PhishMe » Uncategorized

Taking the Guess Work Out of Spear Phishing Pentests

Vanessa — Tue, 14 Jun 2011 22:35:57 +0000

RSA, Epsilon, ORNL, Sony, and countless others may have got you thinking – “Maybe we have a spear phishing problem.” You might be thinking you need to apply the classic IT Security audit-assessment approach of test to quantify to understand the risk spear phishing presents to your organization.

To help companies better understand the importance of spear phishing penetration testing and the valuable education opportunities they provide an organization, PhishMe is hosting a webinar on July 7, 2011, Spear Phishing Pentests: A Wasted Opportunity. As PhishMe co-founder and CTO, I will be conducting the webinar and drawing on my years of experience to address the misconceptions of ethical-hacking focused penetration testing, while outlining the best practices for conducting and assessing mock spear phishing attacks.

At PhishMe we focus on educating users on the best ways to protect themselves from the latest scams – helping them understand that regardless of how good an anti-virus solution or firewall is, phishing attacks are designed to get around them. Online criminals understand that the best way into a network is to get invited in, not scanning thousands of ports hoping for a crack in the armor. With nearly 2 million users trained, we have proven that proper use of mock phishing and targeted education campaigns can reduce an employee’s susceptibility to an attack by over 80percent. This number increases even further with continued training.

If you are an organization who is thinking about performing a spear phishing penetration test, join me on July 7, 2011 to learn just how easily you can ensure your organization’s safety against the growing threat of spear phishing attacks. To register for the free webinar, please click here: Spear Phishing Pentests: A Wasted Opportunity.

Kindly,

Aaron Higbee, Co-Founder and CTO, PhishMe

Rebirth

Rohyt — Tue, 12 Apr 2011 22:11:53 +0000

This is the official rebirth of our blog. For a while now, this blog lay dormant, while the team at PhishMe was anything but. Sales and Marketing has been trying to keep up with the interest while Dev, Operations, and support have consistently delivered the most cutting edge phishing awareness services on the market. It’s a pity the blog hasn’t kept up because we have a lot of interesting thoughts and statistics to share, better late than never. Stay tuned for the latest on phishing news, our lessons learnt from successfully training people to thwart targeted phishing, and anything else we feel like rambling about.

PhishMe Blog – Administrivia

Aaron — Wed, 24 Mar 2010 15:51:38 +0000

We currently don’t have this blog indexed on our www.phishme.com website but will at a future date when we give it a bit of an overhaul. Late last year we decided to split our post activity into two blogs.

From now on, posts about general infosec, mobile security, and our consulting practice will be kept at http://intrepidusgroup.com/insight

This blog, when we resurrect it, will stick to phishing related posts.

Some other new additions include:

An Intrepidus Group managed delicious bookmark feed: http://delicious.com/intrepidusgroup

A PhishMe youtube channel: http://www.youtube.com/phishme

A PhishMe Twitter account: http://twitter.com/phishme

A IntrepidusGroup Twitter account: http://twitter.com/intrepidusgroup

That’s it for now! Sorry about the long lapse in posts here… but I promise you, PhishMe has been busy. We’ve helped organizations send over 1 million phishing training emails to date. Whew!

Aaron Higbee

CTO

Nobody is perfect

Mike — Fri, 02 Jan 2009 15:33:45 +0000

Post moved here: http://intrepidusgroup.com/insight/2009/01/nobody-is-perfect/

More than one way to skin a CA

Mike — Thu, 01 Jan 2009 03:22:54 +0000

Post moved here: http://intrepidusgroup.com/insight/2008/12/more-than-one-way-to-skin-a-ca/

Bold face lie in a clash at FCC hearing – port139online.com:139

Aaron — Wed, 27 Feb 2008 01:24:32 +0000

Post moved here: http://intrepidusgroup.com/insight/2008/02/bold-face-lie-in-a-clash-at-fcc-hearing-port139onlinecom139/

CSRF is not XSS!!!

Corey — Wed, 05 Sep 2007 21:36:15 +0000

Post moved here: http://intrepidusgroup.com/insight/2007/09/csrf-is-not-xss/

Introduction Post: Welcome to blog.phishme.com

Rohyt — Tue, 26 Jun 2007 18:31:40 +0000

Welcome to http://blog.phishme.com – the home of rand(security)and technology discussions.

We will use this blog to comment on topics like cool phishing ploys, IM and its privacy implications, hacking cars, and bashing on (or bowing to) the latest application hacks. Security geeks and a love of technology go hand in hand so expect some commentary on general tech too.

We plan to post here at least once a week, so keep us on that RSS radar or keep visiting!

Thanks,

The Intrepidus Group Team

http://intrepidusgroup.com

About

admin — Mon, 25 Jun 2007 23:03:13 +0000

Phishme.com was created by the Intrepidus Group.

Intrepidus Group is a leading provider of information security consulting services. To learn more about our company and our services, please visit our main site.

http://intrepidusgroup.com