR) provides valuable information on the threats facing organizations today. The DBIR is produced by Verizon with a collaboration of many security entities.

The following slideshare, authors Christopher Hadnagy and Michele Fincher outline ten steps to creating a phishing awareness campaign for an organization. PhishingBox provides the tools needed to easily implement such a program.

Social tactics includes phishing and other related social engineering activities. Basically, social tactics are methods used to penetrate an organization’s cybersecurity defenses by attacking the human.

Employee security awareness should include phishing prevention training. This training should include phishing simulation. However, what is an expected phishing failure rate? The following article outlines phishing failure rates by industry.

The Symantec Internet Security Threat Report (ISRT) for 2019 is continues to provide valuable information for the security professional. This annual security report provides key statistics that outline cybersecurity risks experienced by various orga

New Mexico-based Presbyterian Healthcare Services is notifying approximately 183,000 patients and health plan members that some of their protected health information (PHI) has been exposed in a recent security breach.

The personal information of about 100 million U.S. customers was compromised.

The Federal Trade Commission and law enforcement plan to file charges against several companies and individuals as part of a major government clampdown on illegal robocalls.

Have you received a calendar invite recently and something just did not feel right, Phishing Scammers are now accessing your calendar. Do not accept suspicious invites. Read some tips and find a link to the full article blow.

"The Indiana Pacers franchise, Pacers Sports & Entertainment (PSE), fell victim to a phishing attack which resulted in unauthorized gaining access to emails containing personal information related to a limited number of individuals."

We are pleased to announce a new and improved way to Import Groups and Targets using Microsoft. Below are instructions and on how to import using Microsoft Graph API.

Manage System Emails: You now have the ability to fully customize the look, feel, and content for system generated emails; including branding.System Email Logs: This new section allows users to view a log of all system emails that were...

PhishingBox will now catch all replies sent to one of our system domains. We can now tell you if an email bounces, an autoresponder sends a response or the actual target replies to the email.

Updated User Guide highlighting the new platform features. New Template Library and Template Editor Functionality