The PhishLabs Blog

How and Why the Phishing Threat Landscape Has Changed

Posted by Lindsey Havens on Mar 24, '17

Over the last decade phishing has exploded. Volume has increased every year, with threat actors reliably focusing the majority of their efforts on the same five or six industries.

It was a serious threat, of course, but it had become somewhat… predictable.

But in 2016, some major changes occurred. In just 12 months, the entire phishing landscape shifted.

Read More

Topics: Phishing, Phish Kit, Ransomware, PTI Report

Anatomy of a Phishing Attack: How Phish Kits Evolved in 2016

Posted by Lindsey Havens on Feb 23, '17

At this point, most organizations are already aware of phishing. No matter what industry you’re in, phishing is one of the top cyber threats you’ll face in 2017.

But for most people, the threat actors responsible for phishing attacks are something of a mystery. They picture a faceless, hooded specter, hidden somewhere in the dark recesses of the Internet.

Read More

Topics: Phishing, Phish Kit, PTI Report

Technical Dive into a Hardened Phish Kit

Posted by King Salemno on Apr 5, '16

 Many of the cybercriminals behind some of the most devastating cyber-attacks used phishing as the initial attack vector. At PhishLabs, we maintain a massive repository of phish kits that we continually analyze for intelligence about phishing tactics and techniques.  The complexity and sophistication of these kits vary greatly.

Read More

Topics: Phishing, Malware, Phish Kit, Hacker Tools

Digging Deeper into IRS Phishing Attacks:  How Do They Work and Who are the Scammers Behind Them?


Recently, the media has been exploding with articles noting a massive increase in tax fraud phishing scams. The IRS publicly announced that they had seen a 400 percent increase in phishing incidents so far this year targeting taxpayers. Phishing is even on the IRS’ “Dirty Dozen” list of scams for the 2016 tax season.

Read More

Topics: Phishing, Fraud, Phish Kit, Spear Phishing, IRS Phishing Attacks

New Phish Kit Techniques, E-Commerce Scam Potential, Financial Extortion Increase, and more | TWIC - November 6, 2015

Posted by Lindsey Havens on Nov 6, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Phishing, PhishLabs, Exploit, Strategy, Phish Kit, The Week in Cybercrime, Data Breach, Botnet, Hacked, BEC, Breach

New Phish Kit Backdoor Techniques: "The Dufresne" and "The Vezzini"


The market for pre-made phishing kits is thriving.  Think of a financial institution, email provider, or e-commerce site and someone somewhere has undoubtedly created a pre-packaged collection of the files necessary to create a fictitious site designed to obtain personal and financial information from unsuspecting victims.  These kits are often sold in Dark Web marketplaces or underground hacking forums, but they are also commonly distributed for free on various social media sites.

Read More

Topics: Phishing, Threat Analysis, Phish Kit

Employee Targeting, Malicious ROM images, Darkhotel goes Global, and more | TWIC - August 7, 2015

Posted by Lindsey Havens on Aug 14, '15

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Phishing, Malware, PhishLabs, Phish Kit, Hacker Tools, The Week in Cybercrime, Account Takeover, Hacked, Spear Phishing, Spear Phishing Protection, Breach

Banks, ePayment Services Top List of Phishing Kit Targets


Over the last month, PhishLabs analyzed nearly 9,000 phishing kits and variants available on compromised and clandestine servers, file sharing services, underground scammer forums, and various user-generated content sites such as blogs. 

The following chart displays a breakdown of phishing kits we analyzed, based on the type of brand targeted. Financial Institutions, ePayment & Money Transfer Services, Social Networking Sites, and Email Services were the brand categories most frequently targeted by phishing kits, representing a combined 77% of kits analyzed.

Read More

Topics: Phishing, Threat Analysis, Threat Intelligence, Phish Kit

Inside the Phishing Ecosystem: Launching Phishing Attacks

Posted by Stacy Shelley on Mar 18, '14

In a previous post, I explored how fraudsters go about staging phishing attacks. This post reviews how, once staged, phishing attacks are launched.

With the phishing site now staged and active, the cybercriminal needs to trick customers of the targeted institution into visiting the site and divulging credentials and other sensitive information. This means:

  • setting up an emailer (or spamming tool)
  • gathering a list of target emails
  • crafting convincing phishing email messages.
Read More

Topics: Phishing, Fraud, Phish Kit

Inside the Phishing Ecosystem: Staging Phishing Attacks

Posted by Stacy Shelley on Mar 7, '14

At its highest level, the phishing process consists of staging an attack, launching it, collecting stolen credentials, and monetizing them. Today’s phishers use a range of tools to carry out their attacks. These tools are available for free or may be purchased in underground markets. More advanced phishers may build their own tools and incorporate layers of automation that further reduce the effort and costs required from start to finish. 

Today's post focuses on staging a phishing attack. To stage a phishing attack, fraudsters need two basic things:

  • The files to make a phish site (HTML, images, style sheets, javascript, PHP programs, etc.).
  • A website where the phish site can be hosted.
Read More

Topics: Phishing, APWG, Phish Kit

   

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Upcoming Events

Calendar_Mock_

Posts by Topic

see all