Author: Kevin Epstein

In response to the news that the US Census Bureau has asked for additional IT security training for its staff – including tips on how not to fall for phishing emails – in the wake of last week’s server breach, Kevin Epstein, VP of Advanced Security and Governance at Proofpoint commented on the US Census Bureau staff to take anti-phishing classes. Kevin Epstein, VP of Advanced Security and Governance at Proofpoint : “Like fire drills, training using ‘phish’ sent by a testing company can assist in training users — but as our research has shown, even best-in-breed organizations and staff are still…

In response to the news that a new report has revealed that phishing was up 74% in Q2 of 2015 and as a result malicious DNS-related cyber-activity also skyrocketed, Kevin Epstein, VP of Advanced Security and Governance at Proofpoint commented on the Phishing up 74% in Q2 2015. Kevin Epstein, VP of Advanced Security and Governance at Proofpoint : A. The report states that phishing was up 74% in Q2 2015, has Proofpoint witnessed the same? “While spam volumes fluctuate on a weekly basis, what’s of greater concern is the percentage of that unwanted mail that’s actually malicious in nature.  On…

It has been reported that hackers likely based in the Middle East have launched a new Gmail phishing campaign that’s trying to trick users into surrendering control Google accounts. The hackers do it by defeating Google’s own anti-spam software and sending what appears to be a legitimate Gmail message that redirects users to a fake Google Drive page that tricks them into giving up their username and password. Kevin Epstein , VP, Advanced Security and Governance at Proofpoint, explains what the implications of clicking on the malicious link could be and how users can know if they have been if they affected:…

In response to the news that the FBI has warned that hackers are attempting to break into US Government agencies using a recently patched Adobe Flash vulnerability, Kevin Epstein, VP of Advanced Security and Governance at Proofpoint commented on the phishers target US Gov using adobe flash vulnerability. Kevin Epstein, VP of Advanced Security and Governance at Proofpoint : “While training has an impact, every organization clicks — so organizations should prepare for that inevitable click. Reducing the number of inbound phish, assessing clicks at clicktime regardless of whether users are at their desks or mobile, and supplementing legacy email…

Symantec has issued a new report which states that spam emails during June were at all time low. The report said that people are being sent fewer spam emails than at any time over the past 12 years. Kevin Epstein, VP, Advanced Security and Governance at Proofpoint commented on the spam levels at all time low. Kevin Epstein, VP, Advanced Security and Governance at Proofpoint : “While spam volumes fluctuate on a weekly basis, what’s of greater concern is the percentage of that unwanted mail that’s actually malicious in nature.  On any given day, more than 30% of ‘spam’ actually…

A group of hackers known for targeting military, government and media organizations is currently using an exploit for a vulnerability in Java that hasn’t been patched by Oracle. The zero-day exploit was observed by researchers from Trend Micro in attacks against the armed forces of an unnamed NATO country and a U.S. defense organization. Those targets received spear-phishing emails that contained links to Web pages hosting the exploit. Kevin Epstein, VP, Advanced Security and Governance, Proofpoint : “Adversaries continue to use spear-phishing to initiate attacks because it works; as Proofpoint’s Human Factor research has shown, eventually every target clicks*.  Organizations…

In response to the news that 19,000 malicious Dyre Trojan emails have been sent in three days to customers of Barclays, RBS, HSBC, Lloyds Bank and Santander. Here to comment on this news is Kevin Epstein, VP of Advanced Security and Governance at Proofpoint. Kevin Epstein, VP of Advanced Security and Governance at Proofpoint : “Research reported in the 2015 edition of Proofpoint’s annual cybercrime report, the Human Factor*, suggests that at least one in every twenty-five recipients of this email will click and fall victim to the attack.  The use of a linked URL – which enables attackers to…

Following the recent security breach at the Office of Personnel Management (OPM), it has been revealed that the OPM has sent e-mail notices to hundreds of thousands of federal employees to notify them of the breach and recommend that they click on a link to a private contractor’s Web site to sign up for credit monitoring and other protections. However, the e-mails have been met with increasing alarm by recipients, concerned they are being targeted by phishing attacks.In response to the actions taken by OPM, please see below comments from Kevin Epstein, VP of Advanced Security and Governance at Proofpoint. Kevin Epstein, VP…