Recent Posts

Recent Blog Posts

The PhishLabs Blog

Active TrickBot Campaign Observed Abusing SendGrid and Google Docs

Posted by Michael Tyler on Nov 26, '19

PhishLabs has observed an active TrickBot campaign targeting the employees of multiple organizations. Trickbot is a sophisticated successor of the Dyre Banking Trojan. It uses an intricate network of command and control servers (C2), web injects, and customized redirection attacks that leverage HTML or JavaScript injections to target numerous financial institutions across many geographies and language zones.

Read More

Topics: Banking Trojan, TrickBot

Marketing Teams Are Not Equipped to Monitor Social Media Threats

Posted by Elliot Volkman on Nov 22, '19

Every second, 5,787 tweets are published. Every minute, 300 hours of video are uploaded to YouTube. These are just two of the more popular social networks, and among these data points are the occasional references to a specific organization, its brands, and even customers or employees.

Read More

Topics: Social Media Monitoring, Digital Risk Protection

Active Office 365 Credential Theft Phishing Campaign Targeting Admin Credentials

Posted by Michael Tyler on Nov 14, '19

PhishLabs has detected attempts to compromise Microsoft Office 365 administrator accounts as part of a broad phishing campaign. In the campaign, the threat actor(s) delivered a phishing lure that impersonated Microsoft and their Office 365 brand but came from multiple validated domains - an educational institution for example - not belonging to Microsoft. If the victim clicked the link, they were presented with a spoofed login for Office 365.

Read More

Topics: Email Incident Response, SOAR, Office 365

APWG: Two-Thirds of all Phishing Sites Used SSL protection in Q3

Posted by Elliot Volkman on Nov 14, '19

This week, APWG released its findings from Q3 that compiles insights from their member companies and provides an analysis of how phishing is changing. The key findings from the latest report show that phishing attacks continued to rise throughout the year, 40% of BEC attacks involve domains registered by the threat actor, and now more than two-thirds of all phishing sites are using SSL certs or HTTPS.

Read More

Topics: APWG, https

Social Media Account Takeover is as Vicious as a BEC Attack

Posted by Elliot Volkman on Nov 7, '19

At the height of social media adoption, users willingly shared everything from the lunch they just ate to the exact places they visited throughout the day. While some of this has been reduced as consumers learned how sharing private information could impact their privacy, many people still hide these kinds of updates behind basic security controls. This is just one of the reasons that a flurry of activity has slid into people’s DMs, and led to the $19 billion dollar sale of Whatsapp, $1.7 billion raised by Telegram, and longevity of Snapchat.

Read More

Recap: How to Proactively Protect Users with Email Incident Response

Posted by Jessica Ellis on Oct 31, '19

This year organizations are estimated to have spent more than $124 billion on security, yet phishing attacks continue to bypass email security technology. Is it possible to proactively stop threats that would otherwise make it past your infrastructure? If you attended our most recent webinar, you know the answer is yes.

Read More

Don’t Respond to Suspicious Emails

Posted by Dane Boyd on Oct 29, '19

Sometimes when sending phishing simulations to our clients, we setup a reply-to address to see if people will reply to suspicious emails and many do.

Read More

Topics: security awareness training, Cyber Security Awareness Month, NCSAM

Best Practices for Defanging Social Media Phishing Attacks

Posted by Stacy Shelley on Oct 25, '19

Social media-based phishing attacks have taken off in a big way.

According to some estimates, social media now accounts for as much as 5% of all phishing attacks globally. When you consider that phishing volume has grown consistently every year for more than a decade (up 40% last year alone), that 5% constitutes a lot of attacks.

Read More

More Bees with Honey? Reinforcement vs. Punishment in a Security Training Program

Posted by Kimber Bougan on Oct 22, '19

Ambassadors of security training programs often struggle with the most effective way to drive success. The ultimate purpose of these programs is to change employee behavior and create a more secure organization.

Read More

Topics: security awareness training, NCSAM

Beware of Account Takeover

Posted by Dane Boyd on Oct 15, '19

One way to verify if an email is legitimate is to look at the sender’s address, the actual sender’s address, not just the sender’s name. One tactic cyber criminals employ is using the sender’s name to trick the recipients.

Read More

Topics: security awareness training, Cyber Security Awareness Month, NCSAM

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all