Recent Posts

Recent Blog Posts

The PhishLabs Blog

COVID-19 Phishing Update: Campaigns Exploiting Hope for a Cure

Posted by Jessica Ellis on Mar 24, '20

We continue to see a wide range of lures exploiting coronavirus fears. In this post, we take a look at three recently observed lure samples that use the possibility of a cure to entice victims.

We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic.

Read More

Topics: COVID-19

COVID-19 Phishing Update: Insurance Coverage Lures

Posted by Jessica Ellis on Mar 23, '20

As COVID-19 cases have further spread over the past few weeks, our team has come across new lures that target an individual’s fear of coronavirus as it relates to their health insurance coverage. Both examples lead to malicious sites that attempt to steal Microsoft Office 365 login credentials.

Read More

Topics: COVID-19

COVID Phishing Update - Coronavirus wants your Bonus, too

Posted by Jessica Ellis on Mar 19, '20

A few weeks ago we noted some early examples of Coronavirus phishing campaigns. Since then, the pandemic has spread and we’ve seen a dramatic uptick in COVID-19-themed malicious activity, with everything from domain registration to phishing emails and even malware campaigns. Going forward, we will be publishing more examples as we find additional methods cybercriminals are using to exploit the crisis.

Read More

Topics: COVID-19

Evasion Techniques: User-Agent Blocking

Posted by Trey George on Mar 12, '20

Recently we highlighted one of the most common evasion techniques employed by threat actors in order to keep a phishing site online: geoblocking, or blocking by location. However, many other techniques exist, some that are more subtle and make it more difficult for unwanted visitors to view a site. One such method is used to thwart unintended parties - bots, analysts, hosting providers, etc. - when they are not using the appropriate device: blocking by user-agent.

Read More

Topics: Phishing, Threat Intelligence, Email Incident Response

How Threat Actors are Abusing Coronavirus Uncertainty

Posted by Sean Bell on Mar 6, '20

By this time, most everyone in the world has heard about COVID-19, a global outbreak that is commonly referred to as the Coronavirus. With growing fear and a lack of information, the stock markets have dropped to lows we haven’t seen in years, and organizations everywhere are putting together contingency plans. Like most global events, this scenario creates a perfect opportunity for threat actors to abuse the situation.

Read More

Topics: Phishing, Email Incident Response

APWG Year-End Report: 2019 A Roller Coaster Ride for Phishing

Posted by Tricia Harris on Mar 3, '20

The latest Phishing Activity Trends Report from the Anti-Phishing Working Group (APWG), which compiles insights from member companies, announced that the year-end number of reported phishing websites for 2019 reached a record high. Most menacing; however, are the trends of phishing gangs targeting users of web-hosted email, social media, and business email compromise (BEC) attacks that show increasing sophistication.

By most measures, the APWG states, "2019 was one of the most dangerous years on record for online users."

Read More

Topics: APWG, BEC, https, social media

Evasion Techniques: Geoblocking by IP

Posted by Trey George on Feb 20, '20

In order to increase the lifespan of their campaigns, most threat actors implement evasion techniques to keep their activity from being detected by defenders and their intelligence tools. In this blog post, we'll take a look at how geoblocking by IP is used.

Read More

Topics: Phish, blocking, geoblocking

Breakfast, Lunch, and Bourbon at RSA Conference 2020

Posted by Stacy Shelley on Feb 11, '20

Heading to RSA in a few weeks? If you are, be sure to spend some time with PhishLabs while you're there. This year we are hosting several events for security leaders and practitioners. Come relax with a glass of quality bourbon, get a break from the crowds, catch up with old friends, and make some new ones.

Read More

Social Media Phishing: Beyond Credential Theft

Posted by Elliot Volkman on Jan 31, '20

In the past few weeks, our team highlighted how social media is abused by threat actors seeking to steal credentials and to administer phishing attacks. While these are both two of the most prominent cybersecurity threats distributed through social media, there are some other tactics in play, too.

Read More

Why You Should Take Social Media Account Takeover as Seriously as a BEC Attack

Posted by Stacy Shelley on Jan 24, '20

Social media account compromise is nothing new. If you haven’t had an account hacked in the past, most of us know someone who has. According to a study by the University of Phoenix, almost two-thirds of US adults have had at least one social media account hacked. Another report found that 53% of social media logins are fraudulent.

Read More

Topics: social media, Digital Risk Protection

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all