This week, the Department of Justice for the U.S. Attorney’s Office for the Northern District of Georgia announced the final of three sentences to be carried out by cybercriminals that plead guilty to carrying out phishing campaigns involving vishing and SMiShing. I’m proud to say that the apprehension and conviction of these criminals was supported in part by intelligence PhishLabs provided in cooperation with federal law enforcement officials.
Business email compromise (BEC) attacks are among the most effective forms of phishing in our modern world. Regardless of the technology in place, the social engineering involved easily will bypass it and can trick even trained users.
In our continued expansion and exploration of data from this year’s annual Phishing Trends and Intelligence report it’s time to take a closer look into free hosts. More specifically, the free hosts and domains that threat actors abuse in order to further distribute phishing attacks. While phishing sites that abuse free hosts don’t make up the majority, the use of them is increasing dramatically.
Topics: PTI Report
Our team is happy to announce that we have been named a Best Place to Work by SC Biz News in partnership with the South Carolina Chamber of Commerce and Best Companies Group.
This is the fourth consecutive year that we have been named to the list. The 2019 list is made up of 75 companies, and the full ranking is expected to be announced on August 1 of this year.
Topics: Company News
In the cyber security world, few research reports are more widely respected than Verizon’s annual Data Breach Investigations Report (DBIR).
As more of the web further embrace HTTPS and SSL certs, it’s becoming a requirement that threat actors use it, too. By the end of Q1 2019, more than half of all phishing sites have employed the use of HTTPS, now up to 58%. This is a major milestone and shows that threat actors actions often mirror that of the majority of users.
Today we are excited to announce the general availability of our enhanced Email Incident Response service. Email Incident Response detects, prevents, and automatically responds to threats that bypass email security technology.
Topics: Email Incident Response
If you have ever worked for an organization that uses Microsoft-based systems, there is a high likelihood that your IT or security team has implemented a policy that occasionally forces you to create a new password. Years ago it was every three months, then every two, and so on. This policy was heavily encouraged by Microsoft, but as of May of this year, they have reversed course.
The risk of a user receiving a phishing attack is higher than ever, and technological solutions often miss the most devastating of them.