Phishing

Chatbots can be used to create manipulative content

COMMENTARY | Artificial intelligence could be used to generate content intended to manipulate people. Addressing this problem means understanding how communication works to influence people.

A Defense Against Phishing Attacks, One Simulated Email at a Time

With a platform that trains staff not to click on links in seemingly relevant emails, San Francisco cut the click rate on test emails by 50% in the first 18 months.

Combating threats to employees in digital spaces

COMMENTARY | User activity monitoring and behavior analytics can beef up cybersecurity training and help protect the agency from internal and external risk.

Pennsylvania says it’s approved for up to $5.2M cyber grant

The state is the first to publicly say it will receive federal funding under the State and Local Government Cybersecurity Grant Program.

AI-generated spam may soon be flooding your inbox – and it will be personalized to be especially persuasive

While generative AI tools help bad actors to fine-tune fraudulent messages, the tech can also be used to sharpen filters that block spam, an expert says.

ChatGPT could make phishing more sophisticated

The latest version’s greater “steerability” allows users to vary the style and tone of generated text to make scams even harder to detect.

No good deed goes unpunished: How phishing exploits gov workers

Phishing attacks target employees’ natural curiosity and their commitment to public service, experts say.

How one state’s phishing training evolves with threats

Indiana regularly tests employees on various platforms and attachment formats, including prompts related to headline news and retests of scams those that have proved difficult for workers to catch.

Almost half of phishing attacks target gov employees, research says

Traditionally aimed at stealing credentials, phishing attacks are growing increasingly sophisticated.

Why you need phishing-resistant MFA

Multifactor authentication can be vulnerable to phishing attacks, fake push alerts, communications protocols weaknesses or SIM swap attacks, according to CISA.

How one state bolsters its employees’ cyber hygiene

Strengthening its weakest link has helped Arizona reduce its click rate on phishing emails from 14% to 4%, the CISO says.