• slide
  • slide
  • slide
  • slide
  • slide
  • slide
  • slide
  • slide
  • slide
  • slide
  • slide
  • slide
  • slide
  • slide
  • slide


Intelligent Email Security Solutions for the Government to Stop Phishing Threats

Phishing attacks are adapting, evolving, and showing no signs of slowing down. Our end-to-end email security solutions provide the intelligence, training, and security that Federal agencies and government contractors need to secure their data and protect their workforce. Cofense solutions meet the rigorous government standards with FedRAMP ATO-Moderate authorization and are now available through the Carahsoft GSA Schedule. Only Cofense can offer a comprehensive email security solution that federal agencies require and is a trusted provider to the federal government.

Why Cofense?

Cofense® is the leading provider of advanced email security & phishing protection solutions. Designed for enterprise organizations, our comprehensive end-to-end email security solutions are driven by actionable intelligence, with insights from a global community of millions of trained reporters, combined with advanced automation to stop phishing attacks faster and stay ahead of breaches. When deploying the full suite, organizations can educate employees on how to identify and report phish, detect phish in their environment and respond quickly to remediate threats. With seamless integration into most major TIPs, SIEMs, and SOARs, Cofense solutions easily align with existing security ecosystems. Cofense understands how to improve email security, aid incident response, and reduce the risk of compromise.

For additional information, please visit www.cofense.com or connect with us on Twitter and LinkedIn.


The comprehensive Cofense phishing detection and response solutions deliver protection from malware threats, ransomware campaigns and scams that evade Secure Email Gateways (SEGs) every day - providing federal teams the visibility and tools to stop phishing threats in minutes, not hours.


Detect and remediate phishing threats that hit the inbox, within minutes.

  •  Cofense PhishMe 

    Teach employees to identify potential phish with simulations that reflect relevant, real-world phishing threats with the only FedRAMP Moderate authorized phishing simulation solution available to federal agencies.

  •  Cofense LMS

    Encourage employee threat awareness with engaging and customizable phishing awareness training.

  •  Cofense Reporter

    Report potential phishing attacks and notify security teams in real-time with a simple, one-click button.


Reduce security operations burden through automated responses to phishing attacks.

  • Cofense Triage

    Accelerate identification and mitigation of complex phishing threats with integration and automation.

  • Cofense Vision

    Automatically identify and quarantine known threats across your entire organization — with no intervention.


Integrate the crowd-sourced intelligence of millions of users into other systems.

  • Partnerships

    Integrate seamlessly with leading SIEM, TIP, and SOAR solutions to get a complete view of risk in your organization.

  • Cofense Intelligence

    Make informed decisions and defend your organization with a combination of state-of-the-art technology and human intelligence.


The Importance of Intelligence in Stopping Phishing Attacks

March 23, 2022

It’s a staggering statistic: 50% of all email phishing attacks, including business email compromise (BEC) and credential theft, evade secure email gateways (SEGs). Yes, your SEG misses half of all advanced email attacks targeting your organization. Learn more…

Russia-Ukraine Conflict Leverages Phishing Themes

March 2, 2022

As the conflict in Ukraine unfolds, Cofense Intelligence continues to monitor for phishing threats related to the conflict and has identified malicious campaigns that are using this current event as a lure to target end users. Learn more…

Cyberattacks in Ukraine Reaffirm Need for Proactive Training, Testing and Validating

February 25, 2022

As events unfold in Ukraine, many predict cyber warfare will play a significant role in Russia’s offensive operations. We have already seen reports of government and banking website denial of service attacks, and an advanced new wiper malware deployed to some targets in Ukraine. We are continuing to monitor the situation to see what more sophisticated cyberwarfare capabilities might be deployed. Learn more…

Six-Year Reflection – What is Business Email Compromise Today

February 10, 2022

When it comes to tracking business email compromise (BEC), a lot has changed over the last six years. In the same breath, absolutely nothing has changed except our understanding of the problem. Duality of multiple truths can be a difficult concept to grasp, as two contradicting truths can be just that: true. On one side, BEC is seen as being responsible for billions of dollars lost, which is true. However, when you slightly shift your vantage point, the cyber criminals behind BEC attacks are responsible for MUCH more damage than initially thought. Let’s take a look at both vantage points where both everything and nothing have changed since we first started phishing the phishers and attempting to understand all things BEC. Learn more…

COVID-19 Status Update? Sounds Like Credential Theft.

February 3, 2022

As self-testing via antigen and professional testing via PCR have become more common across many sectors of society, so has status-based phishing. Just as COVID-19 guidelines have evolved, so have threat actor phishing tactics. This recent Office365 credential harvesting campaign utilizes the topic of potential repercussions if the status form isn’t completed. A classic tactic of creating panic in the end user, this ploy threatens financial or other penalties if a certain urgent task isn’t completed. Learn more…

Meet Cofense Validator: Finally. An objective assessment of secure email gateways.

February 2, 2022

You know that feeling? The one where you think you’re doing a good job. You feel like you’re doing okay. But the reality is you just aren’t quite 100% sure? A lot of security professionals we talk to feel the same. That feeling, when paired with guidance from companies to reevaluate their email security controls, usually leaves someone trying to answer the question of, “How do I objectively evaluate the efficacy of my email security controls against real, active threats?” Learn more…

TrickBot Malware Delivered as Invoices

January 27, 2022

During the covid pandemic, many users have been getting invoices sent via email to process for payment. Some of these are business to business, business to individuals, or vice versa. With the supply chain delays, receiving a notification that a delivery attempt was missed can lead to frustration and entice the recipient to open the invoice link to further investigate. Threat actors have taken advantage of this and, with a recent TrickBot campaign analyzed by the Cofense Phishing Defense Center (PDC), they are imitating delivery services such as U.S. Postal Service. Learn more…

Cyber Gang Targets Users with Password Expiration Scam

January 20, 2022

The Cofense Phishing Defense Center (PDC) recently uncovered another dose of credential phishing attacks on consumers, whereby threat actors lure their victims with known social engineering tactics. Thanks to the widespread use of Microsoft Single Sign On (SSO), such as OAuth2, threat actors can use this to their advantage as a powerful means of harvesting credentials to compromise important services. Learn more…

Dept. of Labor Phish Appears for the Month of December

January 11, 2022

Impersonating a government entity is a relatively common practice for threat actors to attempt. Through this impersonation a threat actor seeks to gain trust or authority in an interaction with a potential victim. Recently, the Cofense Phishing Defense Center (PDC) has analyzed a phishing campaign that impersonates the United States Department of Labor. In this specific campaign, the threat actor also tries to push a financial incentive with the lure of an “INVITATION FOR BID” through the Department of Labor. Learn more…



GSA Multiple Award Schedule Contract (MAS)

Aug 22, 2018- Aug 21, 2023


Aug 31, 2020- Aug 30, 2025
*Additional Option Years Available

State and Local

Oklahoma DIR Contract # SW1056A

Feb 22, 2019- Feb 21, 2023
*Additional Option Years Available


Apr 01, 2019- Dec 31, 2022
*Additional Option Years Available

RCA - Orange County - OMNIA Partners

May 01, 2021- Apr 30, 2023

Texas DIR-TSO-4288

Feb 22, 2019- Feb 21, 2023
*Additional Option Years Available


Educational Software Solutions and Services - OMNIA Partners, Public Sector

Feb 27, 2020- Apr 30, 2023
*Additional Option Years Available

Illinois Learning Technology Purchase Program (ILTPP)

May 20, 2019- Mar 01, 2023


Oct 20, 2015- Sep 03, 2025

The Quilt

MSA - 05012019F
Apr 01, 2016- May 02, 2025


Featured Events

Staying Ahead of a Breach in Uncertain Times: What Email Security Experts Predict for 2023

Wednesday, December 07 @ 11AM EST

Register Today

Virtual Submerge 2022

Seems Phishy? It Probably Is.

We Scammed the Scammers with Gift Cards. Here’s What Happened.

Past Events, Webinars & Trainings


Latest News

Cofense®, the leading provider of Phishing Detection and Response (PDR) solutions and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced that Carahsoft has ...
Cybersecurity and Infrastructure Security Agency Director Jen Easterly told a roomful of city officials from around the United States on Thursday that while the din of ransomware and other ...
The key goals of FedRAMP are to accelerate the government’s adoption of secure cloud solutions and reuse assessments and authorizations across agencies.
Today, we are delighted to announce that Cofense PhishMe has received Agency Authority to Operate (ATO) from the US Department of Health and Human Services (HHS).
FedRAMP, the federal program created to assess the security of cloud service providers (CSPs), saves time and cuts costs for U.S. government agencies that would otherwise conduct their own ...
The Cofense Phishing Defense Center (PDC) has observed a new email-based phishing scam that aims to harvest Her Majesties Revenue and Customs (HMRC) credentials and sensitive personal information by ...
Scammers are looking to capitalize on the extortion campaigns being conducted by the Maze ransomware gang and others by demanding thousands of dollars in ransom to not release data they claim to have ...
A new keylogger called “Mass Logger” is currently being tracked by Cofense Intelligence and security researchers believe that it could significantly impact the larger keylogger market as well as ...
In the last 90 days, Cofense has identified tens of thousands of malicious emails that successfully evaded “secure” email gateways
Almost exactly four years after Russian operatives hacked into the email accounts of prominent Democrats ahead of the 2016 election, Google confirmed on Thursday that foreign adversaries are still at ...
Election officials across the country spent the past four years preparing for very different circumstances. Like all of American life, the coronavirus pandemic has thrown those plans into disarray. ...
A diabolical new phishing attack is targeting corporate inboxes. It’s capable of stealing data stored in the Office 365 cloud, and it doesn’t even need a victim’s password to pull off the heist.
Security researchers have found a new phishing campaign that gives hackers access to user data without a password. According to a blog post by Cofense, the tactic uses the OAuth2 framework and OpenID ...
Security researchers have uncovered a new phishing campaign capable of bypassing multi-factor authentication (MFA) in Office 365 to access user data stored in the cloud. The discovery was made by the ...
When a major event or emergency arises, phishing emails exploiting human emotions and global attention are never far behind. To better equip cyber security and security awareness teams with accurate, ...
Cofense®, the global leader in intelligent phishing defense solutions, today announced Cofense PhishMe®, its award-winning phishing security education training platform, has achieved the Federal ...
Cofense, the global leader in intelligent phishing defense solutions, today announced the company’s presence at RSA Conference 2020, taking place February 24-28 in San Francisco. This year’s RSAC ...



Automatically Hunt & Quarantine Phishing Emails in 60 Seconds A data spillage is a security incident that occurs whenever sensitive or protected information is spilled onto a system or to an individual or group of individuals that are not authorized to process or handle such information. Cofense Vi...

Listen in and hear how agencies can be equipped with solutions to quickly find, respond to, and remediate phishing attacks in real-time by combining the power of human reporting and high-fidelity AI & machine learning.

In 2020, Cofense stood alone actively discouraging sending COVID-19 themed phishing simulations at the outbreak of the pandemic. As information security experts grumbled on Twitter about the need for realism, the Cofense customer community produced more REAL coronavirus/COVID-19 phishing email indic...

There’s no question 2021 was the year of vulnerabilities that drained already exhausted security operations teams. From pandemic fatigue to the exploitation of critical business services like Microsoft O365 by crafty threat actors, organizations of all sizes faced increased susceptibility to phishin...

Threats That Matter: DcRat, Qakbot, and BEC.In Q2 of 2022, the phishing threat landscape was impacted by several factors. Emotet and QakBot operators have introduced new delivery mechanisms into their phishing campaigns. As a result of their adoption by Emotet, LNK downloaders have become the top de...

The Cofense Intelligence™️ team analyzes millions of emails and malware samples to understand the phishing landscape. Every 90 days, we deliver this updated report on the latest threats spawned by malicious email attacks, so that you're aware of what could be hitting your inboxes.During Q3, Cofense ...

Despite the best efforts of anti-phishing software and other security measures, it continues to grow as attackers’ preferred tool for infiltrating networks and compromising data. Most recently, phishing has taken advantage of the pandemic, luring victims with COVID-19 themes.Learn the best practices...

Threat actors are evolving quickly and modern-day attacks are more complex and sophisticated. Learn why intelligence and human reporting + AI are a MUST.

Cofense increases employee awareness and delivers protection from malware threats, ransomware campaigns, and scams like sextortion which evade secure email gateways (SEGs) every day. Our solutions give federal teams the visibility and tools to stop phishing threats in minutes, not hours. And we give...

Threat actors are running a series of campaigns spoofing several departments of the United States government. The emails claim to request bids for government projects but lead victims to credential phishing pages instead. These campaigns have been ongoing since at least mid-2019 and were first cover...