Phishing Simulation Failure Rate Report

Phishing Simulation Failure Rate Report

Review phishing simulation failure rates and what they reveal about user risk, training needs, and program maturity.

Feb 21, 2023
KillPhish - An Advanced Email Threat Protection Add-In for Microsoft 365 and Gmail

KillPhish - An Advanced Email Threat Protection Add-In for Microsoft 365 and Gmail

PhishingBox's KillPhish email threat protection add-in is a powerful addition to their already robust phishing simulation and training ecosystem.

Feb 03, 2022
PhishingBox Announces SOC 2 Compliance

PhishingBox Announces SOC 2 Compliance

PhishingBox, an industry leader in phishing simulation and training, announced today that it has successfully completed the SOC 2 Type 2 audit, which was conducted by MCM CPAs & Advisors LLP. The System Organization Control (SOC) is a reporting framework created by the American Institute of Certified Public Accountants (AICPA) that sets standards for managing customer and user data.

Jan 19, 2022
PhishingBox Helps Solve the False Positive Dilemma

PhishingBox Helps Solve the False Positive Dilemma

PhishingBox is excited to announce the addition of Advanced Human Detection (AHD) to the platform. This update will help security professionals save time by minimizing false positives caused by security and other anti-phishing software. AHD uses many data points to determine if a human performed the actions. Without AHD, the results of a simulated phishing test may be unreliable.

Oct 12, 2021
Advanced Human Detection & MS365 Advance Delivery

Advanced Human Detection & MS365 Advance Delivery

When analyzing the results of a phishing campaign, combating false positives is an ongoing and ever-changing process. Every security professional, on any platform, faces this problem every day, especially if they cannot 100% safelist their Phishing Simulator.

Jul 09, 2021
GitLab Employees Had a 59% Failure Rate in a Recent Phishing Test

GitLab Employees Had a 59% Failure Rate in a Recent Phishing Test

GitLab.com recently performed a spear phishing campaign where they targeted 50 of their employees in an attempt to see how vulnerable their team members were to phishing attacks. Using the domain "gitlab.company" and GSuite to deliver emails, those targeted were asked to click on a link to accept an upgraded Laptop from their IT department.

May 22, 2020
Ten Steps to Creating a Phishing Awareness Campaign

Ten Steps to Creating a Phishing Awareness Campaign

The following slideshare, authors Christopher Hadnagy and Michele Fincher outline ten steps to creating a phishing awareness campaign for an organization.

Aug 26, 2019
White Box Or Black Box For Social Engineering Testing?

White Box Or Black Box For Social Engineering Testing?

When conducting social engineering testing as part of an audit or security assessment, should the client provide a listing of employees to test? Doing so is generally termed white box testing, as detailed information is provided to the auditor. The term “white box testing” was ori

Sep 03, 2013
On-site or Offsite Social Engineering Testing

On-site or Offsite Social Engineering Testing

Although there is value in onsite social engineering, for the money offsite social engineering, such as that provided by PhishingBox is much more cost effective. Only in rare circumstances, will attackers attempt anything that require their physical presence. As such, most organizations do not need onsite testing.

Feb 21, 2012