According to a public service announcement issued by the FBI, college students across the United States continue to be targeted in a common email phishing scam that lures students in with the promise of employment. It works like this: email Scammers advertise phony job opportunities on college employment websites or students receive emails on their student accounts recruiting them for fictitious...

One of the things that often stumps even the most security conscious companies is knowing all the third-party email service providers they are working with. It is extremely difficult, if not impossible for these organizations to protect their customers from phishing attacks if they don’t even know who is sending legitimate email on their behalf. And this gets even more challenging when you...

Ask any security professional what the number one pain point is within their organization, and chances are they’ll say ‘user behavior’…with ‘malware’ coming in as a very close second. And while these issues are very different on the surface, they do have one thing in common: both are often the cause of high-profile data breaches, largely in part to the increased use of spear phishing email...

In the second in our series of blogs on the Fundamentals of Phishing we will explore how to identify fraudulent emails. Not that long ago, phishing attempts were quite primitive and often full of errors, and it was easier for consumers to identify when something was amiss. In addition, consumers weren’t accessing their inboxes from multiple devices and mobiles, nor did they expect to receive...

One of the great things about a conference like BlackHat is that it gives people like me the opportunity to take a step back, get out of the specific back alleyways of cybersecurity that we usually inhabit, and take a broader, more holistic look at attack and defense. One concept that's been talked about for a while is the Cyber Kill Chain. It takes a military-theoretical approach to network asset...