News & Blog

PhishingBox today released KillPhish Version 2.0. The version update addresses previous issues while adding to the already robust plugin.

PhishingBox, an industry leader in phishing simulation and training, announced today that it has successfully completed the SOC 2 Type 2 audit.

Announcing the Release of Advanced Human Detection (AHD) Functionality  Lexington, Kentucky, October 11, 2021: PhishingBox is excited to announce the addition of Advanced Human Detection (AHD) to the platform.  This update will help security professionals save time by minimizing false positives caused by security and other anti-phishing software.  AHD uses many data poi...

PhishingBox is proud to be one of the first companies to adopt version 4 of the Cloud Controls Matrix (CCM) from the Cloud Security Alliance (CSA). The Cloud Controls Matrix is a cybersecurity framework for documenting security controls in cloud comp

The Kentucky Chamber Annual Cybersecurity Conference is September 8-9, 2021, in Lexington, Kentucky. The Founder of PhishingBox, Brad Fenster, is one of the conference speakers.

When analyzing the results of a phishing campaign, combating false positives is an ongoing and ever-changing process.

The world of cybersecurity is ever-changing, and bad actors are increasingly coming up with sophisticated social engineering phishing attempts that most people lack the training to identify.

According to the Brand Phishing Report for Q1 courtesy of Check Point, Microsoft holds the distinction for being the Most Imitated Brand in Q1 2021.

The Verizon Data Breach Investigations Report (DBIR) provides valuable information on the threats facing organizations today. The DBIR is produced by Verizon with a collaboration of many security entities.

Producing a solid Security Awareness Training program is an absolute necessity. Today, we want to share a game plan to implement and get your employees invested in Security Awareness Training.

However, things might have become more dangerous because these job offers are now the target of cyber criminals. Early this week, security firm eSentire warned LinkedIn users of a new Spear Phishing attack.

A new report by the K-12 Cybersecurity Resource Center found that publicly disclosed cybersecurity incidents affected 377 school networks in 40 states in 2020, with 36% percent of the incidents identified as data breaches or leaks.

PhishingBox knows that vendor due diligence is critical in selecting a service provider. As such, PhishingBox has developed the Trust Center to outline its key security and compliance practices.

Over the past few weeks, we have been overhauling our phishing email template library.

A report in the Wall Street Journal on October 26th described incidences of election officials within the U.S. at the local level being sent suspicious emails which appear to be purposefully targeting them due to their position within their states.

On Sunday August 30th, 2020 CenturyLink suffered a major outage which affected numerous internet companies including Amazon, Twitter, Microsoft via Xbox Live, EA, Blizzard, Steam, Discord, Reddit, Hulu, NameCheap, OpenDNS, and many others.

The developers behind the Google Chrome browser have announced in a blog post that they will begin testing a new way to help defend against the increasing threat of phishing attacks.

In a new report from the combined efforts of Arizona State University, PayPal. Google, and Samsung, researchers found that at least 7.42% of victims who visit phishing pages input their credentials and experience fraudulent transactions.

In an effort to inform and defend customers, LastPass warned that there had been reports of a Phishing email that was being sent to users using the LastPass platform.

A new post by the Microsoft security team warns about a new type of phishing attack vector targeting users. Consent Phishing, as they refer to it as, targets users by asking for an egregious amount of permissions from Single-Sign-On applications.