helping organizations combat phishing

Wombat Security Technology’s CTO, Dr. Jason Hong, will report on the effectiveness of embedded training solutions when it comes to helping organizations boost their employees’ readiness in the fight against phishing scams. Phishing is a scam perpetrated by criminals, who use fake emails and web sites to impersonate legitimate organizations and trick people into sharing sensitive information.

Wombat Security to Present Results of Large-Scale Anti-Phishing Training to Global Electronic Crime Responders

PITTSBURGH, PA May 6, 2009 – Wombat Security Technology’s CTO, Dr. Jason Hong, will report on the effectiveness of embedded training solutions when it comes to helping organizations boost their employees’ readiness in the fight against phishing scams. Phishing is a scam perpetrated by criminals, who use fake emails and web sites to impersonate legitimate organizations and trick people into sharing sensitive information. A particularly insidious form of phishing is known as “spear” phishing attacks and targets employees of a specific organizations. Dr. Hong’s presentation will be delivered on May 12 to the 3rd Anti-Phishing Working Group (APWG) Counter-eCrime Operations Summit (CeCOS III), an annual international conference dedicated to uniting the industry and public sector response to the global electronic crime scourge. Additional details on these findings are also being released by Wombat in the form of a new white paper.

Specifically, Dr. Hong will report on PhishGuru, an embedded training system that teaches people how to protect themselves from phishing scams in the regular context of use of their email. This solution can be used in a training campaign where an organization sends simulated phishing emails to its employees. People who fall for these training emails are shown comic strips that teach them what the risks of phishing are and what steps to take to avoid falling for phishing scams in the future.

Through deployment of its PhishGuru embedded training solution at different organizations, Wombat Security Technologies has been able to measure (1) the effectiveness of spear phishing attacks on untrained users, as well as (2) the effectiveness of its embedded training solution when it comes to reducing the chance that someone falls for one of these attacks.

Dr. Hong will report on the high percentage of untrained employees likely to fall for emerging spear phishing attacks and present detailed results showing that, with its PhishGuru training technology, Wombat has been able to reduce by more than 50 percent the likelihood that employees fall for insidious spear phishing attacks.

PhishGuru training takes only a few minutes of an employee’s time. Its effectiveness derives from the fact that it creates unique “teachable moments” that replicate the context in which users will be called upon to apply the training they receive. The benefits are significant increases in the ability of employees to recognize spear phishing attacks. Furthermore employees trained with the PhishGuru technology do not show any increase in misclassifying legitimate emails as fraudulent emails, showing that they are effectively becoming much better at discriminating between phishing emails and legitimate emails.

About Wombat Security Technologies

Wombat Security Technologies, headquartered in Pittsburgh, PA, was founded to commercialize products originally developed at Carnegie Mellon University as part of one of the largest anti-phishing research projects in the US. Wombat’s unique suite of anti-phishing training and filtering solutions offers organizations one of the most compelling ROI propositions in the marketplace today. Wombat’s products are easy to deploy and maintain and are used in sectors as diverse as finance, government, defense, telecom, health care, and education.

About CeCOS III

CeCOS III will unite IT operations, security, and law enforcement thought-leaders from Europe, America, Australia, East Asia and South Asia for to voice operational priorities in the global confrontation against phishing and electronic crime. The conference, to be held on May 12, 13 and 14, will engage questions of operational challenges and the development of common resources for the first responders, law enforcement officials and forensic professionals that protect consumers and enterprises from electronic crime threats every day.

CeCOS III is an open conference for members of the electronic-crime fighting community, hosted by the APWG and underwritten by its sponsors, including La Caixa, Telefonica, S21Sec, GMV, MarkMonitor, EMC’s RSA Security division, Ecija, Deloitte, Symantec and TB Security, a mix of industry principals that reflect CeCOS III’s truly international character and constituency.

Additional details on Wombat’s findings can be found in a newly released white paper: wombatsecurity.com/news

For additional details on the APWG: apwg.org

For additional details on Wombat Security Technologies: wombatsecurity.com

For more detail on the program’s content, visit the CeCOS III agenda: antiphishing.org/events/2009_opSummit.html

For Conference registration information, see: secure.lenos.com/lenos/antiphshing/obSummit09/

Media Contact: press@wombatsecurity.com

© 2008-2010 Wombat Security Technologies, Inc. All rights reserved. Privacy Policy
Wombat Security Technologies, Anti-Phishing Phil, PhishPatrol and PhishGuru are trademarks of Wombat Security Technologies