Blog
 

Phishing

man looking at his laptop with concern

 

97% of people around the world cannot identify a sophisticated phishing email. Can you?

Phishing, also known as social engineering, is an attempt by cybercriminals to gain private information such as login credentials or other sensitive information. This attack can be in person, over the phone, or in the form of an email. The email often appears to come from a legitimate source but may include:  a malicious link, a request for the recipient to fill out a form, or a request for the recipient to download an attachment that is infected with malware. Cybercriminals continue to use advanced techniques and can create emails that appear legitimate and that are very convincing. 91% of cyber-attacks begin with a phishing email.


 Will you take the bait?

Compare the two emails below to see if you can spot the Phishing email:

Email One

Email Two

Which is the Phishing Email?

Email One   OR   Email Two

 


 

 Know the signs

  • Do not trust emails requesting personal or confidential information. Most companies will never ask for credentials via email.
  • Beware of emails demanding urgent action.
  • Do not trust the display name. Cybercriminals will often spoof the display name of an email to impersonate a brand.

 


 

Phishing Simulator

An easy-to-use phishing simulator that delivers real-world scenarios for reinforcing phishing attack prevention and remediation for susceptible users.

  • Unlimited phishing simulations
  • 150+ email templates – all customizable
  • Robust reports & analytics
  • ○ Identify susceptible users
  • ○ Compare performance over time
  • TGS can manage the training portal & phishing
  • Randomizer
  • ○ Randomizes both the template & delivery
  • USB drop campaigns
  • ○ Improves social engineering awareness
  • Auto assignment of courses for remediation
  • Customizable educational landing pages

 


 

 

Phishing Outlook and G-Suite Add-in

Outlook add-in to ensure employees know exactly what to do when they come across a suspicious email.

  • Employees receive immediate positive reinforcement at the time of identification of a PhishingReal simulated phishing attack
  • If the threat didn’t come from our phishing simulator; the Phishing add-in immediately sends a notification to alert the system administrator
  • Proven to increase efficiency in identifying suspect phishing e-mails
  • A simple and effective tool that empowers users
  • Decreases the risk for network infections and intrusions


 

Phishing Courses

Need to Know: Phishing

4:40 min | Learn how to spot the bait as Anthony guides his friend Cecil through the dangers of phishing. Is this actually a very exciting email from the boss, or is it just another hacker’s trap?

Phishing

20:50 min | Our interactive phishing training outlines where phishing messages may appear, how to distinguish phishing from normal communications, and when and how to report phishing attacks.

Phishing In Brief

2:49 min | This module will introduce learners to the concept of phishing, teach them how to quickly identify phishing messages, and show them how to verify whether or not a message is legitimate.

Reporting Phishing Emails

1:10 min | Our Reporting Phishing Emails module reviews the functionality of the PhishNotify button, which allows users to report suspicious emails to system administrators through Outlook, Office 365, and Gmail.

Spearphishing

2:40 min | Spearphishing occurs when phishing messages are tailored for targeted individuals. This interactive module will help teams identify and avoid spearphishing attempts.

Marine Lowlifes: Clone Phish

1:18 min | Sink into the depths to observe the Clone Phish, which disguises itself as a previously trustworthy message to lure in prey.

Marine Lowlifes: Common Phish

1:25 min | Dive into the Sea of Emails for a closer look at one of the oldest scams still swimming today: the Common Phish.

Marine Lowlifes: Spearphish

1:30 min | Target sighted! Follow the hunt of that vicious but sometimes misaimed predator, the Spearphish.

Marine Lowlifes: Whaling Shark

1:23 min | The wonders of nature are displayed up close as the Whaling Shark chases its prey, the powerful and important Whale.

[/vc_accordion_tab

WORKed Episode 2: Evite

Empty section. Edit page to add content here.

2:24 min | I doth see a vision of scammery! Help your employees avoid phishing attacks with this WORKed training module.

Phishing for Managers

11:02 min | This module discusses phishing in detail and teaches managers how to detect phishing attempts. It also outlines how managers can work with their teams to protect their company from phishing attacks.

Phishing for Executives

10:04 min | This module explains the risks phishing poses to executives and organizations and suggests ways executives can work with their security teams and staff to keep information secure.

Phishing for Educators

9:14 min | This interactive training explains how education-sector employees and students are targeted by phishing attacks and how to identify fake requests for student records.

Phishing for Healthcare Professionals and Providers

11:07 min | Healthcare professionals with access to protected health information are popular hacker targets. This module will show how to identify phishing attacks, and how to report phishing attacks.

Phishing for Healthcare Executives

11:46 min | This module explains the risks phishing poses to healthcare executives and organizations, and suggests ways executives can work with their security teams and staff to keep patient information secure.

Phishing for Healthcare Managers

13:39 min | This module discusses phishing in detail and teaches healthcare managers how to detect phishing attempts.

Phishing for Financial Institutions

10:23 min | This interactive training explains how financial sector employees and customers are targeted by phishing attacks and teaches users how to recognize phishing attacks.

SMiShing

4:58 min | SMS Phishing, or SMiShing, is used by cybercriminals to collect valuable information and distribute malware. This module includes effective ways to stop SMiShing attempts.

Vishing

6:44 min | This interactive training module covers voice phishing, or vishing, a simple but effective technique cybercriminals and scam artists use to collect confidential information.

Business Email Compromise (BEC)

1:14 min | BEC scams occur when attackers impersonate company stakeholders and trick your employees into transferring money or sharing confidential information. This module suggests defenses against this tactic.

EAL Phishing

2:11 min | This module teaches learners how to avoid falling victim to phishing.

What Is Phishing? (Video)

1:46 min | This video explains the concept of phishing and outlines common tactics used by hackers to steal sensitive information.

Recognizing Phishing Emails (Video)

2:27 min | This short video covers some of the common signs of phishing emails and how to recognize malicious links.

One Wrong Move (Phishing)

1:00 min | This one-minute video shows the consequences of a phishing attack.

Breach Notification

8:14 min | This module details best practices for detecting and reporting unauthorized Protected Health Information (PHI) disclosures.

Phishing Assessment (LinkedIn)

0:30 min | This advanced assessment module will test a learner’s ability to recognize suspicious email elements through a realistic email mimicking LinkedIn communications.

Phishing Assessment (Capital One)

0:30 min | This assessment module will test a learner’s ability to recognize suspicious email elements through a realistic email mimicking Capital One communications.

Suspicious Hosts Assessment (Google)

0:30 min | This interactive module will test learners’ abilities to recognize suspicious hosts in a realistic website simulation.

Phishing Assessment (LinkedIn) W/ Hints

0:30 min | This advanced assessment module will test a learner’s ability to recognize suspicious email elements through a realistic email mimicking LinkedIn communications.

Phishing Assessment (Capital One) W/ Hints

0:30 min | This assessment module will test a learner’s ability to recognize suspicious email elements through a realistic email mimicking Capital One communications.

 


 

Get Our Weekly Blog Sent Straight to Your Inbox