PhishMe launches Phish Reporter tool to let staff alert IT to malware scams

Security firm PhishMe has unveiled new Phish Reporter technology designed to help employees more quickly alert IT departments about harmful messages.
The company unveiled the new service at Black Hat in Las Vegas, promising it will help companies better defend themselves from phishing and drive-by attacks.
Phish Reporter, is an Outlook extension designed to add a new alert button to the email client's toolbar that, when clicked, marks a message as suspicious. The service automatically uses PhishMe network data and incoming company information to scan the email and check if it is suspicious before forwarding it on to the firm's security team, stopping employees overloading administrators with requests.
PhishMe claims the data collected by the tool can be used by companies to retrieve time-stamped entries of reported phishing emails, create in-depth incident reports showing which emails have been flagged as suspicious over an extended period of time, improve phishing message filtering policies and improve attack detection times. This will reportedly help companies reduce incident response costs across the board.
PhishMe chief executive officer and co-founder, Rohyt Belani said the tool will let companies make the most of cyber-savvy employees who are not directly tied to their security department.
"With the new Phish Reporter button, organisations can effectively turn their employees into spear-phishing sensors," he said. "Many of our customers have successfully created an awareness culture in which employees can identify spear-phishing emails, but they lacked a fast, effective way to report these emails to the appropriate department within the organisation. Phish Reporter will help fill this void."
PhishMe chief technology officer and fellow co-founder, Aaron Higbee added that the tool will also provide feedback to the users who reported phishing incidents, letting them know if the messages were in fact dangerous. He said the feedback will have an added educational value, improving companies' overall cyber security awareness.
"PhishMe has established a unique methodology for scoring a user's ability to identify phishing attempts," he said. "With each employee being a potential sensor, they can now become proactive contributors to the threat-detection process and security teams can prioritise their analysis based on a user's scoring history."
Phish Reporter's unveiling follows widespread rumblings within the security community that suggest the phishing threat facing businesses is growing. Most recently Kaspersky Lab reported that crooks are targeting an average of 3,000 Brits with phishing messages every day in its The evolution of phishing attacks 2011-2013 report.