The act of phishing is usually considered criminal behavior. In a phishing attack, a hacker aims to trick a user into clicking on a malicious link of some sort in an attempt to infect the user with malware or steal personal information.
As it turns out, one of the best ways to help prevent people from being victims of a phishing attack is to actually phish them. At least that’s the view of security vendor PhishMe, which operates an anti-phishing technology service that teaches users what not to click. It’s a business that investors now see potential in too.
At the end of July, PhishMe raised $2.5 million in a Series A venture capital funding round, let by Paladin Capital Group.
“Our focus is all about changing employee behavior toward spear phishing attacks,” Rohyt Belani, CEO and co-founder of PhishMe, told eSecurityPlanet.
Belani explained that PhishMe has a Software-as-a-Service (SaaS) offering that customers use to emulate phishing attacks against their own employees. He noted that PhishMe is different than traditional penetration testing with social engineering.