Phishers are in the business of deception. They trick unsuspecting individuals into compromising sensitive data, potentially bringing an entire organization to its knees. Awareness training for employees is one of the most important tools a company can use in its anti-phishing strategy. However, it also has its downsides. Some of these flaws can, and should be fixed. Others leave no choice but to complement training with additional anti-phishing tools.

Risk management has always been a central part of business, especially for financial institutions. From bank loan underwriting to insurance premium calculations and payment risk assessment, comprehensive risk management methodologies are vital to any business that deals with high-trust user actions. In particular, risk management is crucial to combating fraud – a huge global problem, the broad economic impact of which is clear.

We’re in an era of connectivity and convenience, but this has also opened the floodgates to a new wave of cyber threats. Among the most insidious and pervasive is credential stuffing, a cyberattack that exploits the human tendency to reuse passwords across multiple online accounts. This threat is more than just a digital inconvenience. Verizon’s 2024 Data Breach Investigations Report reveals that more than 49% of breaches caused by external actors involve stolen credentials.