The PhishLabs Blog

New Phishing-Based TrickBot Campaign Identified

Marcher Android Banking Trojan - Threat Actor Shifts Technique to Evade Detection

Not NotPetya (An analysis of Karo Ransomware)

New Tech Support Scam Strikes Amazon, eBay, and Alibaba Customers

Healthcare Security Awareness Training: Don't Fear Failure, Learn From It

Why Your Security Awareness Training Isn't Working and What to Do Instead

The Mobile Phishing Threat You’ll See Very Soon: URL Padding

Evolving Tactics in Tax Phishing: A Recap of the 2017 Tax Season

How Phishing Volume Grew in the First Three Months of 2017

Q1 2017 Phishing Trends & Intelligence Report

Statement on Pastebin post claiming PhishLabs data for sale

Coming Soon - Healthcare Security Awareness Training, the 2017 Buyer’s Guide

Marcher and Other Mobile Threats: What You Need to Know

Third DocuSign Phishing Campaign Identified Linked to Email Database Breach

How Malicious Domain Correlation is Fueling the Fight Against Phishing

WannaCry: What We Know… and What We Don’t

Global WannaCry Ransomware Outbreak

How To use URL Pattern Analysis for Phishing Detection & Mitigation

How To Build a Powerful Security Operations Center, Part 3: Financial Investment & Reporting

From Macro To Mitigation: An Analysis of TrickBot's Lifecycle

How To Build a Powerful Security Operations Center, Part 2: Technical Requirements

How To Build a Powerful Security Operations Center, Part 1: Motivation & Logistics

How to Identify and Block Ransomware

The Ransomware Explosion: Lessons Learned in 2016

7 Things the Healthcare Industry Needs from Security Awareness Training: HIMSS Feedback

How and Why the Phishing Threat Landscape Has Changed

Beyond .COM: Analysis of Phishing Domains in 2016

The Phishing Email that Fooled Thousands of Trained Users

Picking on the Little Guy: Ransomware Trends

Phishing with Wildcard DNS Attacks and Pharming

APWG & Kaspersky Research Confirms Phishing Trends & Intelligence Report Findings

Anatomy of a Phishing Attack: How Phish Kits Evolved in 2016

Dissecting the Qadars Banking Trojan

Shooting Gallery: A Breakdown of Phishing Targets in 2016

The Sinister New Trend in Phishing (and Why You Should Care)

How To Avoid Becoming the Next Big Phishing Headline

The 2017 Phishing Trends & Intelligence Report is now available!

How To Be HIPAA Compliant (And Why It’s Not Enough)

Building Powerful Security Awareness Training for the Healthcare Industry

Exploiting Weakness: Why Healthcare is an Obvious Ransomware Target

Anatomy of a Healthcare Data Breach

Evaluating Maturity: The State of Healthcare Security

The Uphill Battle of the Healthcare CISO

The Top 9 Reasons Healthcare Organizations are a Hacker’s Best Friend

Security Awareness Training: A Recipe for Success

Why Security Awareness Training Should Be Your Easiest Investment Decision

Exploring the Surge in Phishing Attacks During the Holidays

How to Build a Business Case for Powerful Security Awareness Training

How to Calculate ROI for Security Awareness Training

Why Ransomware Works, Why it Doesn't, and What it Will Work on Next

How and Why You Should Calculate Your Organization's Cost of Phishing

Why Your Security Awareness Training Isn't up to Par (And What to Do About It)

How Have You Gained Buy-in for Your Security Awareness Program?

Do We Overlook the Best Line of Defense Against Cyber Attacks?

Ransomware Reload & Definitive Resource Guide

How Modern Banking Trojans Obstruct Malware Analysis

Pay Up: The 2016 Definitive Guide to Ransomware

#CyberAware: Spotlight on Ransomware

The Growing Business of Cybercrime as a Service

All Phish are Not Created Equal: The Evolving BEC Scam

Rewinding the Headline: Where Do Data Breaches Begin?

Hurricane Matthew Cyber Scams

Cyber Security Awareness Month: Let's Fight Back Together

Does the Yahoo Breach Have You Worried About Your Online Security?

How to Strengthen Your Human Firewall

Why Some Phishing Emails Will Always Get Through Your Spam Filter

Hitting Back Against Security Awareness Training Nay Sayers

Federal Trade Commission Hosts Ransomware Workshop

Why Your Users Keep Falling for Phishing Scams

Disrupting the Phishing Supply Chain

When Good Websites Turn Evil: How Cybercriminals Exploit File Upload Features to Host Phishing Sites

Alma Ransomware: Analysis of a New Ransomware Threat (and a decrypter!)

Google AdWords Used in Bitcoin, Banking, and Online Gambling Phishing Campaigns

PhishLabs Recognized in Inc. 5000 List for Third Consecutive Year

So You've Been Infected with Ransomware...

Phishing Attacks Come in a Wide Variety of Flavors...Make Sure Your Employees Get a Taste of Each

Recent Phishing Campaign Uses Jabber to Exfiltrate Compromised Information

How to Defend Against Ransomware: The Three Stages

Vawtrak / Neverquest2 adopts new methods to increase persistence

A Spotter's Guide to Ransomware

The Anatomy of a Successful Ransomware Attack

Five Strategies to Motivate Your Employees to Behave Securely

Why Security Awareness Training – Alone – Doesn’t Solve the Spear Phishing Problem

Top Five Phishing Awareness Training Fails

Marcher Android Malware Increases its Geographic Reach

Phishing, Whaling, & the Surprising Importance of Privileged Users

When It Comes To Security Awareness – Do You Want A Doctor Or A Personal Trainer?

Olympic Vision Keylogger and BEC Scams

How to make the most of reported phishing emails... Even if there are way too many

Examining a New Cybercrime OPSEC Technique (And How to Break It)

Taking Fraud Protection on the Offensive

FFIEC issues new guidance on mobile risks

Fraudster Phishing Users with Malicious Mobile Apps

Six Steps to Train Your Users to Fight Cybercrime

Technical Dive into a Hardened Phish Kit

What Makes a Good Simulated Phish?

Why Your Advanced Spam Filter Isn't Enough

Digging Deeper into IRS Phishing Attacks: How Do They Work and Who are the Scammers Behind Them?

Building a Business Case for Effective Security Awareness Training

2016 Phishing Trends & Intelligence Report: Hacking the Human

Backdoor found in popular Linux distro

5 Tips for Evaluating Phishing Simulation Solutions

#PHISHRAGE shirts at RSA USA 2016

Is Security Awareness Training a waste of your money?

Employees are going to get phished. Why even bother with awareness training?

The first spear phishing protection solution driven by real-world intelligence

Android.Trojan.Marcher - Conclusion

Android.Trojan.Marcher - Part Two

Android.Trojan.Marcher

Mobile Spyware: Who is Reading Your Text Messages and Why?

Supermarket Skimming, Loyalty Card Scams, VTech Hack Arrest, and more | TWIC - December 18, 2015

Understanding Bitcoin - the virtual currency of choice for cybercriminals and terrorists

Dorkbot Gets Disrupted, Script Kiddies Targeted, Abundance of Patches, and more | TWIC - December 11, 2015

Analyzing Bartalex – A Prolific Malware Distributor

Fuel Pump Skimming, Holiday Inbox Scams, Children Gadgets Hacked, and more | TWIC - December 4, 2015

PhishLabs Announces Plans for New Headquarters

PhishLabs Secures Investment, Builds on Success Protecting Against Spear Phishing

Encryption Debates, Holiday Shopping Security, Exploit Kit Increases, and more | TWIC - November 20, 2015

New Ransonware Techniques, Prison Phone Breach, Christmas Fraud Predictions, and more | TWIC - November 13, 2015

New Phish Kit Techniques, E-Commerce Scam Potential, Financial Extortion Increase, and more | TWIC - November 6, 2015

Spear Phishing Attack Intelligence

New Phish Kit Backdoor Techniques: "The Dufresne" and "The Vezzini"

Camera DDoS Attacks, New BEC Strategies, TalkTalk Hack Arrests, and more | TWIC - October 30, 2015

Scammers up Their Game with New BEC Attacks

Rapid Mitigation of Spear Phishing Attacks

High Schooler Hacks, Financial Security Weaknesses/Developments, Dark Web Pricing, and more | TWIC - October 23, 2015

Analyzing Spear Phishing Attacks

Stolen Military Information, ATM Fraud Prevention, Dridex Botnet Takedown, and more | TWIC - October 16, 2015

Detecting Spear Phishing Attacks that Slip Past Defenses

Social Engineering Attacks, End-to-End Encryption Laws, Experian Hack, and more | TWIC - October 9, 2015

Preventing Payload Delivery via Spear Phishing

Multiple Credit Card Breaches, Smartphone DDoS Attack, Developer Applications Targeted, and more | TWIC - October 2, 2015

Stolen Fingerprints, Cloud Security Tools, Target Breach Revealed, and more | TWIC - September 25, 2015

Introducing the Defensive Framework for Spear Phishing

Malware Free Hackers, Bluetooth Skimming, Charity Website Targeting, and more | TWIC - September 18, 2015

PhishLabs Named a Top-Performing Company

Health Insurance Hack, Firefox Bugs, Internet Satellite Hijacking, and more | TWIC - September 11, 2015

Did FFIEC guidelines curb account takeover? Survey says…

Going Beyond FFIEC Guidance, Lizard Squad DDoS, Big Hack Blackmail, and more | TWIC - September 4, 2015

DDoS Bank Attacks, Ashley Madison BEC Targeting, Dark Web Vulnerability, and more | TWIC - August 28, 2015

Financially-Motivated Targeting, White Hat Ethics, 15,000 Chinese Arrests, and more | TWIC - August 21, 2015

Financially-Motivated Advanced Targeting

Employee Targeting, Malicious ROM images, Darkhotel goes Global, and more | TWIC - August 7, 2015

PhishLabs Recognized in Inc. 5000 list for Second Consecutive Year

Advanced Targeting – The Name of the Game

Cloud Security, Malvertising on the Rise, Pentagon Hack, and more | TWIC - August 7, 2015

Texting Malware, PoS System Targeting, Sniper Rifle Hack, and more | TWIC - July 31, 2015

JP Morgan Arrests, Android Malware, Healthcare Threats, and more | TWIC - July 24, 2015

Flash Player Patches, Darkode Takedown, Disguised CryptoWalls, and more | TWIC - July 17, 2015

Hacking Team Hacked, Advances of Adversary TTPs, Cybercriminal Set Free, and more | TWIC - July 10, 2015

Drive-By Downloads, Zero-Day Exploitations, Personal Phishing Attacks, and more | TWIC - July 2, 2015

FBI Fraud Alert, Adobe Emergency Patch, Theme Park Breach Investigation and more | TWIC - June 26, 2015

FBI Fraud Alert: Business E-mail Compromise

Password Manager Breach, Phone Scams on the Rise, Hijacked Medical Devices and more | TWIC - June 19, 2015

New Spear Phishing Protection, IE Patch, Data Breach Containment, and more | TWIC - June 12, 2015

Announcing the Launch of the First Spear Phishing Protection Service

U.S. Gov't Breach, Mac Zero-Day Bug, Dyre Infections Double, and more | TWIC - June 5, 2015

Counterfeit Coupon Business, Healthcare Company Hacked, Bold Phishing Gang and more | TWIC - May 29, 2015

USB Driver Exposes Routers, Healthcare Data Breach, Intelligence Sharing and more | TWIC - May 22, 2015

New Phishing Campaigns Target Yahoo and Dropbox, Fraudsters Prey on Starbucks Accounts and more | TWIC - May 15, 2015

Rombertik Malware, Retail Data Breach Investigation, PoS Vendor Breach and more | TWIC - May 8, 2015

Casino Data Breach, Macro Malware Spike, Airline Bank Account Hacked and more | TWIC - May 1, 2015

Malware Hits Energy Sector, Risks for Insurers Rise, iOS Vulnerability and more | TWIC - April 24, 2015

Increased Upatre Activity, CoinVault Ransomware, PoS Malware Proliferates and more | TWIC - April 17, 2015

WordPress Vulnerability, AT&T Insider Breach, Crypto-ransomware and more | TWIC - April 10, 2015

Revolution Crimeware, Hosting Companies Hacked, Dyre Targets Enterprises and more | TWIC - April 3, 2015

Community Banks Targeted, Hotel WiFi Vulnerability, DDoS Trends and more | TWIC - March 27, 2015

Premera Data Breach, Ransomware Targets Gamers, SSL Patch and more | TWIC - March 20, 2015

Podec Malware, CS:GO Phishing, Facebook Vulnerability and more | TWIC - March 13, 2015

New POS Malware, Hotel Credit Card Breach, Windows Vulnerability and more | TWIC - March 6, 2015

DDoS Threat Advisory, Compromised cPanel Exploit Kit, Router Pharming Attacks and more | TWIC - February 27, 2015

DDoS Threat Advisory – SaaS Apps Vulnerable for Exploitation

Carbanak Banking Malware, State Tax Refund Fraud, Phone Spying and more | TWIC - February 20, 2015

Vawtrak Expands, Simplocker Ransomware, Mobile Malware and more | TWIC - February 13, 2015

Vawtrak’s expanding infrastructure

Internet Explorer Phishing Flaw, Anthem Data Breach, Critroni Ransomware and more | TWIC - February 6, 2015

Wire Transfer Scam Alert, New Bug Haunts Linux, ZeroAccess Botnet and more | TWIC - January 30, 2015

DDoS on the Rise, Spear-Phishing, Alleged Silk Road Operator Arrested and more | TWIC - January 23, 2015

DDoS on the rise: the AK-47 of cybercrime

Skeleton Key Malware, Park 'N Fly Data Breach, Crowti Ransomware and more | TWIC - January 16, 2015

CryptoWall Ransomware Defense, Bank DDoS Attack, Router Exploits and more | TWIC - January 10, 2015

Big data, big [illicit] business

Internet Systems Consortium Hacked, Malware on Steam Chat, Lizard Squad Arrests and more | TWIC - January 2, 2015

Top blog posts from PhishLabs: 2014 review

New Zeus Variant, Android Malware, ATMs Hacked and more | TWIC - December 26, 2014

Crimeware-as-a-Service, CryptoLocker, ICANN Spear Phishing, and more | TWIC - December 20, 2014

The unrelenting evolution of Vawtrak

Fraudsters take advanced fee scams to the next level

New Zeus Variant, Alibaba Marketplace Vulnerability, Poodle Bug Returns, and more | TWIC - December 14, 2014

One-man operation leverages phishing and browser alerts to distribute new variant of Zeus banking Trojan

Sony Hack, Zeus Malware, FIN4 Phishing Attacks and more | TWIC - December 6, 2014

Zeus malware distributed through browser warning: social engineering at its finest

PoS Malware, Adobe Emergency Update, ATM 'Wiretapping' and more | TWIC - November 28, 2014

Citadel Trojan Targets Password Managers, Microsoft Emergency Patch, Charities Targeted and more | TWIC - November 22, 2014

Cybercriminals abuse charities to verify stolen credit card data

New iOS Vulnerability, Postal Service Investigates Possible Breach, Microsoft Bug and more | TWIC - November 14, 2014

What can community banks and credit unions do to mitigate account takeover attacks?

4 reasons why authentication isn’t enough to stop account takeover

58 Million Email Addresses Stolen, New Mobile Malware, Contactless Payment Cards Vulnerability and more | TWIC - November 8, 2014

Phishing scams likely after 53 million email addresses stolen in Home Depot security breach

Major CMS Vulnerability, Chinese Espionage Group exposed, Chip Card Charges, and more | TWIC - October 31, 2014

Cyberespionage Phishing Attack, Backoff Malware Spreads, Retail Breach and more | TWIC - October 24, 2014

Think community financial institutions aren’t in the crosshairs for account takeover? Think again.

Shellshock Phishing Attacks, Windows Zero-day Vulnerability, Dropbox Hack and more | TWIC - October 17, 2014

As expected, Shellshock is being used for phishing attacks

Dyre Banking Trojan, Tyupkin ATM Malware, iWorm Botnet and more | TWIC - October 10, 2014

Enhancements to Dyre Banking Trojan

Shellshock, Unpatchable USB Malware, iOS virus and more | TWIC - October 3, 2014

Mitigating the Impact of Shellshock on Financial Institutions

Shellshock Bug, POS Breach, Hackers Target Medical and more | TWIC - September 26, 2014

Bash “Shellshock” Bug Rivals Heartbleed in Cyber Threat Severity

PhishLabs partners with VirusTotal

Retail Breach Impacts, Online Storefront Hack, DOD Contractors Targeted and more | TWIC - September 19, 2014

PhishLabs expands protection against malicious email spam

Cybercriminals Find POS Terminals Easy Prey

Peter Pan Phishing Scheme, Malware on Foreign-Policy Website, Hackers Target Healthcare Industry and more | TWIC - September 13, 2014

“Please Try Again” – Trending Tactics in Phishing

Vawtrak Gains Momentum, Retail & Nonprofit Data Breaches and more | TWIC - September, 5 2014

Vawtrak Gains Momentum and Expands Targets

Smash & Grab Attacks, Mozilla Leak, Dairy Queen Breach and more | TWIC - August 29, 2014

“Smash & Grab” cybercrime attacks have been active since mid-June

RAT Vulnerabilities Leaked, DDoS Activity Up and more | TWIC - August 22, 2014

Vulnerabilities found in Dendroid mobile Trojan

Lawsuit to Determine ATO Accountability, Blackphone Hacked and more | TWIC - August 15, 2014

Massive Data Breach Revealed, New POS Malware Identified and more | TWIC - August 8, 2014

ATO Fraud Explained, Neverquest Strikes, Cloud Seeded with Bots and more | TWIC - August 1, 2014

Banks Face Sophisticated Attacks, Hacker Attempts Blackmail, WSJ Breached and more | TWIC - July 25, 2014

Why ATO Is a Huge Problem, Gameover ZeuS Revives, Shylock Botnet Disrupted and more | TWIC - July 18, 2014

The 3 reasons why account takeover is still a big problem

New Commercial Malware for Sale, Zeus Evolves, Microsoft Apologizes and more | TWIC - July 14, 2014

ATO|Prevent: A new approach to curbing account takeover fraud

Phishing Attacks Surge in Q1 2014, Microsoft's Proactive Cyber Fight, and more | TWIC - July 3, 2014

APWG: Phishing Jumps 10.7% in Q1 of 2014

Banks, ePayments are Top Phishing Kit Targets, the Luuuk Banking Fraud Campaign, and more | TWIC - June 27, 2014

Banks, ePayment Services Top List of Phishing Kit Targets

P.F. Chang's goes vintage post-breach, Feedly fights DDoS extortion, and more | TWIC - June 13, 2014

GameOver Zeus Disrupted, Pro Carding Shop, NTP DDoS attacks, and more | TWIC - June 6, 2014

2014 US State of Cybercrime, Adios TrueCrypt, USPS Malware Lure Spam | TWIC - May 30, 2014

PhishLabs is an inaugural threat intelligence provider in Check Point's ThreatCloud IntelliStore

Blackshades goes down, Silverlight being exploited, Spike in SNMP DDoS | TWIC - May 23, 2014

Should financial institutions be concerned about Blackshades?

Targeted Wire Transfer Scam Aims at Corporate Execs

Target CEO Steps Down, Cyber Extortion, Twitterbot detection tool | TWIC - May 9, 2014

Vishing campaign hits dozens of banks, IE Zero-Day, Security vs Compliance Redux | TWIC - May 2, 2014

Vishing campaign steals card data from customers of dozens of banks

Phishing @Home, Verizon DBIR, Email Scam Steals Earnest Money | TWIC - April 25, 2014

Phishing @Home: Phishers set up sites on residential broadband hosts

Phishing up 60%, Chart-Topping Scam App, and... oh yeah, Heartbleed! | TWIC - April 11, 2014

Phishers expand their target list | APWG 2H2013 Global Phishing Survey

Phishing Takedown < Anti-Phishing < Phishing Protection

1,700+ Google Docs Phish, New FFIEC DDoS Guidance | The Week in Cybercrime - April 4, 2014

1,700+ Google Docs and Drive phishing scam sites currently active

New MitM attacks, Facebook's ThreatData - The Week in Cybercrime - March 28, 2014

New Man-in-the-Middle attacks leveraging rogue DNS

No more Full Disclosure, EA server used for phishing - The Week in Cybercrime - March 21, 2014

Two veteran cybercrime experts join PhishLabs

Inside the Phishing Ecosystem: Launching Phishing Attacks

ID theft protection not worth it? The Week in Cybercrime - March 14, 2014

Anti-Pharming 101: Countering Hosts File Pharming

Hackers deface phishing site by mistake, A/B testing for malicious email. TWIC - March 7, 2014

Inside the Phishing Ecosystem: Staging Phishing Attacks

ZeuS Variant targets SaaS, Impact of Tor and Bitcoin on cybercrime. TWIC - Feb 21, 2014

The Week in Cybercrime - February 14, 2014

Phishing attacks up 20 percent in latest APWG report

NIST releases new cybersecurity framework - initial thoughts

The Week in Cybercrime - February 7, 2014

The Week in Cybercrime - January 31, 2014

Anti-Pharming 101: What are pharming attacks?

How to stop a vishing or SMiShing attack (Part 1)

The Week in Cybercrime - January 24, 2014

The Week in Cybercrime - January 17, 2014

PhishLabs to speak at RSA USA 2014 on Rogue Mobile Apps

Phishing for bitcoins

What's next for DDoS defense?

Why phishing matters

Phishing site asks to upload image of their driver’s license and phone bill

PhishLabs presenting at the Anti-Phishing Working Group CeCOS conference

PhishLabs discovers Instagram phishing site

Fighting Corruption in Nigeria web site .. is a phish!

“Your ACH Transaction” spam leads to malware

PhishLabs at RSA 2011 USA

Avalanche hosted ZeuS Trojan disrupted

David Hasselhoff – anti-phishing educator?

Advancements in phishing redirector scripts

Rock moves to email attachments

Cleaning up from the Avalanche

PDF Viewer Spoof

Open formmailers won’t die

Top 10 Free Phish Kit Users

Evil Searching and Phishing

Acrobat 0-day used in targeted attacks

Phisher Email Address Harvesting Tools

The cost of open formmail scripts

CAIXA Brasil malware attack

Updated: AntiVirus backdoor tests

One Phish Kit – Three Indian Banks

Man-in-the-Server Phishing

ATM fraud – the “lebanese loop”

How AV software can stop phishing sites

Even the smartest phishers make mistakes

Phish Kit Distribution Sites

Phisher Tactics: “true logins” phishing kits