Recent Posts

Recent Blog Posts

The PhishLabs Blog

What is a Look-alike Domain?

Posted by Tricia Harris on Nov 25, '20

By definition, a look-alike domain is a nearly identical, slightly altered domain name, registered with intent to deceive.

Read More

Topics: Digital Risk Protection, Domains

Top 7 Use Cases for Digital Risk Protection

Posted by The PhishLabs Team on Nov 25, '20

Today’s enterprises are experiencing an accelerated digital transformation due to the pandemic, and adoption of initiatives that would normally span years are being fast-tracked to support remote workforces and transition to new platforms. The external digital landscape is also rapidly expanding, and organizations are being required to conduct business more frequently through non-traditional channels. This digital evolution is leaving enterprises increasingly susceptible to attacks outside the network perimeter. 

In order to detect and respond to today's most relevant threats, security teams are investing in operational Digital Risk Protection (DRP) capabilities. 
Read More

Topics: Digital Risk Protection, DRP

Ransomware Groups Break Promises, Leak Data Anyway

Posted by Jessica Ellis on Nov 25, '20

While paying ransoms to cybercriminals remains very controversial, the trend of ransomware groups threatening to leak sensitive data has added another layer of complexity to an already difficult decision. Should organizations pay up? Or should they refuse?  According to a recent report, it may not matter. Data stolen in ransomware attacks is frequently becoming public even after the victim has paid. 
Read More

Topics: Ransomware, Digital Risk Protection, Email Intelligence & Response, DRP

As Screen Time Skyrockets, So Does Threat of Fake Apps

Posted by Jessica Ellis on Nov 25, '20

App downloads fueled by COVID-19 lockdowns leapt to 37.5 billion in Q2 of this year, and collective global app usage is surging. Android users' screen time stands out significantly, with an increase of 25% above the weekly average from the previous year. As apps continue to be an integral part of how we conduct business and perform sensitive tasks, bad actors are using fake and unethical apps to engage with unassuming mobile users. 
Read More

Phishing Campaign Uses Malicious Office 365 App

Posted by Michael Tyler on Nov 25, '20

Most phishing campaigns attempt to take over accounts by tricking the victim into divulging their credentials. PhishLabs has uncovered a previously unseen tactic by attackers that uses a malicious Microsoft Office 365 App to gain access to a victim’s account without requiring them to give up their credentials to the attackers.

Read More

Topics: Email Incident Response, Office 365

How to Detect Look-alike Domain Registrations

Posted by The PhishLabs Team on Nov 25, '20

Malicious domains are attributed to a wide variety of cyber attacks capable of undermining a brand’s credibility. A spoofed domain is easy and quick to create, and can act as the catalyst for malicious email campaigns and phishing sites. In order to detect and action domain threats targeting your organization, security teams need to implement mature and progressive processes for collection and curation.
Read More

Topics: Domain Threats Playbook, Domains

Encryption to Double Extortion: Ransomware's Rapid Evolution

Posted by The PhishLabs Team on Nov 11, '20

Threat actors are leveraging stolen data to enhance ransomware attacks. Data leaks and ransomware - once considered two distinct threats - are overlapping into a hybrid tactic known as double extortion. While traditional ransomware attacks deny access to valuable systems and data, double extortion threatens to leak sensitive data if the ransom is not paid. 
Read More

Topics: Ransomware, TrickBot, Ryuk

Limited Impact of Phishing Site Blocklists and Browser Warnings

Posted by Stacy Shelley on Nov 6, '20

The life of a phishing site is brief, but impactful. A study published earlier this year found the average time span between the first and last victim of a phishing attack is just 21 hours.  The same study observed the average phishing site shows up in industry blocklist feeds nearly 9 hours after the first victim visit. By that time, most of the damage is done. 

Read More

Topics: Phishing, Digital Risk Protection

$2.3M Stolen from Wisconsin GOP via BEC Attack

Posted by Stacy Shelley on Oct 30, '20

 
With Election Day just around the corner, the Republican Party of Wisconsin  revealed that $2.3M was recently stolen from election funds intended to support the re-election of President Trump.  According to their statement, they are victims of a Business Email Compromise phishing attack that altered invoices to direct payments to accounts controlled by the threat actor.
 
Read More

Topics: Spear Phishing, BEC, Election 2020

Ryuk Ransomware Targeting Healthcare

Posted by The PhishLabs Team on Oct 29, '20

As if the COVID-19 pandemic were not enough, the healthcare sector is now being actively targeted by threat actors using Ryuk ransomware. Yesterday, the FBI issued an increased and imminent cyber threat warning amid growing reports of healthcare providers falling victim to the campaign. The threat actors are using Trickbot (delivered via Emotet) to gain access to target systems and deploy Ryuk. 
Read More

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all