News & Blog

Our stories.

Verizon Data Breach Investigations Report - 2018

In its eleventh edition, the Verizon Data Breach Investigations Report (DBIR) continues to be a wealth of information for security professionals. Email threats, such as phishing, continue to be a problem.

Symantec Internet Security Threat Report 2018

The Symantec Internet Security Threat Report continues to be a valuable resource for companies to understand current threat vectors. The report highlights current threats and provides specific statistics related to these threats.

PhishingBox Launches ‘Phishing Reply Tracking’ Feature

PhishingBox launches 'Phishing Reply Tracking' to combat against CEO Fraud and Business Email Compromise phishing scams to help companies spot these attacks and allow them to deploy the necessary employee training and awareness to lower risk.

Phishing Alert - The Domain Name Renewal Scam

The PhishingBox team has recently noticed a surge in phishing scams related to renewing domain names, web/email hosting, etc., and we want to give some insights on ways to identify the scam and protect yourself from falling victim.

New Position: Account Manager

We are accepting applications for a full-time Account Manager, to work alongside the existing sales team in Lexington, KY. Experience in sales is required. Technology or software sales experience is a plus, but not required.

APWG Phishing Activity Trends Report | 4th Quarter 2016

The APWG Phishing Activity Trends Report for 4th Quarter 2016 indicates that the total number of phishing attacks in 2016 was 1,220,523, which is a 65% increase over 2015. Phishing activity in early 2016 was the highest ever recorded by APWG since i

Ransomware Completely Shuts Down Ohio Town Government

The Licking County government offices in Ohio, including the police force have been shut down by ransomware. It’s clear that someone in the office caught a bug in a phishing scam or by downloading it and now their servers are locked up.

Email Phishing Scams

The style of identity theft is extremely widespread because of the ease with which unsuspecting people share personal information. Phishing scams often lure people with spam email and instant messages requesting people to verify their account or confirm their billing address through what is actually a malicious website. Email phishing scams are carried out by tech-savvy con artists and identity th...

Kaspersky Lab 2016 Report

Internet fraud has been around for just about as long as the Internet itself.  According to a Kaspersky Lab 2016 Report, each year, cybercriminals come up with new techniques and tactics to fool their potential victims.  Phishing emails include fake notifications from banks, e-payment systems, email providers, social networks, online games, etc.  The aim of these em...

Verizon Data Breach Investigations Report Summary 2016

The Verizon Data Breach Investigations Report Summary highlights key information related to social engineering. Now in its ninth year of publication, the “Verizon 2016 Data Breach Investigations Report” analyzes more than 2,260 confirmed data breaches and more than 100,000 reported security incidents in this year’s report – the highest since the report’s inception in ...

Advanced Persistent Threat (APT) Kill-Chain

According to Netswitch Technology Management, the Advanced Persistent Threat (APT) kill-chain looks like the following: Social Engineering: Identify individuals that have the needed access privileges. Spear Phishing: Attackers send spoofed e-mails with malicious links to download malware and infect high-value employee machines. Malware Infection: malware is downloaded on a system within ...

The Six Steps of an APT Attack

To improve your cyber security and successfully prevent, detect and resolve advanced persistent threats, you need to know how APTs work: The cyber-criminal or threat actor gains entry through an e-mail, network, file or application vulnerability and inserts malware into an organizational network. The network is considered compromised, but not breached. The advanced malware probes for addit...

Advanced Persistent Threats

Advanced Persistent Threat (APT) campaigns comprise a growing part of the current threat landscape. Some APT campaigns remain active, in fact, even after drawing extensive media attention. APT Campaign routines may vary over time but their primary goal remains the same – to gain entry to a target organization’s network and obtain confidential information.There are two ways to look...

Spear Phishing

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. Spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or website with a broad membership base, such as eBay or PayPal. In the case of spear phishing, the apparent source of t...

Phishing

Phishing is the attempt to acquire sensitive informative such as usernames, passwords and credit card details, often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. Phishing is the illegal attempt to acquire sensitive information for malicious reasons.Traditional phishing attacks are usually conducted by sending malicious e-mails to as many people...

Anti-Phishing Work Group (APWG)

Semi-annually, the Anti-Phishing Working Group (APWG) publishes the Phishing Activity Trends Report. These reports address phishing trends and underscore the significance of phishing by quantifying the scope of the global phishing problem.Key findings in the APWG Phishing Trends Report for Q4 2015: The Retail/Service sector became the most-targeted industry sector in the fourth quarter...

Symantec Internet Security Threat Report: 2016

The Symantec Internet Security Threat Report includes vast information on security related issues. Spam, phishing and malware data are captured through a variety of sources. These resources give Symantec’s analysts unparalleled sources of data with which to identify, analyze and provide informed commentary on emerging trends in attacks, malicious code activity, phishing and spam. The annual ...

Verizon Data Breach Investigations Report Summary 2015

Since the 90s, phishing continues to evolve and continues to trick, especially those in communications, legal and customer service areas.  According to the Verizon 2015 Data Breach Investigations Report, 23% of recipients open phishing messages and 11% click on attachments to those messages.  Of more concern, 50% of recipients open e-mails and click on phishing links within the first h...