Resources

Results from Terranova Security's 2023 Gone Phishing Tournament Webinar

Results from Terranova Security's 2023 Gone Phishing Tournament Webinar
Expert Recommendations from the 2023 Gone Phishing Tournament Results Join Fortra experts, as well as guest speakers from The National Cybersecurity Alliance and Microsoft, as they present highlights and discuss results from the 2023 Gone Phishing Tournament. Attendees will enjoy in-depth insights into: The best and worst-performing industries and regions How the results relate to current cyber...
jill.johnson Thu, 02/22/2024 - 16:23
-
CT
FREE
Account Takeover Protection
Blog

O365 Volume Up in Q4 as Cybercriminals Target Brands in Credential Theft Attacks

The majority of malicious emails reported in user inboxes contained a link to a phishing site, making credential theft emails the attack method of choice for cybercriminals in Q4. Credential theft made up nearly 60% of all reported incidents, with more than half of the volume attributed to O365 attacks. Despite the threat actor preference toward this threat type, credential theft attacks declined...
Blog

Phishing-as-a-Service Profile: LabHost Threat Actor Group

Fortra is monitoring malicious activity targeting Canadian banks conducted by Phishing-as-a-Service group LabHost. Throughout 2022 and 2023, Fortra has observed phishing attacks connected with Phishing-as-a-Service (PhaaS) groups grow as threat actors use the tools provided through membership services to launch a variety of campaigns. The providers of these platforms boast features such as access...
blog

Record Number of Phishing Sites Impersonate Social Media to Target Victims in Q4

Phishing sites impersonated the social media industry more than any other in Q2, Q3, and Q4 of 2023. In Q4 alone, social media phish leapt nearly 20%, reaching the highest volume of abuse (over 67%) since Fortra has reported on this data point. Every quarter, Fortra’s PhishLabs examines hundreds of thousands of phishing attacks targeting enterprises and their brands. In this post, we break down...
Blog

How Threat Actors will Leverage Domain Impersonation in 2024

Historically, the average brand is targeted by 40 look-alike domains per month. Look-alikes are a strategic component of malicious lures and websites and used in a variety of spaces including social platforms, text messages, the open web, and email. An attack that incorporates a look-alike domain can mean the difference between a convincing campaign and a suspicious one, with a versatility that...
On-Demand Webinar

2023 Domain Impersonation Report - Key Findings

2023 Domain Protection Report – Key Findings The average brand is targeted by 40 look-alike domains per month. Domain impersonation is the foundation for a multitude of online threats. Watch Elyse Neumann, Fortra’s Sr. Director of Client Operations, and Eric George, Fortra’s Director of Solutions Engineering, as they discuss the key findings from Fortra’s 2023 Domain Impersonation Report. Learn...
Blog

Executive Attacks on Social Media Hit All-Time High as Analysts Point to AI

Executive impersonation on social media is at an all-time high as threat actors take advantage of AI to improve and scale their attacks. In Q3, accounts pretending to belong to high-ranking executives on social media climbed to more than 54% of total impersonation volume, surpassing brand attacks for the first time since Fortra began tracking this data. The volume and composition of these attacks...
Blog

Cybercriminal Focus in the New Year – Top 2024 Threat Trends

Criminals are constantly innovating ways to enhance deliverability and increase the success of their campaigns. Email phishing remains one of the most significant threats to organizations, but a growing number of campaigns are first touching victims via non-traditional lures or through engagement on platforms where users are more susceptible to scams. Understanding how online threats are evolving...
Blog

Getting the Board on Board: Explaining Cybersecurity ROI

In this Tripwire guest blog, we break down how to best communicate the significance of a cybersecurity investment. Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn't always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable Return On Investment...
press_release

CNET: Scam website are using that green https padlock to fool you

A PhishLabs report by security writer Brian Krebs was featured in a CNET article warning web users about HTTPS security fraud on the Internet. Originally published in CNET . You may have heard you should look for the padlock symbol at the top of a website before entering your password or credit card information into an online form. It's well-meaning advice, but new data shows it isn't enough to...
press_release

InfoSec Magazine: How the FBI Caught Voice Phishing (Vishing) Scammers

Founder and CTO of PhishLabs John LaCour spoke with FBI Special Agent Davey Ware at the RSA Conference in San Francisco to talk about how vishing attacks work to defraud victims of their money and discuss how one group of vishing criminals was caught. Originally published on Infosecurity Magazine . "Vishing attacks are phishing attacks that use the telephone network," LaCour said. He explained...
Quote

Request A Quote

Fortra’s PhishLabs is the leading provider of threat intelligence and mitigation solutions. Our Digital Risk Protection platform safeguards your organization’s critical digital assets through expert-curated threat intelligence and complete mitigation, protecting your enterprise, brands, and customers from digital threats. Complete the form to request a quote from our sales team to learn more about...
Resource

Request Support

Need help? Complete the form to request support from our team. If you have an emergency and need assistance, we will respond to your request within 1 hour. Client support is also available 24/7 via the PhishLabs Web Application or API integration. SOC: +1.877.227.0790 or +1.202.386.6001 For all other inquiries, please submit a Contact Request .
Guide

2023 Domain Impersonation Report

Current Domain Threats, Trends, and Techniques Domain impersonation is the foundation for a multitude of online threats. Because a domain is dynamic, identifying when and how it will be used for malicious purposes can be challenging for security teams, and requires constant monitoring for behavior that will validate removal. In the 2023 Domain Impersonation Report, we review look-alike domain...
Guide

Disrupt Counterfeit Threats

A Digital Risk Protection Playbook Counterfeit threats, such as fraudulent ads and look-alike domains, are on the rise especially with the expansion of e-commerce and online consumer-to-business interaction. However, the collection and mitigation of counterfeit activity can be complicated. Prioritizing relationships with platforms and providers along with collecting data showing evidence of abuse...
Video

On-Demand Webinar: Handling Threats That Land in User Inboxes

The risk of a user receiving a socially engineered attack is higher than ever, and technological solutions often miss the most devastating of them. Though technology is both an important and required component in protecting the enterprise, security teams need to remain vigilant and educated on quickly identifying threats which make it past technology. This includes the latest social engineering...
Video

Digital Risk Protection: Evolving Your Cyber Threat Intel Program Into Action

Now Available On-demand Digital Risk Protection is an emerging technology that is on the rise in Gartner’s latest Hype Cycle for Security Operations. In this webinar, PhishLabs’ Manager of Solutions Engineering, Eric George, will break down Digital Risk Protection, explain how it works, and share recent use cases. You will learn how enterprises use Digital Risk Protection to proactively detect and...
Video

Digital Risk Protection: Evolving Your Cyber Threat Intel Program Into Action HISAC

Digital Risk Protection is an emerging technology that is on the rise in Gartner’s latest Hype Cycle for Security Operations. In this H-ISAC Navigator Program Webinar, PhishLabs’ Founder and CTO, John LaCour, will break down Digital Risk Protection, explain how it works, and share recent use cases. You will learn how the Healthcare industry is using Digital Risk Protection to proactively detect...
Video

Data Leaks Don't Discriminate

Unique conditions driven by the pandemic in the first half of 2020 have increased companies’ exposure to online threats and the likelihood of experiencing a data leak incident. If that weren’t enough, an emerging trend in ransomware attacks reveals that cybercriminals are now threatening to leak compromised data if ransom demands aren’t met. In this webinar, PhishLabs’ Director of Product...