Resources

Despite their Simplicity, New Emotet Attacks Forecast Threatening Future
Blog
Blog

Despite their Simplicity, New Emotet Attacks Forecast Threatening Future

By Jessica Ryan on Thu, 12/02/2021
PhishLabs has recently observed attacks targeting enterprises with Emotet payloads for the first time since January , when coordinated efforts by authorities to disrupt operations led this family of threat actors to halt activity. Emotet’s primary function is providing malicious software initial access to compromised systems. It is one of the most widely distributed and well-connected malware...
External Data Leaks
Vishing Hybrid, Response-Based Attacks on the Rise
Blog
Blog

Vishing Hybrid, Response-Based Attacks on the Rise

Thu, 11/18/2021
Vishing attacks targeting corporate users have more than doubled for the second consecutive quarter, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report . Response-Based attacks such as these are increasingly targeting corporate users and stand alongside email-based Credential Theft and Malware attacks to make up the top attack vector targeting enterprises. Every quarter...
Initial Access Brokers: Selling Entry into Your Network
Blog
Blog

Initial Access Brokers: Selling Entry into Your Network

By Jessica Ryan on Mon, 11/15/2021
Ransomware continues to grow as a thriving underground economy with limited risk and little barrier to entry. Ransomware attacks are supported by a robust ecosystem of dark web services, where many of the tasks needed to carry out an attack can be outsourced. These tasks are increasingly available and sold by threat actors who specialize in them. In this post, we take a look at Initial Access...
Press Release
Press Release

Research Finds Alarming Jump in Phishing Attacks

PhishLabs Threat Trends and Intelligence Report show attacks grow 31.5% year-to-date over 2020, with social media attacks continuing to climb; September more than doubles its phishing activity over the same month last year. November 9, 2021, Charleston, SC – PhishLabs by Fortra, the leading provider of Digital Risk Protection solutions, today released their Quarterly Threat Trends and Intelligence...
New Quarterly Threat Trends Intelligence Report Available
Blog
Blog

New Quarterly Threat Trends Intelligence Report Available

Tue, 11/09/2021
Vishing attacks have more than doubled for the second consecutive quarter, according to the PhishLabs Quarterly Threat Trends & Intelligence Report. The November 2021 report uses hundreds of thousands of attacks analyzed and mitigated by PhishLabs to identify the top threats targeting brands and determine emerging trends throughout the threat landscape. Key Findings of the Quarterly Threat Trends...
On-Demand Webinar
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (Nov 2021)

Throughout 2021, PhishLabs has detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The PhishLabs Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
Advanced Banking Trojan Sets New Standard for Android Malware
blog

Advanced Banking Trojan Sets New Standard for Android Malware

By Jessica Ryan on Wed, 10/27/2021
A new Android banking trojan is targeting financial institutions, crypto-wallets, and the retail industry. Dubbed S.O.V.A., the Russian word for Owl, the feature-rich malware abuses device accessibility services to steal personal identifiable information and banking credentials. S.O.V.A. is still in its development phase and, if authors deliver on future capabilities promised, this already...
Multi-Stage Vishing Attacks Skyrocket
Blog
Blog

Multi-Stage Vishing Attacks Skyrocket

By Jessica Ryan on Tue, 10/19/2021
Multi-stage vishing attacks have more than doubled since Q2, overtaking BEC attacks as the second most reported response-based threat. These two-pronged attacks differ from conventional vishing by combining malicious emails and phone calls to trick victims into disclosing sensitive information. Emails associated with these campaigns are particularly adept at getting past attack controls because...
Fake Mobile Apps Leave Users Vulnerable, Damage Brands
Blog
Blog

Fake Mobile Apps Leave Users Vulnerable, Damage Brands

By Jessica Ryan on Tue, 10/05/2021
Cloned and spoofed mobile applications can damage a brand’s reputation and compromise user data. Fake mobile apps are widely available on both third-party and official app stores and rely heavily on brand impersonation to build trust and drive downloads. Many mobile users lack the security posture normally practiced on desktops, leaving devices vulnerable to compromise. Fake Apps Fake mobile apps...
Free Tools and Services Fuel Phishing Increase
Blog
Blog

Free Tools and Services Fuel Phishing Increase

Thu, 09/16/2021
Phishing volume continues to outpace 2020 by 22%, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. Every quarter, PhishLabs analyzes hundreds of thousands of phishing and social media attacks targeting enterprises to identify key trends in the threat landscape. In this piece we take a look at phishing volume, industries targeted, and how attacks are being staged. 2021...
Top 10 TLDs Abused
Blog
Blog

Top 10 TLDs Abused

Tue, 09/14/2021
Domains are some of the most highly abused tools threat actors use to manipulate victims and execute phishing attacks. In the latest PhishLabs Quarterly Threat Trends & Intelligence report, we break down how actors are abusing Legacy Generic (gTLD) and Country Code (ccTLD) Top-level domains, HTTPS, and free security certificates to target enterprises. Top-level Domain Abuse Nearly half of all...
Social Media Attacks Increase 47%
Blog
Blog

Social Media Attacks Increase 47%

Wed, 09/08/2021
Social media threats targeting enterprises have increased 47% since January 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report . While the attack volume varies by industry, today the average organization is being targeted on social media with increasing frequency. Every quarter, PhishLabs analyzes and mitigates hundreds of thousands of phishing and social media attacks...
3 Strategies to Enhance Brand Threat Intelligence
Blog
Blog

3 Strategies to Enhance Brand Threat Intelligence

By Jessica Ryan on Thu, 08/19/2021
Brand threats have accounted for 68% of fraud attacks so far this year. Contrary to traditional cyber attacks, which are designed to compromise the infrastructure or circumvent controls, brand threats live outside of the organization’s control and compromise the reputation of your brand. Common types of brand misrepresentation include spoofed emails, social media scams, and fake mobile apps. The...
Press Release
Press Release

New PhishLabs Research Finds Sharp Jump in Attacks on Crypto As Overall Phishing Volume Increases 22%

Quarterly Threat Trends and Intelligence Report Finds Increase in Phishing Attacks Year-to-Date Over the First Six Months of 2020; Qbot More Than Half of Payloads Encountered, as Darkside and Others Go Offline August 17, 2021, Charleston, SC – PhishLabs , the leading provider of Digital Risk Protection solutions, today released their Quarterly Threat Trends and Intelligence Report. Overall, the...
New Quarterly Threat Trends Intelligence Report Now Available
Blog
Blog

New Quarterly Threat Trends Intelligence Report Now Available

Tue, 08/17/2021
Phishing volume in 2021 continues to outpace last year by 22%, according to PhishLabs Quarterly Threat Trends & Intelligence Report. The August 2021 report uses data from hundreds of thousands of attacks analyzed and mitigated by PhishLabs to identify the most recent top threats targeting brands and determine emerging trends throughout the threat landscape. Key Findings of the Quarterly Threat...
OSINT: How Usernames Unlock Investigations
Blog
Blog

OSINT: How Usernames Unlock Investigations

Tue, 08/10/2021
One piece of evidence that adds value to investigating social media threats is the threat actor’s chosen username. Usernames can hold meaning to the individual, and as a result provide useful information when expanding investigations to different social platforms. As we covered in our last OSINT post , connecting all known social media accounts to one user is a critical step in determining risk...
Threat Evasion Techniques: Restricting by Interaction
Blog
Blog

Threat Evasion Techniques: Restricting by Interaction

Mon, 08/02/2021
Threat actors improve the resiliency of phishing campaigns by concealing malicious content from security teams. Avoiding detection increases an attacker’s odds of reaching more victims and achieving a more lucrative outcome. There are many types of evasion techniques that can be used individually or in tandem. In this post we discuss active evasion, restricting by interaction. Restricting by...
Account Takeover Protection
quarterly threat trends & intelligence report thumbnail
On-Demand Webinar
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (Aug 2021)

John LaCour, Founder and CTO at PhishLabs In the first half of 2021, PhishLabs detected and mitigated hundreds of thousands of external phishing, social media, and email threats targeting a broad range of enterprises and brands. In this webinar, John LaCour, Founder and CTO of PhishLabs, will analyze the Q2 findings and provide insight into key trends shaping the threat landscape. Attendees will...
Threat Evasion Techniques: Restricting By Device
Blog
Blog

Threat Evasion Techniques: Restricting By Device

Tue, 07/27/2021
Cybercriminals use evasion techniques to bypass scanning technologies and defeat human analysis in order to extend the life of phishing campaigns. There are a variety of evasion techniques and criminals often use multiple variations in tandem. In this post, we focus on active evasion, restricting non-targets by device. Restricting by Device Active evasion is any method an attacker uses to prevent...
Account Takeover Protection
Threat Evasion Techniques: Restricting by Location
Blog
Blog

Threat Evasion Techniques: Restricting by Location

Wed, 07/21/2021
Evasion techniques are methods attackers deploy to extend the life of phishing campaigns. The longer a threat is active, the more opportunity it has to claim victims. Attackers have two objectives when applying evasion techniques: Defeat automated scanning technologies designed to quickly shut down or prevent attacks from going live. Increase the time, cost, and complexity required for security...