Recent Posts

Recent Blog Posts

The PhishLabs Blog

What is Digital Risk Protection?

Posted by Stacy Shelley on Oct 15, '20

Today’s enterprise attack surface is not limited to the corporate network. In fact, the network is just a small slice. When it comes to deciding how and where to attack an enterprise, threat actors have ample opportunity beyond the network perimeter. As a result, enterprises are investing in operational capabilities to detect and respond to external threats across the digital risk landscape. This is Digital Risk Protection (DRP).
Read More

Topics: Digital Risk Protection, DRP

Digital Risk Protection vs. Threat Intelligence

Posted by John LaCour on Oct 9, '20

Digital Risk Protection (DRP) continues to gain momentum and attention among CISOs and security professionals. DRP, an operational security function once classified under Threat Intelligence (TI), has been elevated by the Gartner Hype Cycle and other analyst research as an emerging security function that security teams rely on to address multiple external cyber threat use cases. Many enterprises get tremendous value from DRP every day, but for those who are unfamiliar, read on to learn what DRP is, how it differs from TI, and how it can help protect your digital assets from external threats.
Read More

Topics: Threat Intelligence, Digital Risk Protection, DRP

How to Take Down Social Media Threats

Posted by The PhishLabs Team on Oct 6, '20

Threat actors increasingly use social media to attack brands, VIPs, and customers. The types of threats on these platforms are diverse and each social network has different policies in place for how they respond to reported attacks. As a result, mitigating threats on social media can be a frustrating and time-consuming process for security teams. In this post, we break down some common social media threat types and the evidence needed to remove them.  
 
Read More

Topics: Social Media Threats

Social Media Intelligence: Cutting Through the Noise

Posted by The PhishLabs Team on Oct 2, '20

Social media is rapidly becoming the preferred online channel for threat actors. Almost four billion people use some form of social media, and organizations are increasingly reliant on company pages, executive presence, and positive customer interaction to build a strong brand. As a result, a malicious post or tweet can cause irreversible damage to an enterprise. 
Read More

Topics: Digital Risk Protection, Social Media Threats

APWG: SSL Certificates No Longer Indication of Safe Browsing

Posted by Jessica Ellis on Sep 28, '20

The Anti-Phishing Working Group (APWG) has released its Phishing Activity Trends Report analyzing phishing attacks and identifying theft techniques reported by its members for Q2 of 2020. Key highlights of the report include a significant increase in wire transfer loss attributed to business email compromise (BEC) attacks and a 20% increase in BEC attacks targeting the social media sector. In addition, the observed emergence of phishing sites using Extended Validation (EV) Certificates in Q2 is a stark reminder that phishers are increasingly turning security features against users. 
Read More

Topics: Phishing, APWG, BEC, business email compromise, social media, Domains

Royal Ripper: Multi-Stage Phishing Attack Adapts to Victim Input

Posted by The PhishLabs Team on Sep 24, '20

PhishLabs is monitoring a multi-stage phishing campaign that impersonates government entities and telecoms to target financial institutions and their customers. The threat actor behind the attacks has been designated Royal Ripper. The initial stage of the attack harvests personal information and the sort code of the victim’s bank. It then uses the sort code to redirect the victim to a second phishing site that poses as their bank. This progression allows the threat actor to use a non-banking lure to draw in victims and ultimately steal their online banking credentials. 
Read More

Topics: Digital Risk Protection

Navigating Social Media Threats : A Digital Risk Protection Playbook

Posted by Jessica Ellis on Sep 2, '20

Social media is rapidly growing as a preferred channel for threat actors targeting enterprises with malicious campaigns. Half of the global population uses social media, and a post containing sensitive data or impersonating a high-level executive can be shared instantly, for 3.8 billion people to see. 
Read More

Topics: Social Media Threats

Data Leaks in 2020: Accelerated Digital Transformation Exposes Enterprises

Posted by Jessica Ellis on Aug 20, '20

The digital presence of today's enterprise looks very different than it did earlier in the year. The COVID-19 pandemic is forcing rapid change on how many businesses use technology. From transitioning to remote workforces to delivering new online services, digital transformation initiatives that would normally span years are happening in weeks and months. Under these conditions, the likelihood of experiencing a major incident due to data leakage is very high. So much so that a recent Gartner Emerging Technologies Report highlighted data leakage as a primary concern. 
Read More

Topics: Data Breach, Digital Risk Protection, Data Leak Detection, Data Leakage

Gartner Releases Emerging Tech Report: Critical Insights into Digital Risk Protection

Posted by Tricia Harris on Aug 4, '20

Driven by expanding use cases, approachable intelligence, and the incorporation of premium services, demand for Digital Risk Protection Services (DRPS) has grown over the last 12 months and continues to increase.

Read More

Topics: Digital Risk Protection, DRP, Gartner

Account Takeover Attacks Cause Chaos @ Twitter

Posted by Stacy Shelley on Jul 16, '20

On Tuesday afternoon, dozens of high-profile Twitter accounts were hijacked to promote cryptocurrency scams. Threat actors took over the accounts of Elon Musk, Bill Gates, Barack Obama, Jeff Bezos, and many others. Corporate Twitter accounts were also hijacked, including those belonging to cryptocurrency companies. What does this mean for enterprises and their security teams?
Read More

Topics: Account Takeover, Social Media Monitoring, Digital Risk Protection, Social Media Threats, executive impersonation

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all