Training Articles

Improving Employee Security Awareness

PhishingBox's training articles contain security tips with animated content that can be sent to employees or staff as part of an ongoing security awareness training program. These emails, unlike security awareness training courses, do not require any formal interaction with the end user. The security tip emails are intended to provide ongoing security reminders to employees and staff. By design, the security tip training emails do not contain any links or features that could be construed as suspicious.

Adware Beware

Some adware may be fine and help serve more tailored ads, but it's the malicious type we'll be exploring.

AirDrop & Bluetooth Connectivity

You should only turn these features on when actively using them.

Anti-virus & Anti-malware Defense

Adding walls of defense mitigates the likelihood you'll suffer from a cyberattack.

Authentication System Security

There are some aspects of security that are controlled by the user that can improve or maintain the security of the authentication system.

Avoid Unintentional Data Exposure

Many data breaches are not caused by hackers, but by the unintentional exposure of confidential information by employees.

Basic Email Security

Email security should be a top priority for all companies. From schools to startups, email is the backbone of many organizations. It's also one of the most common methods for attackers to break into a network.

Be Aware of Online Scams

Don't let routines and current events slip you up.

Be Careful What You Post Online

When it comes to information security, you play a big role in your organization's security. The following steps are key to helping your organization stay secure.

Be Cybersmart

When it comes to information security, you play a big role in your organization's security. The following steps are key to helping your organization stay secure.

Beat Back the Bad Bots

Bots, as a whole, account for close to 60% of all web traffic.

Benefits of Single Sign On (SSO) & Password Lockers

It isn't easy to remember different passwords for different applications and devices. But there's help!

Charging Port Safety

Public community gathering points like airports, hotels, and restaurants are hotbeds for cybercrime.

Control of Printed Material with Sensitive Information

Credential and data theft doesn't stop with digital attacks.

Don't Trust the Caller ID

Phone numbers can be easily masked, do not trust caller ID on your phone.

Encryption Defense

Keep your data and information secure from prying eyes.

Facebook Security: Remote Logout

You may need to sign out of your account remotely or close out of unauthorized sessions and change your password. Here's how.

Facebook Security

Some things don't need to be shared!

Financial Requests Receive Extra Attention

If there's going to be an exchange of money, make sure everything up.

Five Steps for Secure Communication

Caution is the best policy.

How to Handle Sensitive Information

Some of the information we access on a daily basis is sensitive and should be handled appropriately.

How to Identify a Social Engineering Attack

A social engineering attack is when someone is manipulated into perform a specific action.

How to Spot & Avoid Phishing

Not even the best scammer can outsmart skepticism.

Identifying & Reporting Security Events

A security incident is an event that threatens the security of our information systems. This includes the transmission, storage, and retrieval of information with third parties.

If It's Too Good To Be True

You know the saying, and it holds true now more than ever. With the ability to transfer money electronically, scams can be conducted from almost anywhere in the world.

Incident Response

How to develop a plan you can stick to and what should be included.

Insider Attacks

Your most dangerous corporate threat could be an internal one.

Instagram Security Tips

Keep hackers out of your story.

Is This Email Legitimate

Five questions to ask yourself.

Limit Ransomware Risk

Ransomware can be devastating to an organization by limiting access to systems and information.

LinkedIn Security Tips

How to stay safer on the professional social media platform.

Lock Your Computer

Even if you're coming right back, grabbing something from the printer, running to the restroom, or throwing something away, keeping your computer secure is crucial.

MFA Push Notification Exploitation

Routine & Fatigue: An IT administrator's worst nightmares.

One Size Does Not Fit All

A password, by definition, is a secret word or phrase used to gain access to something... not everything!

Password Management

In today's environment, there are an increasing number of web-based systems. As such, it is likely that you have multiple usernames and passwords to remember.

Public Wi-Fi Tips

Private data should not be accessed or shared over open networks.

Put Papers Away

Stop leaving passwords on Post-It notes in plain sight, for starters.

Request Does Not Equal Response

If you get a request for ANYTHING, don't respond to it until it can be verified.

Secure Authentication Practices

Keep unauthorized access at bay and sensitive information locked away.

Shadow IT

Shadow IT is defined as using systems, software, devices, applications, or technology services without formal approval from an organization's technology department.

Shred It & Forget It

Protect and dispose of sensitive information and printed documents properly.

Smishing

Scammers aren't afraid to send you a text.

Spear Phishing

Personalized phishing attempts curated just for you by the bad guys.

The Power of Updating

Keep your hardware and software updated to stay as safe as possible.

The True Cost of Ransomware

The financial impact can go well beyond the initial attack.

Train & Retain

Cybersecurity includes the human element.

Twitter Security Tips

How to stay safer when you're using the social platform.

Types of Phishing

From your email inbox to phone calls, texts, and everywhere in between, scammers have developed clever ways to steal and wreak havoc.

Vishing

Scammers who attempt their malicious acts via phone call will try to catch you unsuspectingly. We'll help get you prepared to spot a scam call.

VPN

A network connection point which hosts your team and resources. It is secure, requiring 2-factor-authentication (2FA) or multi-factor-authentication (MFA) and data encryption so only those with lawful access can see the content.

Whaling

Look out CEOs, executive teams, and upper management trying to impress the board or the boss, this one's for you.

What Happens When You're Hacked

How to spot a hacking attempt and identify if you've been compromised.

What If I Clicked a Bad Link or Attachment?

We all make mistakes. We're here to help you know what to do when you slip up.

What is Ransomware?

Ransomware is a type of malware that encrypts files on a computer where the attacker provides a method for the victim to pay to unlock the files, hence the name.

Why Data Backups are Important

Preparing for the worst is necessary for information security.

YouTube Security

From links in video descriptions to cybercriminals trolling the comments section and even video ad links, there's plenty to be wary of.

Removable Media

Receive or stumble upon a Universal Serial Bus (USB) drive, flash drive, external hard drive, compact disc (CD), DVD, SD card, floppy disk (just checking to make sure you're still paying attention!)?

Wikipedia Links

Cybercriminals are hijacking Wikipedia pages to distribute nefarious links.

HTTPS Protocol Abuse

Many users have come to expect HTTPS to be safe and secure. Seeing a padlock icon has equated to moving freely on a site and even providing private information or payment details worry free.

Messaging App Safety

Cybercriminals are leveraging messaging apps to dupe victims.

AI Cybercrime Tools

AI-powered tools provide cybercriminals with a wealth of resources and opportunity.

The Big Event

Popular events are prime targets for cybercrime.

QR Code Safety

Cybercriminals deploy malicious QR codes physically and digitally.

Crypto Scam Safety

No, you do not have to pay your water bill in crypto.

Employment Scam Safety

Cybercriminals are targeting employers, employees, and job seekers.

Deepfakes & Biometric Spoofing

Unmask the threat of fake identities.

Callback Phishing

Increasing threat impact with delayed action tactics.

Swatting

Prank phone calls with malicious goals.

SMTP Smuggling

How cybercriminals evade email filter protection.

MSP Security

Cybersecurity starts with Managed Service Provider guardians.

Cloud Security

What threatens off-site data storage?

Adversary in The Middle (AiTM) Attacks

Exploiting the gaps in your cybersecurity defenses.

Defense Layers

A multi-faceted approach to cybersecurity is necessary for proper protection.

Human Risk Management

The evolution of security awareness training.

Insider Threats: What to Watch For

Staying aware internally is just as important as being on your guard externally.

LinkedIn InMail Safety

Social media is rife with social engineering and phishing attempts.

Multi-prong Social Engineering

Cybercriminals are layering their attacks. We're here to help you spot their approaches.

Prepare. Don't Fear: AI Cyber Threat Tips

While GenAI has potential applications in various fields, including cybersecurity, its impact on actual attacks has been limited so far.