Recent Posts

Recent Blog Posts

The PhishLabs Blog

With Spoofed Calls on the Rise, FCC Seeks New ID Authentication Program

Posted by Elliot Volkman on Mar 14, '18

Spoofing a phone number is not a new concept, you probably get several calls from them a day, but with the accessibility of VoIP solutions and open source software spoofing a phone number is a breeze.

Telemarketers, robocalls, spammers, scammers, and even prank callers use it, and what once started as a simple grab and go of any available phone number has since evolved.

Read More

Topics: Vishing, Phone Fraud, Spoofing

New Variant of BankBot Banking Trojan Ups Ante, Cashes Out on Android Users

Posted by Joshua Shilko on Mar 13, '18

A newly observed variant of BankBot has been discovered masquerading as Adobe Flash Player, Avito, and an HD Video Player. This variant, now detected by PhishLabs as BankBot Anubis, was first identified on March 5, 2018. 

Read More

Topics: Phishing, Banking Trojan, BankBot Anubis

Understanding Google Chrome’s Upcoming https Changes

Posted by Elliot Volkman on Mar 6, '18

Can a single word create broad-sweeping implications to how we use the internet? It most certainly can, and an upcoming software update to Google Chrome may drive a false sense of security while shaming other sites all due to a single word: Secure.

Read More

Topics: Brand Abuse Lure, Phish, Google, https

PhishLabs Launches Future of Cybersecurity Scholarship Program

Posted by Elliot Volkman on Mar 2, '18

Today, PhishLabs is proud to announce the launch of our new annual scholarship program that is focused on furthering professionals interested in the growing world of cybersecurity. Dubbed the Future of Cybersecurity Scholarship Program, we will be able to help fuel student’s growth into one of the most in-demand industries.

Read More

Topics: Company News, Scholarship

Webinar Announcement: Microlearning for Macro Results

Posted by Elliot Volkman on Feb 28, '18

Training and education models of the past are antiquated and ineffective, and when it comes to the risk of your company and clients that simply isn’t good enough.

Our webinar for March will focus on a new and improved education model that can be built out as part of an organization’s security awareness training.

Read More

Topics: security awareness training

Qadars: Modular Features That Make This a True Threat

Posted by Elliot Volkman on Feb 27, '18

In January we released an in-depth technical white paper that pulls apart the Qadars Banking Trojan, a threat that targets financial institutions, POS systems, and even popular online gaming sites.

There was a great deal of information, including just how much effort our R.A.I.D. team had to put into reverse-engineer the malware, which is why we wanted to further highlight exactly why this trojan is such a threat.

Read More

Topics: Qadars, Threat Monitor

HIMSS: Why the Healthcare Industry is a Unique Target for Cyber Criminals

Posted by Elliot Volkman on Feb 22, '18

HIMSS 18 health IT conference is coming up March 5-9 in Las Vegas, and the PhishLabs team will be in attendance to chat about why the healthcare industry is such a unique target for cyber criminals and what organizations can do to defend against cyber threats. 

You can also join Chris Bowen, our Senior Security Engineer, and Ryan Clemency, Account Executive, for a discussion around healthcare targeting and how organizations can leverage their security technologies and assets to manage risk.

Read More

Topics: Events, HIMSS

How To Fight the War Against Phishing

Posted by Dane Boyd on Feb 20, '18

Making the move from the typical security awareness training approach to a powerful anti-phishing program isn’t an easy sell.

Executive boards are used to basic training programs with boring annual sessions, and (let’s be honest) minimal results… with correspondingly tiny budget approvals. So when they finally do agree to a more in-depth program, there’s a tendency to expect results overnight.

The trouble is, training users to spot and report phishing emails isn’t an overnight fix. And trying to realize dramatic results in a short timescale is a surefire way to hamstring your program.

Read More

Topics: Phishing, Employee Defense Training

How Security Teams Handle Malware Analysis

Posted by Elliot Volkman on Feb 16, '18

During our webinar focused on the Qadars Banking Trojan there was a great deal of analysis provided on just how evasive the threat is.  This begs the question, how does your team handle malware analysis?

Read More

Topics: Phishing, Qadars, Threat Monitor

Who Says Holiday Romance is Dead? Catphishers, That’s Who

Posted by Lindsey Havens on Feb 14, '18

It’s that time of year again.

A day of romance, crowded restaurants, overblown gestures of love, and…

Well. You get the idea.

For those of us in the security world there’s another, less enjoyable component to Valentine’s Day. Yes, even less enjoyable than trying to share a romantic meal while sitting less than a foot away from four other couples.

Yes, I’m talking about holiday themed phishing scams. We’ve written about this precise topic many times before (including last Valentine’s Day) but so far we’ve never tackled the specific scams that surround this romance-centric annual event.

So before you send those dutch-courage fueled love notes, just take a moment to consider…

Read More

Topics: Phishing, Spear Phishing, Employee Defense Training


What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Upcoming Events


Posts by Topic

see all