Recent Posts

Recent Blog Posts

The PhishLabs Blog

Phishing Volume Continues to Rise

Posted by Elliot Volkman on May 2, '19

Back in the olden days of the internet, when AOL’s dial-up connection still made horrible sounds prior to getting you access to your inbox, phishing attacks were born. Somewhere in the mid-1990s, internet-based social engineering attacks were born and designed to capture credentials on AOL by way of a program called AOHell, and expanded on to stealing credit card numbers or other private accounts. That was nearly 25 years ago, yet to this day, social engineering-based attacks still happen, and in more mass than ever before.

Read More

Topics: PTI Report

The Most Common Types of Reported Emails

Posted by Elliot Volkman on Apr 25, '19

There are all sorts of things that end up in your inbox, but among those that are reported to a SOC or security team, malicious content only makes up a small percent. Among the analysis provided in this year’s annual Phishing Trends and Intelligence (PTI) report, we added a new section based on data from our Phishing Incident Response team.

Read More

Topics: PTI Report, Phishing Incident Response

2019 Phishing Trends & Intelligence Report: The Growing Social Engineering Threat

Posted by Elliot Volkman on Apr 16, '19

Phishing has and will continue to be a threat to anyone connected to the web. This is a fact set in stone, and regardless of advancements in technology, social engineering will allow these attacks to continue to be successful.

Read More

Topics: PTI Report

5 Tips for Smarter Detection and Collection of Digital Risks

Posted by Elliot Volkman on Mar 26, '19

Recently, our Director of Product Management, Cary Hudgins, discussed how to develop a digital risk protection plan for the modern enterprise. One of the many reasons why such a plan should be created is because, in today’s world, an enterprise organization’s digital footprint can be vast and will continue to grow.

Read More

Topics: Digital Risk Protection

Brain-Hacking Part 2: Ain’t Nobody Got Time for That!

Posted by Michael Tyler on Mar 19, '19

Taking Advantage of Our Tendency to Simplify

There’s an old joke floating around the Internet that claims NASA, upon discovering that standard ballpoint pens would not work in space, invested millions of dollars and years of R&D. The resulting pen was supposedly capable of writing in zero-G, on any surface, and in temperatures that would surely kill any astronaut. When confronted with the same problem, the Soviets simply handed their cosmonauts pencils.

Read More

Topics: Psychology, social engineering

Romanian Vishing/SMiShing Threat Actors Plead Guilty

Posted by Elliot Volkman on Mar 15, '19

In May of 2018, we reported on three Romanian threat actors who were extradited to the U.S. for their involvement in a SMiShing and Vishing fraud scheme. At the time of reporting, the expected losses were listed around $18 million but have since risen to more than $21 million.

Read More

Topics: Vishing, SMiShing

It Only Takes One to Detect or Infect

Posted by Bart Collida on Mar 5, '19

It’s time to take action against phish! Phishing attacks are no longer few and far between, they are the norm.

Regardless of your company’s investments in filtering technologies and countermeasures, suspicious and malicious emails make it into employee inboxes. It only takes one to cost your company time, money, and lost reputation.

Read More

Topics: security awareness training, Phishing Incident Response

This message is from a trusted sender, or is it?

Posted by Michael Tyler on Feb 26, '19

We’ve previously reported on how, due to the rise in phishing attempts leveraging SSL certificates, the  icon in your web browser gives your users a false sense of security. The threat, however, doesn’t end with your web browser.

Read More

Brain-hacking: Why Social Engineering is so effective

Posted by Michael Tyler on Feb 19, '19

You are affected by social engineering tactics every day.

Read More

Topics: Psychology, social engineering

Hiding in Plain Sight: How Phishing Attacks are Evolving

Posted by Sean Bell on Feb 7, '19

Phishing attacks are supposed to be visible. If you can’t see them, how could anyone possibly fall for them? Since the dawning of time for phishing attacks there has been a constant struggle between the threat actors creating phishing sites and the individuals and organizations combating them.

Read More

Topics: Phishing Incident Response

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all