Recent Posts

Recent Blog Posts

The PhishLabs Blog

Who Says Holiday Romance is Dead? Catphishers, That’s Who

Posted by Lindsey Havens on Feb 14, '18

It’s that time of year again.

A day of romance, crowded restaurants, overblown gestures of love, and…

Well. You get the idea.

For those of us in the security world there’s another, less enjoyable component to Valentine’s Day. Yes, even less enjoyable than trying to share a romantic meal while sitting less than a foot away from four other couples.

Yes, I’m talking about holiday themed phishing scams. We’ve written about this precise topic many times before (including last Valentine’s Day) but so far we’ve never tackled the specific scams that surround this romance-centric annual event.

So before you send those dutch-courage fueled love notes, just take a moment to consider…

Read More

Topics: Phishing, Spear Phishing, Employee Defense Training

Office DDE feature exploited to deliver DNSMessenger payload in new targeted phishing campaign

Posted by Joshua Shilko on Nov 14, '17

The Research, Analysis, and Intelligence Division (R.A.I.D.) here at PhishLabs interacts with a multitude of malware samples in our day-to-day operations. Occasionally, we come across a campaign that stands out from the rest. One such instance occurred recently when one of our Phishing Threat Monitoring service clients was targeted with DNSMessenger, a sophisticated, memory-based infection technique, which has been previously associated with a financially-motivated Advanced Persistent Threat (APT) actor group. Also notable is the delivery method – the increasingly popular Dynamic Data Exchange (DDE) protocol Office document attack. This delivery method has recently been adopted by actors ranging from nation-state APTs to spammers peddling downloaders and ransomware. In this article, we will examine this delivery vector and dissect the initial DNSMessenger payload.

Read More

Topics: Spear Phishing, Office DDE Exploit

"Phish For The Future" is Perfect Example of Advanced Persistent Phishing

Posted by Stacy Shelley on Sep 29, '17


The Electronic Frontier Foundation (EFF) has reported that activists at Free Press and Fight for the Future were hit over the summer with a targeted spear phishing campaign that involved nearly 70 phishing attempts. If you haven't read their report, you should. Very few organizations would come out of the same situation unscathed.

Read More

Topics: Spear Phishing, Phish, EFF, Advanced Persistent Phish

Third DocuSign Phishing Campaign Identified Linked to Email Database Breach

Posted by Olivia Vining on May 19, '17

Since May 9, PhishLabs has tracked multiple phishing campaigns that uses DocuSign branding that lures victims into downloading malicious files.  These campaigns followed a breach of a DocuSign database containing user email addresses.  Each of the campaigns associated with this breach contain similar, yet distinct, characteristics.  The third, and most recent, campaign was launched on May 17. 

Read More

Topics: Phishing, Spear Phishing, DocuSign

How to Calculate ROI for Security Awareness Training

Posted by Jenny Dowd on Nov 22, '16

Frustrating, isn’t it?

You put all that effort into designing a security awareness training program… 

But is it helping keep your organization safe? Or is it just satisfying your compliance requirements?

The truth is you have no idea. After all, how can you measure return on investment (ROI) for something intangible like security awareness training?

Read More

Topics: Phishing, Spear Phishing, security awareness training

How and Why You Should Calculate Your Organization's Cost of Phishing

Posted by Jenny Dowd on Nov 15, '16

Everybody knows phishing is costly to their organization. 

But how costly? Few organizations know for sure.

Plenty of studies have claimed to calculate the cost of phishing, but the results are usually hard to swallow. For instance, does phishing cost your organization $1.6 million per incident? Or $3.7 million per year?

Perhaps... but probably not.

The issue with these figures is that they're averages, heavily skewed by data from huge organizations. The results may be interesting, but they're of little use to most organizations.

Read More

Topics: Phishing, Spear Phishing, security awareness training, cost of phishing

Why Your Security Awareness Training Isn't up to Par (And What to Do About It)

Posted by Jenny Dowd on Nov 10, '16

Most security awareness training is boring, infrequent, and ineffective. And the worse part is… everybody knows it.

But why? How did we get to this point? And who does all this sub-par security awareness training benefit?

To answer these questions we’ll need to examine one of the main drivers: Compliance.

Read More

Topics: Phishing, Spear Phishing, security awareness training

Rewinding the Headline: Where Do Data Breaches Begin?

Posted by Lindsey Havens on Oct 12, '16

Modern threat actors devote huge amounts of time to identifying and exploring new exploits, tactics, and techniques
for circumventing security and compromising corporate networks. 
The majority of headline breaches are initiated by spear phishing attacks, and not only are they sophisticated enough to make it past most spam filters, some are able to fool even seasoned security personnel. 

Read More

Topics: Phishing, Data Breach, Spear Phishing

How to Strengthen Your Human Firewall

Posted by Dane Boyd on Sep 20, '16

When it comes to security, it pays to be completely honest with yourself. After all, you may be able to hide weaknesses in your network from yourself, but that won’t stop threat actors from finding them.

If you are totally honest with yourself, you’ll realize there’s no way to completely shield your users from attacks.

You can tighten your spam filter, keep a watchful eye on user permissions, and buy in the best endpoint security package you can afford… but still, some attacks will make it through. And if your users are like most people, right now they aren’t even close to being ready to cope with that. We explored this previously in Why Some Phishing Emails Will Always Get Through Your Spam Filter.

We believe people can be the last line of your network defense – and do a damn good job of it – but first they have to be trained.

Here are a few ideas to get you started.

Read More

Topics: Phishing, Spear Phishing, security awareness training

Why Some Phishing Emails Will Always Get Through Your Spam Filter

Posted by Dane Boyd on Sep 15, '16

Frustrating, isn’t it?

It seems like no matter what you do, a few phishing emails always find their way into your users’ inboxes. You’ve tweaked your spam filter, and you’re scanning every attachment… But nothing seems to work.

Is it you? Are you making some glaring mistake?

Probably not.  We've discussed before why your users keep falling for phishing scams, and there's more to it. 

The fact is that no matter how good your security, a small percentage of phishing emails will always reach your user’s inboxes. 

Read More

Topics: Phishing, Spear Phishing, security awareness training


What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Upcoming Events


Posts by Topic

see all