Spear phishing tool to be used to train 22,000 Army, Navy, Air Force and Coast Guard Cadets through user awareness

July 30, 2009

4 Min Read

PRESS RELEASE

New York, NY. " July 24, 2009 " Intrepidus Group, a leading provider of information security services and software, today announced that the United States Military Academy, the United States Air Force Academy, the United States Naval Academy, and the United States Coast Guard Academy are adopting PhishMe' to periodically and continuously train their 22,000 cadets to thwart spear phishing attacks.

The United States Service Academies, also known as the United States Military Academies, are federal academies for the undergraduate education and training of commissioned officers for the United States armed forces. The Service academies are committed to expand their security curriculum and preparedness training with the implementation the PhishMe software to educate and test their cadets, and conduct joint research with Intrepidus Group in the area of sophisticated phishing and whaling attacks.

The PhishMe product provides a proven mechanism for delivering effective human education in the fight against targeted phishing and whaling attacks that are used in email-based "social engineering" schemes. These schemes comprise spoofed emails claiming to be from legitimate businesses and agencies to lead users to counterfeit websites designed to trick recipients into divulging sensitive data such as usernames and passwords, or installing malicious software on their systems.

"Intrepidus Group has created an intuitive, valuable solution in PhishMe to educate users and modify behavior to significantly reduce the probability of success of phishing attacks," said Lieutenant Colonel Ron Dodge, Associate Dean, IETD, United States Military Academy. "We look forward to training our student body about this threat through first-hand experience."

The number of phishing attacks are on the rise, increasing the risk to organizations, employees, and end-users. According to a recent Phishing Activity Trends Report by the Anti Phishing Work Group (APWG), password-stealing crimeware reached an all time high of 31,173 in December, an 827 percent increase from January 2008. In addition, more than 250 corporate brands were hijacked by phishing and whaling campaigns.

PhishMe addresses these threats with an innovative mechanism for training users that are most susceptible to email-based, social engineering cyber threats that may penetrate anti-spam, or phishing filters. The software platform lets organizations establish a human firewall against these attacks by providing a user-friendly, cost-effective system for facilitating mock phishing exercises and the delivery of real-time, electronic-based training. Using PhishMe's built-in templates and WYSIWYG, (What-you-see-is-what-you-get) functionality, security professionals can easily build realistic phishing attacks, collect metrics on user behavior, and immediately present online security awareness training material to those found vulnerable to rapidly impact human behavior.

Since its launch in July 2008, PhishMe has been adopted by US government agencies and Fortune 1000 companies across multiple vertical market sectors including Financial Services, Healthcare and Defense Contracting. More than 250,000 people have been trained, using PhishMe, to identify and thwart spear phishing attacks.

"PhishMe is a proven mechanism of educating humans to impede targeted phishing attacks which can place organizations, their employees and customers at significant risk," said Rohyt Belani, CEO, Intrepidus Group and Adjunct Professor at Carnegie Mellon University. "We look forward to our engagement with the Service academies in training the military leaders of tomorrow."

About PhishMe PhishMe is a software-as-a-service (SaaS) solution designed to help prevent damage, theft and loss caused by targeted (spear) phishing attacks. PhishMe facilitates and automates the execution of mock phishing exercises against employees, provides clear and accurate reporting on user behavior, and most importantly provides instant, targeted employee training. This method of delivering training materials is recommended by SANS and found to be most effective by researchers at Carnegie Mellon University.

About Intrepidus Intrepidus Group is a leading provider of information security consulting services and software solutions. With offices in New York City and the Washington DC metro area, the company offers innovative solutions to help clients build employee awareness around common information security issues. Intrepidus Group's consultants also conduct hands-on assessments of critical applications, networks and products to uncover vulnerabilities, and provide strategic and tactical recommendations to address identified issues.

###

PhishMe.com is a registered trademark of Intrepidus Group. All other product and company names herein are or may be trademarks of their respective owners.

Intrepidus Group One Penn Plaza Suite 6180 New York, New York 10119 http://intrepidusgroup.com

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights