Recent Posts

Recent Blog Posts

The PhishLabs Blog

Phishing Around the World: How Attack Volume Grew in the Last Year

Posted by Amanda Kline on Jun 21, '18

Earlier this year we released our annual Phishing Trends and Intelligence report, which highlights how the phishing landscape has evolved over the past year.

Read More

Topics: Phishing, Phishing Trends and Intelligence Report,, PTI Report

Is it a Phish? Slightly Delayed Mother’s Day Edition

Posted by Elliot Volkman on May 18, '18

Wait, Mother’s Day was last week? We promise, we didn’t forget, but we did have just a tiny bit of news to announce and that took center stage. But we’re back, and we’re shaking things up!

Read More

Topics: Phishing, BEC, Is it a phish?

Two Romanian Threat Actors Extradited to US After $18M Fraud Scheme

Posted by Elliot Volkman on May 15, '18

One of the most frustrating things about cyber crime is how rarely threat actors receive real punishment, particularly when they’re based abroad.

Read More

Topics: Phishing, Threat Intelligence, Vishing, SMiShing

Credential Phishing: The Shift to Enterprise

Posted by Elliot Volkman on May 1, '18

Last week we published the 2018 Phishing Trends and Intelligence report and presented on the topic during a webinar, and the primary key finding highlighted why enterprise organizations are now the primary target over consumers. The following is a high level look at what our Director of Threat Intelligence, Crane Hassold, discussed during the webinar.

Read More

Topics: Phishing, PTI Report, Webinar

Is it a Phish: Friday, April 27, 2018

Posted by Elliot Volkman on Apr 27, '18

This week we have our office manager Bri, and five suspicious emails to address. Like you, Bri will only have a few moments to quickly look at the lure and decide if it’s suspicious and should be reported, is safe, or is simply spam. We may have a few curve balls along the way, too.

Read More

Topics: Phishing, Lure, Is it a phish?

PTI 2018: The Rising Risk for SaaS

Posted by Elliot Volkman on Apr 26, '18

For years the financial industry and email providers have been the top targeted industries, making up more than 50 percent of the total pie. In 2017, this was certainly still the case, but there is a new rapidly rising threat to the software as a service (SaaS) space as well. 

Read More

Topics: Phishing, PTI Report, saas

Is It a Phish? April 20 Edition

Posted by Elliot Volkman on Apr 20, '18

As you are aware, phishing is certainly not a new cyber threat, yet it continues to be one of the most pervasive and costly to businesses and consumers. With nearly endless examples, we have decided to develop a new series that not only highlights some of these attacks, but also sharing helpful tips along the way for spotting them.

Read More

Topics: Phishing, Phishing Simulation, Phish

Silent Librarian University Attacks Continue Unabated in Days Following Indictment


On Friday, March 23, nine Iranian threat actors were indicted for stealing massive quantities of data from universities, businesses, and governments all over the world.

If you’ve been following our blog (or the news), you already know the actors are associated with an organization called the Mabna Institute, and are responsible for stealing more than 31 terabytes of data over the past four and a half years. To put that number in context, you’d need to cut down more than 1.5 million trees to make enough paper to print out all of the stolen data.

Read More

Topics: Phishing, Spear Phishing, silent librarian

How Universities Should Respond to Iranian Hacking Charges


Last week, news broke that an Iranian hacker network, Mabna Institute, had been systematically stealing data from universities across the US and abroad.

It’s unclear precisely how much data has been compromised, but it has been estimated to have cost US universities around $3.4 billion dollars to collect and maintain.

While the administration has announced sanctions and criminal indictments against the group, it’s highly unlikely any of the actors involved will receive punishment.

So if you happen to work for a university, or be responsible in some capacity for the data security of a university, you’d be forgiven for wondering “…What now?

Read More

Topics: Phishing, Spear Phishing

New Variant of BankBot Banking Trojan Ups Ante, Cashes Out on Android Users

Posted by Joshua Shilko on Mar 13, '18

A newly observed variant of BankBot has been discovered masquerading as Adobe Flash Player, Avito, and an HD Video Player. This variant, now detected by PhishLabs as BankBot Anubis, was first identified on March 5, 2018. 

Read More

Topics: Phishing, Banking Trojan, BankBot Anubis

   

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Upcoming Events

Calendar_Mock_

Posts by Topic

see all