The PhishLabs Blog

PhishLabs is monitoring a multi-stage phishing campaign that impersonates government entities and telecoms to target financial institutions and their customers. The threat actor behind the attacks has been designated Royal Ripper. The initial stage of the attack harvests personal information and the sort code of the victim’s bank. It then uses the sort code to redirect the victim to a second phishing site that poses as their bank. This progression allows the threat actor to use a non-banking lure to draw in victims and ultimately steal their online banking credentials. 

Topics: Digital Risk Protection

Social media is rapidly growing as a preferred channel for threat actors targeting enterprises with malicious campaigns. Half of the global population uses social media, and a post containing sensitive data or impersonating a high-level executive can be shared instantly, for 3.8 billion people to see. 

Topics: Social Media Threats

The digital presence of today's enterprise looks very different than it did earlier in the year. The COVID-19 pandemic is forcing rapid change on how many businesses use technology. From transitioning to remote workforces to delivering new online services, digital transformation initiatives that would normally span years are happening in weeks and months. Under these conditions, the likelihood of experiencing a major incident due to data leakage is very high. So much so that a recent Gartner Emerging Technologies Report highlighted data leakage as a primary concern. 

Topics: Data Breach, Digital Risk Protection, Data Leak Detection, Data Leakage

Driven by expanding use cases, approachable intelligence, and the incorporation of premium services, demand for Digital Risk Protection Services (DRPS) has grown over the last 12 months and continues to increase.

Topics: Digital Risk Protection, DRP, Gartner

On Tuesday afternoon, dozens of high-profile Twitter accounts were hijacked to promote cryptocurrency scams. Threat actors took over the accounts of Elon Musk, Bill Gates, Barack Obama, Jeff Bezos, and many others. Corporate Twitter accounts were also hijacked, including those belonging to cryptocurrency companies. What does this mean for enterprises and their security teams?

Topics: Account Takeover, Social Media Monitoring, Digital Risk Protection, Social Media Threats, executive impersonation

Digital Risk Protection has emerged as a critical new capability for security teams. It protects critical digital assets and data from external threats across surface, dark, and deep web sources.

Topics: Digital Risk Protection, DRP, Gartner

Threat actors are masquerading as executives on social media for purposes of stealing credentials and damaging popular brands.  Today, many executives have accounts on these platforms to network as well as post content promoting their companies.

Topics: Social Media Threats

Since 2015, PhishLabs has and continues to track how threat actors abuse HTTPS or SSL certs. In particular, threat actors often use HTTPS on their phishing sites to add a layer of legitimacy, better mimic the target site in question, and reduce being flagged or blocked from some browsers. 

Topics: APWG, https