Email impersonation is the fastest growing and most successful means of bypassing email security controls. In Q4 2022, the response-based and credential theft attacks that make up email impersonation reached their highest percentage of share of all email threat volume, contributing to more than 97% of attacks reported by end users. In this series, we look at the top email impersonation threats...

Email attacks using impersonation as their primary means of success are the top threats making it past Secure Email Gateways (SEC). These socially engineered messages have gradually increased in volume to overtake more malicious links or attachments typically used in payload campaigns targeting businesses.In this series, we look at the top email impersonation threats based on the reported volume...

QBot and Emotet payloads contributed to more than 93% of reported payload volume in Q1. While QBot represented the majority of attacks, this is the first known activity by Emotet actors since 2022 and the largest spike in Emotet reports since Q2 of last year. Email payloads remain the primary delivery method of ransomware targeting organizations. Fortra's Suspicious Email Analysis solution...

Business email compromise (BEC) remains one of the most financially devastating cyber threats facing organizations. This sophisticated form of email spoofing targets businesses by impersonating executives, employees, or trusted partners to trick recipients into transferring funds, revealing sensitive data, or fulfilling fraudulent orders. According to a joint Cybersecurity Advisory from the FBI,...

Ransomware and phishing are usually put in two separate categories when cyberattack methodologies are discussed. However, ransomware operators are increasingly leveraging phishing tactics to deploy their malicious payloads, and the potential for compromise is exponentiating as a result. Ransomware and Phishing - a match made in heaven Phishing is the number one delivery vehicle for ransomware,...

The demand for Digital Risk Protection (DRP) is on the rise as cybercriminals are increasingly targeting businesses on channels outside the corporate firewall. According to Frost Radar Global DRP Report, the traditional security perimeter has changed, and unlike phishing attacks that can be managed and mitigated through internal controls, these threats live on spaces not typically monitored by...

In Q4, Dark Web activity targeting Credit Unions reached its highest count in five consecutive quarters, according to Fortra’s PhishLabs. Attacks on Credit Unions jumped significantly during the second half of 2022, with threat actors advertising stolen card data from these institutions almost as frequently as National/Regional Banks.Data tied to financial institutions is considered especially...

Social media attacks targeting organizations closed out 2022 nearly 19% higher than Q4 of 2021, according to Fortra’s PhishLabs. Social platforms continue to act as a hotbed for malicious activity, leaving organizations of all sizes vulnerable to impersonation and abuse. As of Q4, businesses can expect an average of 72.54 attacks on social media per month. PhishLabs analyzes hundreds of...

In Q4, Response-Based phishing attacks were the top reported threat by end users, according to Fortra’s PhishLabs. While threats categorized as Credential Theft and Malware continue to bypass even the top secure email gateways, this is the second consecutive quarter where Response-Based attacks have led all categories. Response-Based attacks typically lack malicious indicators and instead rely...

Phishing sites impersonating reputable organizations continue to represent the top online threat to businesses and their brands. In Q4, Financial Institutions were targeted most by credential theft phish, experiencing the largest share of malicious sites recorded since 2021, according to Fortra’s PhishLabs. Within the group, criminals capitalized on the broad customer bases and recognizable names...

Cybercriminals are increasingly using steganography to hide malware in phishing attacks targeting businesses. Read Digital Journal’s interview with Alyn Hockey, Fortra’s VP of Product Management, to learn why this tactic is particularly difficult to detect, and what security teams can do to avoid falling victim. Check out the article here. if(window.strchfSettings === undefined) window...

Whaling phishing attacks specifically target C-suite executives, putting highly sensitive, mission-critical data at serious risk. These sophisticated scams often involve cybercriminals impersonating executives to deceive employees into revealing confidential information or executing fraudulent transactions. Because they focus on high-value individuals and assets, these attacks pose a significant...

​Organizations face a growing danger from phishing and ransomware, which have been the most common forms of cybercrime in recent years. Most businesses have fallen victim to phishing or ransomware attacks at some point. Every business needs to act against the growing threat of phishing, the primary method through which ransomware and other malware are spread. On the bright side, organizations have...

​ We're going to delve into what the meaning of SPF for email is, how to implement it, the benefits of deploying it, and how to further protect your email-sending domains. What is SPF for Email? Sender Policy Framework (SPF) is an email authentication standard that domain owners use to specify the email servers they send email from, making it harder for fraudsters to spoof sender information....

Email fraud is accelerating and evolving. In 2024 alone, phishing remained the most common type of cyberattack, and business email compromise (BEC) caused more than $2.7 billion in losses across over 21,000 reported incidents. Despite the growing awareness, email continues to be a prime entry point for cybercriminals for one simple reason: we rely on it constantly. It's how we send invoices, share...

Phishing remains one of the most effective and widespread tactics used by cybercriminals to deceive victims and gain access to sensitive information. While phishing can occur through text messages (SMiShing), social media platforms, or phone calls, email continues to be the most common vector. With AI tools making it easier to craft convincing, personalized messages at scale, phishing campaigns...

When it comes to email authentication standards, should you use DKIM, SPF, or both? We’re going to cover these terms, when you should use them, what they do—and how best to protect your email domains. Is it Either/Or—or Both? Should the battle really be SPF vs. DKIM? While not mandatory, it’s highly recommended to use both SPF and DKIM to protect your email domains from spoofing attacks and...

Phishing remains one of the most common cyberattacks, used to steal personal data or gain access to business networks. These deceptive emails trick recipients into clicking malicious links or opening attachments carrying malware or ransomware. In the case of business email compromise (BEC), attackers impersonate trusted colleagues or vendors to prompt recipients into taking immediate action.As...

QBot was the most reported payload targeting employee inboxes in Q4, according to Fortra’s PhishLabs. This is the fourth consecutive month QBot has led malware activity as bad actors target organizations with a steady stream of high-volume attack campaigns. QBot previously represented the second most reported payload family, trailing behind RedLine Stealer in Q3.Email payloads remain the primary...

Sometimes when sending phishing simulations to our clients, we setup a reply-to address to see if people will reply to suspicious emails and many do. Many people interpret our simulations as scams and articulate that in colorful language. Others provide information that would be dangerous in the hands of a threat actor, such as contact information for the appropriate employee for us to connect...