Recent Posts

Recent Blog Posts

The PhishLabs Blog

The Targeted Approach to Anti-Phishing: Improving Core Skills

Posted by Dane Boyd on Dec 1, '17

Wouldn’t it be great if every one of your users could be turned into an anti-phishing specialist?

Like sleeper agents, they’d be ready at any moment to drop their day jobs and sniff out every last malicious email that makes it past your perimeter defenses.

It’s an enticing fantasy.

But is it reasonable to expect your users to become genuine anti-phishing experts? We think not.

Read More

Topics: Phishing, security awareness training

Holiday Phishing Scams Target Job Seekers

Posted by Amanda Kline on Nov 21, '17

'Tis the season for shopping, time spent with friends and family, and preparations to celebrate the holidays. As most of us plan for the coming season, cyber criminals are looking for opportunities to catch victims off guard and steal valuable personal information. People looking to supplement their gift-giving budget with a seasonal holiday job should take a close look at job listings before pursuing offers found online or in their email inboxes. Job scams target those looking for part-time holiday work, specifically aiming to steal personally identifiable information that is often requested on applications for employment. We have observed mass spam email-based job scams using branding from well-known retailers such as Target and Walmart that commonly offer seasonal employment. 

Read More

Topics: Phishing, Holiday Scams

Have We Conditioned Web Users to be Phished?


Have the well-meaning recommendations of the security community made web users more vulnerable to cyber attacks? Have we conditioned people to be phished?

The HTTPS Paradox

You know that little green padlock symbol that appears in your browser’s URL bar every now and then? What do you think it means?

Read More

Topics: Phishing, Cyber Security Awareness Month

Enterprise Credential Theft: How to Spot a Phish


Today, we are going to look at a phish that takes advantage of the massive user base of Office 365 products. It’s safe to speculate that this phish is specifically targeting enterprise employees given most users of Office 365 products are using it for business purposes.

Read More

Topics: Phishing, Phish

APWG Report Reveals Increased Exploitation of Free Hosting Providers

Posted by Stacy Shelley on Oct 18, '17

The Anti-Phishing Working Group (APWG) has released the Phishing Activity Trends Report for the first half of 2017. APWG  utilizes  reported phishing attacks from multiple data sources to track, analyze, and report on fraud resulting  from phishing, crimeware, and email spoofing.  The report reveals frequent targeting in Payment, Financial, and Webmail sectors, as well as a rise in phishing attacks that utilize website builders and free hosting providers. 

Crane Hassold, Manager of Threat Intelligence at PhishLabs, noted in the report that hosting providers that offer free hosting and free  website-building tools provide criminals with opportunities. “These free hosts are not only easy and cheap to use, but they also allow threat actors to create subdomains spoofing a targeted brand, resulting in a more legitimate-looking phishing site. Free hosts also afford phishers additional anonymity, because these services do not make registrant information easily available.”

Read More

Topics: Phishing, APWG

Phishing landscape thrives in the second quarter of 2017

Posted by Amanda Kline on Sep 20, '17

It probably comes as no surprise that the second quarter of 2017 brought changes in the phishing landscape. A dramatic increase (41%) in overall phishing volume was observed by the PhishLabs research team. Additionally, there have been shifts in the industries that are being targeted. This is further evidence that the threat landscape is both thriving and volatile as cybercriminals pivot and exploit different targets. 

After years of gathering and analyzing phishing data, only one thing is certain - phishing continues to be a successful attack method for cybercriminals.

Read More

Topics: Phishing, Phishing Trends and Intelligence Report,, PTI Report

Phishing Implications of the Equifax Data Breach

Posted by Joseph Opacki on Sep 14, '17

By now, just about everyone has heard about the massive Equifax data breach. It exposed the sensitive personal information of more than 143 million consumers (nearly half of all Americans) and has been spread across headline after headline since it was first announced on September 7th.

There have been plenty of reports and advisories published since then with guidance for individuals affected. The FTC issued a useful list of steps that victims can take to reduce the risk of their information being abused, many of which could simply be copy/pasted given how frequent and common breaches of this scale have become. Set up fraud alerts, check your credit report for free, sign up for monitoring, freeze your credit files with the major credit bureaus, keep a close eye on financial statement for any unusual activity, etc.

While those are all good steps to take, we should also consider the implications when it comes to phishing.

Read More

Topics: Phishing, Data Breach, Breach, Equifax

The Evolution of Mobile Banking Trojans… and What To Do About Them (Part II)

Posted by Joshua Shilko on Aug 15, '17

In the last article, we looked at why threat actors have flocked to the mobile space in droves, and which tools they’re using to ply their trade.

And naturally, no discussion of mobile threats would be complete without a detailed look at the most concerning current mobile threat: mobile banking trojans.

Since we’ve already covered the most common functionality, permissions, and distribution mechanisms, it only makes sense to take things a stage further and look at specific banking trojan families. To that end, in this article we’ll be looking at the two of the most widespread families: Marcher and BankBot.

Once we’re through with that, we’ll go over some of the things organizations and individuals can do to avoid falling prey to mobile banking trojans in the future.

Read More

Topics: Phishing, Android, Banking Trojan

The Evolution of Mobile Banking Trojans… and What To Do About Them (Part I)

Posted by Joshua Shilko on Aug 8, '17

Over the past few years the way people interact with the Internet has changed.

In the past, the vast majority of people (over 80 percent) accessed the Internet using Windows desktop and laptop machines, with similar OSX devices taking a distant second spot.

But by the end of 2016, everything had changed. Android mobile devices overtook Windows desktops as the most common means of accessing the Internet.

Naturally, this trend hasn’t gone unnoticed.

Read More

Topics: Phishing, Trojan, Vishing, Rogue Mobile Applications

New Phishing-Based TrickBot Campaign Identified

Posted by Olivia Vining on Jul 20, '17

This week, PhishLabs analysts have detected a new TrickBot campaign that began at approximately 23:30 EST on July 17th, and continued through the evening of July 18th before ending later that night.

Thousands of lures were detected, the bulk of which were sent between 12:30 - 15:30 EST on July 18th.

But let’s back up a little.

In case you missed it first time around, TrickBot is a prominent example of a type of malware known as a Trojan.  Like the Trojan from which it was developed, Dyre, Trickbot is configured to steal banking credentials. 

Once a victim's machine is infected, Trickbot sends bank information to criminals through a complex series of events initiated by one click. Once initiated, TrickBot resides in the background, operating as unobtrusively as possible. As a result, many victims are unaware their machine has been infected.

Read More

Topics: Phishing, TrickBot

   

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Upcoming Events

Calendar_Mock_

Posts by Topic

see all