#employees

Security awareness tips, industry news, and product updates.

Employee logging into an account using a password manager on a laptop
Security Awareness Tips

Password Managers and Credential Hygiene at the Office

Reused passwords plus breached credentials are the fuel behind account takeover. Here is how to roll out password managers and build credential hygiene that actually holds across your organization.

Rachel Andersen·7/7/2026·7 min read
An employee carefully reading an email thread on an office computer
Phishing & Social EngineeringThreat Intelligence

Thread Hijacking: Phishing From Inside Trusted Emails

Thread hijacking lets attackers reply inside a real email conversation, with a familiar subject, history, and trusted sender. It defeats the 'unknown sender' instinct. Here is how to spot it.

Elena Vasquez·7/1/2026·7 min read
A web browser open on a laptop screen in a workplace setting
Threat Intelligence

Malicious Browser Extensions and Session Theft Risk

Compromised browser extensions are quietly stealing session cookies and tokens - and stolen sessions sail right past passwords and MFA. Here's why attackers are living in the browser, and how to govern extensions.

Rachel Andersen·6/29/2026·7 min read
Employee searching for a software download on a laptop in an office
Phishing & Social EngineeringThreat Intelligence

Malvertising & SEO Poisoning: The Fake Download Trap

Attackers are buying ads and gaming search results so the top hit for popular software is a trojanized download. Here's how malvertising and SEO poisoning infect employees - and how to train against it.

David Kowalski·6/28/2026·7 min read
An employee reading an urgent text message on a smartphone at work
Phishing & Social Engineering

Gift Card Scams: The "Are You Available?" CEO Fraud

"Are you available? I need a quick favor." It's the opening line of a gift card scam impersonating your CEO - low-tech, high-volume, and aimed at new and junior staff. Here's the pattern and the one rule that stops it.

Thomas Eriksson·6/25/2026·7 min read
Employee looking at a concerning email on their phone in a calm office setting
Phishing & Social EngineeringSecurity Awareness Tips

Sextortion Emails: It Is Almost Always an Empty Bluff

A threatening email claims to have webcam footage and demands Bitcoin — and it even quotes one of your old passwords. Here is why these extortion scams are almost always empty bluffs, and how to help employees respond calmly.

Rachel Andersen·6/21/2026·7 min read
Employee entering text into an AI chatbot on a laptop at work
Security Awareness TipsCompliance & Regulations

Shadow AI: When Employees Leak Company Data to Chatbots

98% of organizations report unsanctioned AI use, and most have no policy to manage it. Shadow AI has become a top insider data-loss risk — and it's a security awareness problem.

Natalie Hoffmann·6/17/2026·4 min read
Employee reporting a suspicious email with one click at their office desk
Security Awareness Tips

The Report Button: Your Highest-ROI Security Habit

One click on a report button can turn every employee into a sensor and shrink an attacker's dwell time to minutes. Here is how to build the process and the blameless culture that make reporting reflexive.

Thomas Eriksson·6/12/2026·7 min read
New employee being welcomed and onboarded on their first day in the office
Security Awareness Tips

Security Onboarding: Protect New Hires From Day One

New hires are eager to please, unfamiliar with the norms, and disproportionately targeted by BEC and impersonation scams. Their first 90 days are the riskiest. Here is how to build security into onboarding from day one.

Elena Vasquez·6/11/2026·7 min read
Employee following an on-screen instruction prompt on their computer
Phishing & Social EngineeringThreat Intelligence

ClickFix Attacks: The Fake CAPTCHA That Installs Malware

ClickFix tricks users into pasting a malicious command into their own computer under the guise of a CAPTCHA or 'fix this error' prompt. Here's why it bypasses your filters and how to train against it.

Elena Vasquez·6/8/2026·4 min read
Football fans filling a packed stadium during a major tournament match
Phishing & Social EngineeringThreat Intelligence

FIFA World Cup 2026 Ticket Scams Hit the Workplace

The FBI is warning fans that criminals are spoofing FIFA's ticketing site ahead of the 2026 World Cup. Here is why event-themed lures land in employee inboxes and how to train your team to spot them.

Marcus Chen·6/7/2026·7 min read