Resources

domain impersonation report thumbnail
Guide

Domain Impersonation Whitepaper

Preventing Domain Impersonation: How to Stop Look-Alike Domains and Spoofing In the first half of 2023, cybercriminals targeted company brands using an average of 40 look-alike domains per month. Domain impersonation threats trick users into giving away sensitive information by convincing them an email is from a trusted source or a website is authentic. It’s crucial that...
navigating social media threats thumbnail
Guide

Navigating Social Media Threats: A Digital Risk Protection Playbook

Threat actors are using social media to target enterprises and their customers with fraudulent accounts. The nature of instant sharing on social media means organizations can face swift reputation damage or financial loss if they fall victim to one of the many threat types used on these platforms. In order to effectively protect against social media threats, security teams must...
Guide

How to Defend Against Look-alike Domain Threats: A Digital Risk Protection Playbook

Look-alike domains are one of the most versatile tools a threat actor can use to attack an organization. They lay the foundation for a wide range of cyberthreats, including reputation abuse, phishing sites, and email scams. This playbook breaks down: The domain lifecycle and how domains are abused Threats criminals use to deceive and defraud their targets How look-alike...
Frost & Sullivan Company of the Year report thumbnail
Guide

Fortra Wins 2022 Frost & Sullivan DRP Company of the Year

With its strong overall performance, Fortra earns the 2022 Frost & Sullivan Global Company of the Year Award in the DRP industry. With more than 60 years of coaching organizations all over the world, Frost & Sullivan provides the tools for growth and long-term success to their clients. Their Company of the Year Award is a great honor as it “exemplifies visionary innovation,...
Frost Radar Leader Digital Risk Protection (DRP) Services badge
Guide

Frost Radar: Digital Risk Protection (DRP) Services, 2022

See how Fortra stacks up against the biggest names in Digital Risk Protection. Frost and Sullivan’s 2022 DRP report gives you a better understanding of Digital Risk Protection vendors and what they have to offer.   The report includes:  Frost Radar on DRP Services  Evaluation of the competitive environment  Detailed analysis of vendors looking specifically at Innovation,...
Guide

2023 Cyberthreat Defense Report

Compare your company’s security practices with industry peers! The 2023 Cyberthreat Defense Report, now in it’s 10th year, provides deep insight into the minds of security professionals. Insights from this year’s survey include: The threats that most concern IT teams include account takeover (ATO) attacks, phishing, and brand impersonation on social media Double and triple...
Blog

PhishLabs Blog Subscription

The PhishLabs Blog is where we share our insights, interviews, and videos about cybersecurity awareness and reducing digital threats. Sign up and we’ll keep you updated on interesting threats and scams, infosec news, events, and opinions on industry issues and trends. The blog newsletter will feature: Fresh industry content Somewhat entertaining videos The latest trends...
The Email Security Gaps in Your Cloud
Blog

The Email Security Gaps in Your Cloud

Thu, 12/14/2023
It’s not news that most enterprises operate in the cloud. Migration to the cloud leads to better collaboration, data storage, and lower costs compared to on-premises resources. Odds are your organization is currently enjoying the conveniences of the cloud.  The cloud has reshaped the way organizations operate, but with the migration comes new obstacles in email security, and...
Brand Threats Masterclass: Experts Reveal Top Attacks and Defense Tactics
Blog

Brand Threats Masterclass: Experts Reveal Top Attacks and Defense Tactics

By Jessica Ryan on Thu, 11/30/2023
There is little doubt that AI-fueled impersonation campaigns and novel attacks via non-traditional channels have emerged as a primary concern for security teams. Brand impersonation is on the rise, with nearly 40 look-alike domains targeting brands each month. On social media, impersonation attacks account for almost half of all threatening content. And online counterfeit...
Google and Yahoo Take Stance on Email Authentication
Blog

Google and Yahoo Take Stance on Email Authentication

Thu, 11/16/2023
Google and Yahoo announced new email authentication requirements for those sending email to their users, with a rapid deadline of February 2024. At Fortra, we commend this push to require email authentication as a huge step in the ongoing fight against spoofing and abuse. But if the requirements are not in place by the deadline, certain emails may no longer be delivered. This...
How Organizations Can Use Dark Web Intelligence
Blog

How Organizations Can Use Dark Web Intelligence

Thu, 11/09/2023
The scope of intelligence on underground marketplaces is vast and navigating the dark web in search of brand mentions and potential threats can be time-consuming and complex. In order to proactively defend against attacks and mitigate the threat of leaked information, organizations should consistently monitor marketplaces and forums for data pertaining to their brand. If...
Press Release

IT Security Wire: Cybersecurity in 2023: Top Three Predictions

In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup, Vice President of Security Operations at Fortra’s Alert Logic, share their 2023 cybersecurity predictions. Originally published in IT Security Wire “PaaS (phishing-as-a-service) platforms simplify the creation and execution of credential theft phishing attacks which target the customers or...
Q3 Payload Report
Blog

Q3 Payload Report

By Jessica Ryan on Thu, 10/26/2023
QBot, the leading payload family in Q3, was disrupted as part of a coordinated, multinational operation led by the FBI on August 29, 2023. This resulted in the removal of 700,000 QBot payloads from infected devices across the globe, and interrupted the activity of one of the most active malware families since the former juggernaut Emotet, which was disrupted in 2021. While...
Account Takeover Protection
New Cyber Security Intelligence Article Covers Fortra’s Insights, Actions Against QR Phishing
Blog

New Cyber Security Intelligence Article Covers Fortra’s Insights, Actions Against QR Phishing

By Jessica Ryan on Thu, 10/19/2023
QR phishing is currently considered a high priority risk capable of bypassing existing security controls, according to the latest article from Cyber Security Intelligence. QR Phishing, otherwise known as Quishing, is an extension of phishing attacks that is gaining popularity among threat actors who understand many email systems have difficulty reading the contents of the code....
Threat Actor Profile: Strox Phishing-as-a-Service
Blog

Threat Actor Profile: Strox Phishing-as-a-Service

Thu, 10/12/2023
Threat Background & History Beginning in the first half of 2022, Fortra has monitored a significant ongoing upward trend in fraud activity originating from various Phishing-as-a-Service (PhaaS) operations. Some of these services have thrived, while the popularity of others has diminished. One PhaaS operation that has notably been present throughout the past two years is known...
U.S. News Highlights Fortra’s Tips to Protecting Against 401k Scams
Blog

U.S. News Highlights Fortra’s Tips to Protecting Against 401k Scams

By Jessica Ryan on Thu, 10/05/2023
Is your 401k a target for cybercriminals? According to the latest article from U.S. News, warning signs such as missing contributions and unexplained transactions could indicate your retirement funds are at risk. Check out the article here to learn what signs could indicate that something is amiss, and best practices from Fortra’s security expert Eric George on how to protect...
Visibility: An Essential Component of Industrial Cyber Security
Blog

Visibility: An Essential Component of Industrial Cyber Security

Thu, 09/28/2023
In July 2021, the White House established a voluntary initiative for industrial control systems (ICS) to promote cooperation between the critical infrastructure community and the federal government. The fundamental purpose of the initiative was “to defend the nation’s critical infrastructure community by encouraging and facilitating the deployment of technologies and systems...
Free Domain Abuse Plummets in Q1 as Staging Methods Shift
Blog

LastPass and Fortra’s PhishLabs Work Together to Protect Customers From Phishing Scams

Tue, 09/26/2023
One of our Digital Risk Protection service customers, LastPass, is committed to monitoring the cyber threat environment to keep our customers as secure as possible. To highlight this commitment, we want to call attention to recent joint efforts to disrupt a phishing campaign targeting LastPass customers and associates that began two weeks ago. We are sharing this with you not...
Cyber Defense Magazine: New PhishLabs Research Details .ZIP Abuse
Blog

Cyber Defense Magazine: New PhishLabs Research Details .ZIP Abuse

By Jessica Ryan on Thu, 09/21/2023
Fortra’s PhishLabs has identified two separate incidents of new Google top-level domain (TLD) .zip used in phishing attacks. The attacks, detailed in the September issue of Cyber Defense Magazine, use .zip to impersonate a social media conglomerate and global technology company. Look-alike domains using common file extensions are increasingly used to enhance the perceived...