Resources

Free Domain Abuse Plummets in Q1 as Staging Methods Shift
Blog
Blog

LastPass and Fortra’s PhishLabs Work Together to Protect Customers From Phishing Scams

Tue, 09/26/2023
One of our Digital Risk Protection service customers, LastPass, is committed to monitoring the cyber threat environment to keep our customers as secure as possible. To highlight this commitment, we want to call attention to recent joint efforts to disrupt a phishing campaign targeting LastPass customers and associates that began two weeks ago. We are sharing this with you not because it is a new...
Phishing Sites Impersonating Social Media Jump in Q2
Blog
Blog

Phishing Sites Impersonating Social Media Jump in Q2

By Jessica Ryan on Thu, 08/10/2023
In Q2, phishing attacks targeting social media platforms increased more than 23%, according to Fortra’s PhishLabs. This is the greatest volume of attacks on social media in two years and puts the industry ahead of historically top targeted financial institutions. Every quarter, Fortra’s PhishLabs examines hundreds of thousands of phishing attacks targeting enterprises and their brands. In this...
Social Media Security Awareness: What you Should Know
Blog
Blog

Social Media Security Awareness: What you Should Know

Thu, 08/03/2023
The latest Verizon Data Breach Investigations report indicates that over 70% of data breaches involved the human element. Cybercriminals exploit people to trick them into clicking unsafe links, opening malicious attachments, entering their credentials into bogus login pages, sharing sensitive data, and authorizing fraudulent fund transfers. One area where many exploits take place is on social...
Top Tactics of BEC Attacks in 2023
Blog
Blog

Top Tactics of BEC Attacks in 2023

By Jessica Ryan on Thu, 04/27/2023
Email impersonation is the fastest growing and most successful means of bypassing email security controls. In Q4 2022, the response-based and credential theft attacks that make up email impersonation reached their highest percentage of share of all email threat volume, contributing to more than 97% of attacks reported by end users. In this series, we look at the top email impersonation threats...
What to Know About Business Email Compromise (BEC) Scams
Blog
Blog

What to Know About Business Email Compromise (BEC) Scams

Thu, 04/06/2023
Business email compromise (BEC) is a dangerous type of email spoofing that targets businesses, aiming to damage them in some way. Overall, BEC “is one of the most financially damaging online crimes,” according to a joint Cybersecurity Advisory by the Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of...
More than Half of All Phishing Sites Impersonate Financials in Q4
Blog
Blog

More than Half of All Phishing Sites Impersonate Financials in Q4

By Jessica Ryan on Thu, 02/16/2023
Phishing sites impersonating reputable organizations continue to represent the top online threat to businesses and their brands. In Q4, Financial Institutions were targeted most by credential theft phish, experiencing the largest share of malicious sites recorded since 2021, according to Fortra’s PhishLabs. Within the group, criminals capitalized on the broad customer bases and recognizable names...
What Is an Enterprise’s Secondary Line of Defense Against Phishing Emails?
Blog
Blog

What Is an Enterprise’s Secondary Line of Defense Against Phishing Emails?

Mon, 01/23/2023
One of the most popular attack strategies used by criminals to mislead consumers into doing the wrong thing is phishing. Phishing can occur via text message (SMS or instant messaging apps, coined SMiShing), social media or via phone, but email-based attacks are the ones most often linked to the term. It's easy for phishing emails to reach millions of users at once and to blend in with the many...
What Is an Enterprise’s Primary Line of Defense Against Phishing Emails?
Blog
Blog

What Is an Enterprise’s Primary Line of Defense Against Phishing Emails?

By Monica Delyani on Wed, 01/18/2023
Phishing is one of the most prevalent forms of cyberattack used by bad threat actors to either steal personal data, or to gain entrance into a business’ network. These surreptitious and malicious email messages trick unsuspecting recipients into clicking a link or opening an attachment that contains malware, ransomware, or in the case of Business Email Compromise (BEC) , employs impersonation...
Financials See Increase in Phishing Attacks, Compromised Sites Lead Staging Methods in Q3
Blog
Blog

Financials See Increase in Phishing Attacks, Compromised Sites Lead Staging Methods in Q3

By Jessica Ryan on Thu, 11/10/2022
In Q3, nearly 80% of threat actors opted to compromise existing websites or abuse free tools when staging phishing sites, according to the latest data from Fortra’s PhishLabs. While Compromised Sites represented the lion’s share of staging activity, URL Shorteners, Free Domain Registrations, and Developer Tools all experienced increased abuse in Q3 and pointed to sustained criminal interest in no...
Q2 Phishing Volume Up, Compromised Sites Lead Staging Methods
Blog
Blog

Q2 Phishing Volume Up, Compromised Sites Lead Staging Methods

By Jessica Ryan on Thu, 09/01/2022
In Q2, four out of five phishing sites were staged using infrastructure that required no investment on the part of threat actors, including Compromised Sites and Free Tools and Services, according to the Agari & PhishLabs Quarterly Threat Trends & Intelligence Report. Although the volume of Paid Domain Registrations associated with phishing sites grew slightly, threat actors continue to choose no...
On-Demand Webinar
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (August 2022)

John Wilson, Senior Fellow for Threat Research at Agari by Fortra Throughout Q2, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
New Report Documents Highest Volume of Response-Based Email Threats Since 2020
Blog
Blog

New Report Documents Highest Volume of Response-Based Email Threats Since 2020

By Jessica Ryan on Mon, 08/15/2022
In Q2, Response-Based attacks targeting corporate inboxes climbed to their highest volume since 2020, according to the latest Quarterly Threat Trends & Intelligence Report from Agari and PhishLabs . Response-Based threats such as Advanced-Fee Fraud, Business Email Compromise (BEC), and hybrid Vishing attacks all demonstrated increased volume in Q2, with Vishing specifically growing 625% over the...
Top 10 Ways To Recognize a Phishing Email
Blog
Blog

Top 10 Ways To Recognize a Phishing Email

Thu, 08/11/2022
Courtesy of Digital Guardian by Fortra Attackers continue to find clever new ways to disguise phishing emails. Here are 10 different ways you can identify a phishing email. While large-scale ransomware and distributed denial of service (DDoS) attacks may be taking up up the bulk of people’s cybersecurity news feeds, organizations have more to worry about than the newest and most sophisticated...
On-Demand Webinar
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (May 2022)

Throughout Q1, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
What is the Fortra Value Proposition for Cybersecurity?
Blog
Blog

What is the Fortra Value Proposition for Cybersecurity?

Thu, 04/07/2022
In this guest blog, Dr Ed Amoroso, CEO, Tag Cyber , provides a high-level overview of the Fortra cybersecurity portfolio value proposition based on a mapping of its component solution offerings to the NIST Cybersecurity Framework (CSF) phases. Forty years ago, an engineer in Minnesota decided that computer costs for the IBM System/38 were getting too high. So, he began investigating and building...
Erratic Phishing Volume Increases 28% in 2021
Blog
Blog

Erratic Phishing Volume Increases 28% in 2021

Thu, 03/10/2022
Phishing site volume increased 28% over the course of 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report . Attacks last year displayed increasingly volatile behavior on a month-to-month basis, often intermixed with a variety of attack vectors. Despite a lack of congruency, phishing unequivocally remains the most dominant attack method targeting organizations. Every quarter...
On-Demand Webinar
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (Feb 2022)

Throughout 2021, PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The PhishLabs Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
Phishing Increases as Industries New and Old Face a Barrage of Threats
Blog
Blog

Phishing Increases as Industries New and Old Face a Barrage of Threats

Tue, 11/23/2021
Phishing attacks targeting consumers during 2021 have increased nearly 32% from 2020, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report . While trends have been erratic, multiple spikes in activity continue to make phishing the most dominant attack method on the threat landscape. Threat actors are experimenting with a variety of tactics to target enterprises with these attacks...
On-Demand Webinar
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (Nov 2021)

Throughout 2021, PhishLabs has detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The PhishLabs Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
Advanced Banking Trojan Sets New Standard for Android Malware
blog

Advanced Banking Trojan Sets New Standard for Android Malware

By Jessica Ryan on Wed, 10/27/2021
A new Android banking trojan is targeting financial institutions, crypto-wallets, and the retail industry. Dubbed S.O.V.A., the Russian word for Owl, the feature-rich malware abuses device accessibility services to steal personal identifiable information and banking credentials. S.O.V.A. is still in its development phase and, if authors deliver on future capabilities promised, this already...