PhishLabs is investigating multiple online scams involving news about Hurricane Matthew. Some of these scams are using news of the hurricane to distribute malware via email attachments and malicious links. Other scams are posing as charities and are requesting relief donations. Individuals should be on high alert and be suspicious of any online communication that mentions Hurricane Matthew.
Today we announced a new solution that I believe will transform how organizations counter spear phishing attacks. We call it T2 Spear Phishing Protection, and it takes advantage of our deep insight into phishing attacks to prepare organizations for the real-world attacks they're most likely to be targeted with, and then mitigate those attacks before damage is done. To do this, it enlists employees in the defensive network and uses our 24/7 SOC to analyze and respond to threats.
Topics: Company News
I am pleased to announce that this week at Gartner's Security and Risk Management Summit, we are unveiling our new around-the-clock Spear Phishing Protection service that combines advanced technology and human expertise to disrupt targeted attacks before compromise.
I'm very excited to announce that we've launched a new, comprehensive service for community banks and credit unions that goes beyond internal anti-fraud controls to stop account takeover. It's called ATO|Prevent, and we developed it because it's plainly evident that these defensive controls no longer pose a major barrier to cybercriminals seeking to takeover online banking accounts and carry out fraud.
In fact, we believe that just playing defense against these attacks is a losing battle. The simple truth is that you aren't going to win many fights if you don't fight back. That's why we created ATO|Prevent -- to proactively fight on the behalf of banks and credit unions against the attacks that lead to account takeover fraud.
Vishing is alive and well -- and impacting midsize banks
Multiple recent vishing attacks (Voice over IP phishing) have been stealing payment card data from the customers of U.S. banks. In an attack last week, customers of a midsize bank received SMS text messages claiming their debit card was deactivated and requesting they provide the card and PIN numbers to reactivate it.
PhishLabs investigated the attack and uncovered a cache of stolen payment card data belonging to customers of dozens of financial institutions. Based on analysis of the recovered cache, we estimate the vishing crew responsible for the attack has stolen the data of 250 cards per day in this vishing campaign. Further investigation also indicated that one of the phone numbers used in the campaign has likely been used in vishing attacks since October of 2013.
Phishing is a prevalent problem for businesses, particularly financial institutions. Over the years, many services have emerged to help organizations address phishing attacks that are targeting their customers' accounts. When seeking solutions, businesses find they have several options to choose from. These fall into three categories:
- Phishing takedown services
- Anti-phishing services
- Phishing protection services
These categories may seem interchangeable, but there are some key distinctions between them that make a big difference.
On behalf of the PhishLabs team, I am very excited to announce that two senior cybercrime experts have joined us in the fight against cybercrime.
Don Jackson is a veteran cybercrime expert with extensive experience researching and investigating advanced cybercrime malware. As the discoverer of the Gozi Trojan and one of the foremost authorities on modern banking Trojans such as ZeuS and Citadel, Don is a recognized thought leader in the industry and is frequently featured in major media outlets for his expertise.