The PhishLabs Blog

FFIEC issues new guidance on mobile risks

Posted by Stacy Shelley on May 2, '16

This past Friday, the Federal Financial Institutions Examination Council (FFIEC) released new guidance to banks, credit unions, and other financial institutions regarding mobile financial services (MFS). These are the services that institutions provide to their customers through mobile devices, such as electronic payments, remote deposits, mobile apps, etc.

Read More

Topics: ATO, Mobile, Compliance, FFIEC

Fraudster Phishing Users with Malicious Mobile Apps

Posted by Joshua Shilko on Apr 25, '16

Since the beginning of 2016, PhishLabs has observed a number of malicious mobile applications targeting users of popular payment card companies and online payment sites.  These attacks combine traditional, browser-based phishing attacks with the mobile platform in order to create convincing mobile applications. These applications claim to afford the user access to their accounts directly from their mobile device; however, their only functionality is the capability to collect credentials and personal information and deliver that stolen information to the attacker. Our research has indicated that these malicious applications have been created by the same actor or group of actors.

Read More

Topics: Phishing, Brand Abuse Lure, Mobile

Mobile Spyware: Who is Reading Your Text Messages and Why?

Posted by Jason Davison, Threat Analyst on Jan 14, '16

Find me on 

PhishLabs has recently discovered and analyzed a malicious mobile application that is being actively distributed via a SMiShing (phishing via text message) campaign which attempts to hijack two-factor authentication (one time password) by viewing the victim’s SMS messages.

Read More

Topics: Mobile, Spyware

   

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Upcoming Events

Calendar_Mock_

Posts by Topic

see all