Two ways to identify a Phishing email – one easy, the other, complex
The normal ways everyone is taught to identify Email Phishing attacks is to follow the following 10 tips: Tip 1: Don’t trust the display name A favourite phishing tactic among cybercriminals is to spoof the display name of an email. Here’s how it works: If a fraudster wanted to spoof the hypothetical brand “My Bank,”... Learn More
Interesting scam alert
This is very clever. I would probably fall for it if not warned. Give this wide distribution. This scam is actually very clever. Just when you thought you’d heard it all. Be very careful out there! Beware of people bearing gifts! The following is a recounting of the incident from the victim: Wednesday a week... Learn More
Why Security Awareness Does Not Work and What to Do Instead
It is no secret that phishing has become a huge problem. The current Phishing and Email Fraud Statistics 2019 are: The average financial cost of a data breach is $3.86m (IBM) Phishing accounts for 90% of data breaches 15% of people successfully phished will be targeted at least one more time within the year BEC... Learn More
Security Awareness Training is ineffective!
With an ever-increasing amount of cyber-attacks being undertaken and staff pressures increasing which often leading to human errors, we need to look differently at Security Awareness Training. I am sure that there is one thing all security experts should be able to agree upon, and that is that the vast majority of security awareness training... Learn More
Get the budget you need, not the one you deserve.
Without strong metrics that matter to the business, security awareness programs will continue to be the “bastard child of security”. We all know how little budget security gets, and of that, security awareness programs often achieve a minimalistic amount. Security Awareness programs are an essential component of any good security program, yet they rarely get... Learn More
How Aussie MSPs teach cybersecurity
For many channel partners, such as VARs and MSPs, cybersecurity-awareness training is a first stop in their quest to harden their customers’ networks against attack. That’s because the human element is most difficult to counter and presents the greatest risk to corporate assets. Obliviously clicking a single rogue email can shutter a company. But once... Learn More
Really? .. That’s your password!
It may be funny, but too many people don’t put serious effort into their passwords. Businesses can protect themselves against cyber threats by having all the latest and greatest layers of protection, such as unified threat management (UTM) appliances, endpoint protection and even strict security policies. But the biggest threat to businesses remains relatively unaddressed!... Learn More
Here’s how to defend yourself online
Online scams and attacks are surging and growing more sophisticated, conning thousands of people and companies out of millions of dollars. How to detect and avoid online scams Digital technology, social media and email have changed the world in the way we all communicate as it provides such great access to people and such detailed... Learn More
Conscious vs. Unconscious – the determinants of security behaviour
Introduction Have you ever wondered why you still fall for simple social engineer attack, even after you have undertaken a comprehensive security awareness training program that looks at cyber security behaviour? Even more interesting, why can you identify the errors within a phishing email in a training course, yet still fall for the exact same... Learn More
A habitually funny story
I was running a security awareness training session for some executives of one of our customers recently, when I put up on the projector, a sample phishing email. I asked the room to identify the errors within the email that would suggest it was a malicious phishing email. To the credit of the executives within... Learn More