In an era when AI-powered impersonations and deep-fake voices are becoming everyday tools for cybercriminals, the simple email still remains one of the most effective attack methods. Despite all the headlines about breaches and ransomware, phishing continues to show up — undetected, disguised, ready to exploit a click or a careless moment. Knowing the tell­tale signs of a malicious email is...

Courtesy of Agari by Fortra. Have you ever received a blank email from someone you don’t know? If you have, it may have been from a cybercriminal making sure your email account is legitimate prior to a BEC attack. We released a report on a business email compromise (BEC) cybercriminal group named London Blue in December 2018. The report dove into the organizational structure of West African...

Cyber-attacks targeting retail brands have increased dramatically over the last year. Since Q3 2021, retail has experienced a nearly 500% increase in attacks on social media alone. Counterfeit websites and look-alike domains are also among the top threats to online retailers. Attackers incorporate stolen designs and trademarks to stand up counterfeit sites, outbid legitimate businesses with...

Courtesy of Tripwire by Fortra. Microsoft has shared details of a widespread phishing campaign that not only attempted to steal the passwords of targeted organisations, but was also capable of circumventing multi-factor authentication (MFA) defences. The attackers used AiTM (Attacker-in-The-Middle) reverse-proxy sites to pose as Office 365 login pages which requested MFA codes, and then use them...

Emotet contributed to just over 47% of all attacks targeting corporate users in Q2, narrowly surpassing former leader QBot. This is the first quarter Emotet has represented the majority of payload reports since its disruption in January 2021. Together, Emotet and QBot dominated payload volume, totaling more than 90% of reported payload activity. Malicious payloads distributed via phishing emails...

Courtesy of Agari by Fortra. What is Email Spoofing? Email spoofing is one of the most common forms of cybercriminal activity, specifically a form of identity deception that’s widely used in phishing and spam attacks. It underpins the mechanism required to conduct hacking activities, and it can take many forms. Unfortunately, most email users will eventually receive an email that has been...

Cybercrime is relentless — and no business is immune. From small startups to global enterprises, organizations face an onslaught of advanced email threats and socially engineered attacks like executive and brand impersonation. According to the FBI’s Internet Crime Report, phishing and sophisticated email scams led to over $44 million in losses in 2021 alone.Despite massive investments in perimeter...

In Q1, the exchange of sensitive data on Carding Marketplaces and Forums increased as government seizure of multiple Dark Web sites prompted a shift in where actors conduct illegal activities, according to the Agari and PhishLabs Quarterly Threat Trends & Intelligence Report.These sites specialize in the trafficking of stolen credentials and data such as usernames, passwords, banking, and account...

In Q1, more than 51% of phishing sites abused paid services, according to the Agari and PhishLabs Quarterly Threat Trends & Intelligence Report. This is the first time in five consecutive quarters where the majority of phishing sites were staged using Paid Domain Registrations or Compromised Sites. Phishing volume as a whole continues to increase in 2022 in comparison to the same time period last...

Vishing reports in Q1 2022 increased nearly 550% over Q1 2021, according to Agari and PhishLabs’ Quarterly Threat Trends & Intelligence Report. While these Response-Based attacks have recently displayed stunning numbers, malicious emails as a whole are growing steadily, and represent the top online attack vector targeting corporate users. Malicious emails are delivered primarily in the form of...

Social media attacks targeting enterprises have increased 105% from Q1 2021 to Q1 2022, according to our Quarterly Threat Trends & Intelligence Report. Social media threat volume has consistently climbed quarter over quarter, as threat actors increasingly use social platforms to target business via fake pages, messaging, and advertisements.The growing number of businesses using social media to...

Impersonations of brands and executives on social media have grown more than 300% and 250% year-over-year, respectively, according to the Agari and PhishLabs Quarterly Threat Trends & Intelligence Report. This highlights the overall increase in social media activity and ease of accessibility for bad actors to repurpose stolen trademarks and intellectual property (IP) for a variety of malicious...

Vishing attacks have increased almost 550% over the last 12 months, according to Agari and Fortra Brand Protection's Quarterly Threat Trends & Intelligence Report.The May report uses hundreds of thousands of phishing and social media threats analyzed and mitigated. By identifying and mitigating attacks targeting enterprises, their employees, and brands, we are able to provide insight into key...

PhishLabs has identified a Browser-in-the-Browser (BitB) campaign targeting financial institutions with a fake Office 365 (O365) authorization protocol. The attack is delivered via phishing email and redirects the victim to a website impersonating an O365 single sign-on (SSO) page. A BitB attack is a novel phishing technique that replicates pop-up windows used for SSO in an effort to steal login...

Qbot payloads targeting enterprises contributed to almost three quarters of all email-based malware since the beginning of 2022. Although reported malware activity among families continues to fluctuate dramatically from quarter to quarter, QBot reports in Q1 represent the highest volume of a single malware variety over the past 12 months.Phishing lures delivering payloads remain the primary...

Courtesy of Digital Guardian by Fortra. The FBI's annual look at phishing, scam, and personal data breach statistics is out. Like clockwork, the Federal Bureau of Investigation's annual Internet Crime Complaint Center (IC3) report (.PDF) is out, and with it, numbers that show a marked uptick in cybercrime over the past 365 days. Skimming through the report's 33 pages, it's hard not to notice the...

Courtesy of Agari by Fortra. You probably already know this, but it bears repeating: Email by itself is NOT secure; anyone can use someone else’s identity to send emails. In fact, email is the #1 way cyberattackers can target your customers and your email ecosystem. No brand is untouchable when it comes to attackers using or spoofing email domains to send spam, phishing attempts, malware, or...

Phishing site volume increased 28% over the course of 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report. Attacks last year displayed increasingly volatile behavior on a month-to-month basis, often intermixed with a variety of attack vectors. Despite a lack of congruency, phishing unequivocally remains the most dominant attack method targeting organizations.Every quarter,...

Social Media attacks targeting enterprises increased 103% in 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report. Social Media is rapidly becoming the threat channel of choice for criminals. The rapid expansion of consumer/business relationships through social platforms, coupled with less refined and controllable online security measures, makes social media a prime target...