When Technology Fails, Phishing Evades Security

It is well-known that phishing is purposefully designed to evade security tools and target humans, so when it does it should come as no surprise. Likewise, when security technology fails humans need to be able to recognize suspicious activity such as phishing emails and report them accordingly. Cybersecurity firm Cofense recently analyzed phishing messages that evaded Proofpoint’s Secure Email Gateway (SEG). The platform/vendor should not be the point, because it happens to (dare I say) every platform. What is notable is that the messages Cofense analyzed were indeed reported by humans who recognized the suspicious nature of the messages that landed in their inboxes. Additionally, in the recent post Cofense includes examples of those messages, and they are good real-world examples to pass on to staff to reinforce and provide greater awareness of themes and content that are currently circulating. Read the post at Cofense