News & Blog

Our stories.

Symantec Addresses New and Unique Facebook-Specific Attacks

Symantec addresses new and unique Facebook-specific attacks. A typical characteristic of phishing attacks is their ability to adapt with the times. With the rise of social media, the bad guys have found seemingly infinite opportunities to scam unsuspecting users. After all, social media is predicated on the unfiltered exchange of information; would-be victims are easy targets given how accustome...

Phishing Attacks Primary Target May Surprise You

Kaspersky Lab, a provider of antivirus and Internet security software, recently published its review of e-mail spam malicious attacks across 2012.  The results are a classic mix of good news and bad news.First, the good news.  The amount of e-mail spam fell throughout the course of the year.  By the end of the year, the average amount of spam in email stood at 72.1 percen...

Social Engineering Attack Prevention and Mitigation

When Microsoft security experts offer advice, organizations should listen, particularly with regards to social engineering attacks. Microsoft has provided insight into social engineering attack prevention and mitigation.Social engineering attacks are becoming increasingly sophisticated, and as a result, far more difficult to control since the attackers generally prey on the human element rat...

On-site or Offsite Social Engineering Testing

Should we perform on-site or offsite social engineering?Although there is value in onsite social engineering, for the money offsite social engineering, such as that provided by PhishingBox is much more cost effective. Only in rare circumstances, will attackers attempt anything that require their physical presence. As such, most organizations do not need onsite testing.According to a rece...

Password Weaknesses Are Exploited By Social Engineering

Password weaknesses can be exploited. Today, users are susceptible to social engineering because they access more web-based systems. With the increased adoption of cloud computing, users are logging into more internet-based systems. How can your company reduce risk to social engineering? The FFIEC states, “Controls against these attacks [social engineering] involve strong identification po...