PRIVACY + SECURITY BLOG

News, Developments, and Insights

Phishing Cartoon: Signs of a Phishing Scam

Misspelled words and bad grammar are tell-tale signs of phishing.   Why don’t phishers learn spelling and grammar?  Can’t they afford a copy of Strunk and White? Phishers don’t need to spell better because their poorly-written schemes still fool enough people.  It’s just math for the phishers — a numbers game.   If you handle IT […]

Read More…

Phishing Cartoon: Why Do Phishers Keep Sending Obvious Scam Emails?

Phishing Cartoon

Why do phishers waste their time with such obvious phishing scams when they can do so much better? One possible answer: They don’t have to do better.  They send out so many emails that they only need a very low percentage of people to click.  And people always do.  In fact, if phishing emails became […]

Read More…

Phishing Your Employees: 3 Essential Tips

Phishing Training

A popular way some organizations are raising awareness about phishing is by engaging in simulated phishing exercises of their workforce.  Such simulated phishing can be beneficial, but there are some potential pitfalls and also important things to do to ensure that it is effective. 1. Be careful about data collection and discipline Think about the data […]

Read More…

PCI Training: Reducing the Risk of Phishing Attacks

PCI Training Payment Card Data Risks

The Payment Card Industry (PCI) Security Standards Council recently released a helpful short guide to preventing phishing attacks.  Merchants and any other organization that accepts payment cards most follow the PCI Data Security Standard (PCI DSS).  One of the requirements of the PCI DSS is to train the workforce about how to properly collect, handle, […]

Read More…

New Security Training Program: Social Engineering: Spies and Sabotage

I am pleased to announce the launch of our new training program, Social Engineering: Spies and Sabotage. This course is a short module (~7 minutes long) that provides a general introduction to social engineering. After discussing several types of social engineering (phishing, baiting, pretexting, and tailgaiting), the course provides advice for avoiding these tricks and […]

Read More…