Nation states. Hacktivists. Cyber criminals.
By now, just about everyone has heard about the massive Equifax data breach. It exposed the sensitive personal information of more than 143 million consumers (nearly half of all Americans) and has been spread across headline after headline since it was first announced on September 7th.
There have been plenty of reports and advisories published since then with guidance for individuals affected. The FTC issued a useful list of steps that victims can take to reduce the risk of their information being abused, many of which could simply be copy/pasted given how frequent and common breaches of this scale have become. Set up fraud alerts, check your credit report for free, sign up for monitoring, freeze your credit files with the major credit bureaus, keep a close eye on financial statement for any unusual activity, etc.
While those are all good steps to take, we should also consider the implications when it comes to phishing.
Unless you've had your head buried firmly in the sand for the past few days, you’ll already have heard of WannaCry, the latest in an ongoing deluge of ransomware strains.
Since the attack started last Friday over 230,000 computers have been infected across 150 countries, with high profile victims including Telefónica, Britain’s National Health Service (NHS), FedEx, Deutsche Bahn, and LATAM Airlines.
And if you’ve been following the story, you’ll know all sorts of people have been getting involved. With slightly confusing (and sometimes contradictory) reports surfacing in news outlets all over the world, we thought we’d take a few moments to explain what is (and isn’t) currently known about WannaCry, and what you can do to minimize your organization’s risk of infection.
Earlier today, news broke of a new WannaCry version propagating at a rate unseen before for ransomware. The initial infection vector (phishing, malvertising, etc.) is unknown at this time, but once inside the network it spreads rapidly by scanning for and exploiting Windows systems vulnerable to the NSA-crafted SMB exploits that were recently published by ShadowBrokers. In doing so, WannaCry is spreading well-beyond the initially-infected system and crippling networks.
On behalf of the PhishLabs R.A.I.D., I'm proud to announce that the 2017 Phishing Trends & Intelligence Report has been released. As with last year's edition, the report provides first-hand, in-depth view of the events and trends that are shaping the phishing threat landscape. It provides insight into the major trends, tools, and techniques used by threat actors to carry out phishing attacks. It also provides the context and perspective needed to understand why these changes are happening.
By bagging a privileged user early on, attackers can move from entry point to mission accomplished in no time at all.
You’ve done it.
After months of nagging, security awareness training, and constant reminders, your employees have started reporting phishing emails. Take a moment to pat yourselves on the back, because this is no mean feat.
But… now what? What do you actually do with all these reported emails?
Today we published the 2016 Phishing Trends & Intelligence Report: Hacking the Human. We are proud that this report uniquely provides a first-hand, in-depth view of phishing directly from the continuous work PhishLabsTM does to fight back against phishing attacks and the threat actors behind them.
It was researched and written by our very own PhishLabs R.A.I.D.TM (Research, Analysis, and Intelligence Division), which is made up of some of the world’s most respected threat researchers. The information and analysis in this report came directly from our operations and the technology systems we use to fight back against phishing attacks. We analyzed more than one million confirmed malicious phishing sites in 2015, residing on more than 130,000 unique domains.