Recent Posts

Recent Blog Posts

The PhishLabs Blog

Credential Theft, O365 Lures Dominate Corporate Inboxes in Q1

Posted by The PhishLabs Team on Jun 14, '21

In Q1, PhishLabs analyzed and mitigated hundreds of thousands of phishing attacks that targeted corporate users. In this post, we break down these attacks and shed light on the phishing emails that are making it into corporate inboxes.
Read More

Topics: Q1 2021 Phishing Trends & Intelligence Report

47% Phishing Increase in Q1

Posted by The PhishLabs Team on Jun 7, '21

Phishing is on the rise. PhishLabs identified 47% more phishing sites in Q1 of 2021 than there were in Q1 of 2020.  This trend is continuing as Q2 attacks are also up significantly year-over-year.
Read More

Topics: Q1 2021 Phishing Trends & Intelligence Report

Q1 2021 Threat Trends & Intelligence Report

Posted by The PhishLabs Team on May 26, '21

Phishing attacks in Q1 have increased 47% compared to last year, according to PhishLabs newly released Q1 2021 Threat Trends & Intelligence Report. The report uses data collected from hundreds of thousands of attacks analyzed and mitigated by PhishLabs in Q1 to identify top threats targeting enterprise brands, and determine emerging trends throughout the threat landscape.
Read More

Topics: Q1 2021 Phishing Trends & Intelligence Report

Top 4 Digital Brand Threats

Posted by Jessica Ellis on May 21, '21

Threat actors routinely impersonate brands as part of their attacks. Brand abuse can occur anywhere online, and impersonating a reputable company automatically gives credibility to a threat that might otherwise be instantly identified as suspicious. Because brand impersonation is so broadly used across the threat landscape, security teams need to have complete visibility into the top brand threats targeting their organization. They also need efficient workflows that extract actionable intelligence from potential brand threats. 
Read More

Topics: Digital Brand Protection

What is Digital Brand Protection?

Posted by Jessica Ellis on May 19, '21

Digital brand protection is defined as comprehensive intelligence sourcing and mitigation of external threats targeting your brand. Digital brand abuse can occur anywhere online. Therefore, it is necessary to have proactive and comprehensive detection capabilities across digital channels to prevent revenue loss and reputation damage. 
Read More

Topics: Brand Abuse, Brand Protection, Digital Brand Protection

Ransomware Playbook: Defense in Depth Strategies to Minimize Impact

Posted by Jessica Ellis on May 13, '21

In 2020, ransomware attacks in the U.S. increased 139% year-over-year . Attacks are more strategic, demands are higher, and new tactics have emerged that leave victims experiencing the pressure to pay. Organizations that are affected by ransomware believe they are left with one of two choices: Refuse to meet ransom demands and risk the loss of data or, pay the ransom and hazard it released anyway.  
Read More

Topics: Ransomware

Alien Mobile Malware Evades Detection, Increases Targets

Posted by Jessica Ellis on May 4, '21

PhishLabs is monitoring the increasing number of mobile applications targeted by the relatively new Alien Mobile Banking Trojan. Alien, a fork of Cerberus, continues to evade Google’s malware detection and is targeting a broad spectrum of both financial and non-financial apps. So far, Alien has been connected with 87 new brands previously not targeted by Cerberus. 
Read More

Topics: Malware, Banking Trojan, Mobile

ZLoader Dominates Email Payloads in Q1

Posted by Jessica Ellis on Apr 21, '21

Malicious payloads delivered via email phishing continue to drive access to sensitive infrastructures and result in data compromise for enterprises. In Q1 of 2021, attack methods including malware campaigns have contributed to a 564% increase in individuals affected by a data leak, as well as a 12% increase in publicly-reported compromise. 
Read More

Topics: Malware, Ransomware

Breaking Down the Latest O365 Phishing Techniques

Posted by Jessica Ellis on Apr 1, '21

Microsoft Office 365 phish are some of the most common threats that reach end users inboxes. Over the course of a two-year period, PhishLabs has observed that O365 phish have accounted for more than half of all reported phish by enterprises - by a significant margin. 
Read More

Most Phishing Attacks Use Compromised Domains and Free Hosting

Posted by The PhishLabs Team on Mar 24, '21

To stage a phishing site, cybercriminals have several options. They can use a legitimate domain that has been compromised, they can abuse free hosting services, or they can register their own domain. Understanding the prevalence of each scenario is fundamental to detecting and mitigating these threats as early in the attack process as possible (including before they’ve been launched). PhishLabs recently analyzed more than 100,000 phishing sites to establish how many used compromised domains, free hosting, or maliciously-registered domains.  
Read More

Topics: Domains

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all