In Q4, three malware families represented more than 93% of all payload volume targeting end users, with Malware-as-a-Service (MaaS) DarkLoader leading all other reports. Fortra first received reports of DarkLoader in user inboxes in Q3, with attack volume picking up significantly beginning in October. The shift to criminal activity associated with DarkLoader comes after coordinated efforts by...

Fortra continues to monitor malicious activity targeting Canadian banks by the Phishing-as-a-Service (PhaaS) group known as LabHost. Throughout 2022 and 2023, phishing campaigns linked to PhaaS platforms have surged, as threat actors increasingly rely on subscription-based services to execute attacks. These platforms offer a range of features, including stolen industry branding, real-time...

Historically, the average brand is targeted by 40 look-alike domains per month. Look-alikes are a strategic component of malicious lures and websites and used in a variety of spaces including social platforms, text messages, the open web, and email. An attack that incorporates a look-alike domain can mean the difference between a convincing campaign and a suspicious one, with a versatility that...

Is your organization ready to tackle the new challenge of QR code phishing, also known as quishing? In this TechNewsWorld article, Dr. Steve Jeffery discusses the latest carrier of choice for payloads via email.

Executive impersonation on social media is at an all-time high as threat actors take advantage of AI to improve and scale their attacks. In Q3, accounts pretending to belong to high-ranking executives on social media climbed to more than 54% of total impersonation volume, surpassing brand attacks for the first time since Fortra began tracking this data. The volume and composition of these attacks...

Criminals are constantly innovating ways to enhance deliverability and increase the success of their campaigns. Email phishing remains one of the most significant threats to organizations, but a growing number of campaigns are first touching victims via non-traditional lures or through engagement on platforms where users are more susceptible to scams.Understanding how online threats are evolving...

This is a Tripwire guest blog.Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn't always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable return on investment (ROI) from any cybersecurity initiative. Many Boards concentrate on performance...

How will the digital risk and email security landscape evolve in 2024? In this VM Blog article, Eric George discusses the industry’s future and shares his seven predictions for 2024. Originally published in VM Blog. Excerpt: “AI and ML will enhance capabilities on both sides of the cyber landscape – for good and bad. On the defensive side, those protecting the targets will use advanced data...

Cloud adoption is now the norm for most enterprises—and for good reason. Migrating to the cloud enables greater collaboration, more scalable data storage, and reduced operational costs compared to traditional on-premises infrastructure. Chances are that your organization is already benefiting from these cloud advantages.However, while the cloud has transformed how businesses operate, it also...

As we approach the end of the year, LastPass Labs has reviewed the last 12 months to take account of the threat environment and how it has changed, as well as our accomplishments. Throughout 2023, the Threat Intelligence, Mitigation, and Escalations (TIME) team focused on rapidly expanding our capabilities to protect our customers from phishing sites and/or infostealers. A major part of this...

There is little doubt that AI-fueled impersonation campaigns and novel attacks via non-traditional channels have emerged as a primary concern for security teams. Brand impersonation is on the rise, with nearly 40 look-alike domains targeting brands each month. On social media, impersonation attacks account for almost half of all threatening content. And online counterfeit campaigns are...

Google and Yahoo announced new email authentication requirements for those sending email to their users, with a rapid deadline of February 2024. At Fortra, we commend this push to require email authentication as a huge step in the ongoing fight against spoofing and abuse. But if the requirements are not in place by the deadline, certain emails may no longer be delivered. This could prove...

The underground marketplace intelligence landscape is vast and complex. Monitoring dark web forums and marketplaces for brand mentions and threats is essential to proactively defend against attacks and data leaks. When suspicious data appears, knowing how to respond quickly is key to protecting your brand, employees, and customers.In this blog, we discuss the types of intelligence present on dark...

QBot, the leading payload family in Q3, was disrupted as part of a coordinated, multinational operation led by the FBI on August 29, 2023. This resulted in the removal of 700,000 QBot payloads from infected devices across the globe, and interrupted the activity of one of the most active malware families since the former juggernaut Emotet, which was disrupted in 2021.While QBot led all other...

QR phishing is currently considered a high priority risk capable of bypassing existing security controls, according to the latest article from Cyber Security Intelligence. QR Phishing, otherwise known as Quishing, is an extension of phishing attacks that is gaining popularity among threat actors who understand many email systems have difficulty reading the contents of the code. Similar to...

Since early 2022, Fortra has been monitoring a significant ongoing upward trend in fraud activity originating from various Phishing-as-a-Service (PhaaS) operations. Some of these services have thrived, while the popularity of others has diminished. One PhaaS operation that has notably been present throughout is Strox (aka Strox.su or Strox Pages). Strox is one of the most complete phishing...

Is your 401k a target for cybercriminals? According to the latest article from U.S. News, warning signs such as missing contributions and unexplained transactions could indicate your retirement funds are at risk.Check out the article here to learn what signs could indicate that something is amiss, and best practices from Fortra’s security expert Eric George on how to protect your accounts.if...

In July 2021, the White House launched a voluntary initiative aimed at strengthening cybersecurity for industrial control systems (ICS). Designed to foster collaboration between critical infrastructure sectors and the federal government, the initiative encourages the deployment of technologies that provide visibility, threat detection, and early warning capabilities. As the memo stated, “we cannot...

One of our Digital Risk Protection service customers, LastPass, is committed to monitoring the cyber threat environment to keep our customers as secure as possible. To highlight this commitment, we want to call attention to recent joint efforts to disrupt a phishing campaign targeting LastPass customers and associates that began two weeks ago. We are sharing this with you not because it is a new...