Resources
Blog

Active Phishing Campaign: Yousign HR Lure

By Meriam Senouci on Thu, 05/23/2024
A new, sophisticated active phishing campaigns focuses on malicious emails that leverage Yousign e-signature services to carry out phishing attacks. Learn more about this tactic through examples, high-level details, and associated threat indicators.
Online Impersonation

Identify and Disrupt Threats Before Attackers Strike

Tue, 04/30/2024
Hear Fortra experts detail expanded capabilities, insight, and anti-threat measures to better address blind spots, proactively disrupt threat actors, prevent fraud, and enrich security. Learn about the newly expanded capabilities, including: Compromised Credentials Monitoring enables users to proactively defend against fraud generated by stolen credentials. Threat...
Datasheet

Compromised Credentials Monitoring

Learn how PhishLabs Compromised Credentials Monitoring can deliver broad visibility allowing organizations to quickly respond and implement countermeasures such as forced password resets and lockouts to guard against potential account takeovers, breaches, and malware attacks.
On-Demand Webinar

2023 Domain Impersonation Report - Key Findings

2023 Domain Protection Report – Key Findings The average brand is targeted by 40 look-alike domains per month. Domain impersonation is the foundation for a multitude of online threats. Watch Elyse Neumann, Fortra’s Sr. Director of Client Operations, and Eric George, Fortra’s Director of Solutions Engineering, as they discuss the key findings from Fortra’s 2023 Domain...
2023 domain impersonation thumbnail
Guide

2023 Domain Impersonation Report

Current Domain Threats, Trends, and Techniques Domain impersonation is the foundation for a multitude of online threats. Because a domain is dynamic, identifying when and how it will be used for malicious purposes can be challenging for security teams, and requires constant monitoring for behavior that will validate removal. In the 2023 Domain Impersonation Report, we review...
Video

On-Demand Webinar: Handling Threats That Land in User Inboxes

The risk of a user receiving a socially engineered attack is higher than ever, and technological solutions often miss the most devastating of them. Though technology is both an important and required component in protecting the enterprise, security teams need to remain vigilant and educated on quickly identifying threats which make it past technology. This includes the latest...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
Video

Digital Risk Protection: Evolving Your Cyber Threat Intel Program Into Action

Now Available On-demand Digital Risk Protection is an emerging technology that is on the rise in Gartner’s latest Hype Cycle for Security Operations. In this webinar, PhishLabs’ Manager of Solutions Engineering, Eric George, will break down Digital Risk Protection, explain how it works, and share recent use cases. You will learn how enterprises use Digital Risk Protection to...
External Data Leaks
Video

Digital Risk Protection: Evolving Your Cyber Threat Intel Program Into Action HISAC

Digital Risk Protection is an emerging technology that is on the rise in Gartner’s latest Hype Cycle for Security Operations. In this H-ISAC Navigator Program Webinar, PhishLabs’ Founder and CTO, John LaCour, will break down Digital Risk Protection, explain how it works, and share recent use cases. You will learn how the Healthcare industry is using Digital Risk Protection to...
External Data Leaks
Domain best practices
Video

Domain Protection Best Practices Webinar

Domains are the cornerstone of an organization’s digital presence and IT infrastructure, which means domains are also lucrative to cybercriminals who use domain impersonation to create fake email addresses and websites for personal gain. Organizations cannot afford to keep domain protection out of their overall cybersecurity strategy. Watch Eric George, Director of Solutions...
Online Impersonation
cyber threat defense report thumbnail
Video

Key Insights from the 2023 Cyberthreat Defense Report

Eric George, Director of Solutions Engineering at Fortra, and Steve Piper, CEO of CyberEdge The 2023 Cyberthreat Defense Report provides deep insight into the perspectives of cybersecurity professionals. Join us to learn what your peers are thinking and doing Thursday, May 4, at 11 a.m. ET. Eric George, Director of Solutions Engineering at Fortra, and Steve Piper, CEO of...
Account Takeover Protection
Online Impersonation
Video

COVID-19 Cyber Threat Intelligence

How threat actors are abusing the global pandemic The novel coronavirus (COVID-19) is giving opportunistic threat actors new methods to deploy malicious lures on unsuspecting targets. As the pandemic spreads, industries of all shapes and sizes are finding themselves targeted by cyber attacks leveraging the fear and uncertainty associated with the virus. Access the recording...
Executive Protection
Video

Emerging Threats: Disrupt Counterfeit Activity Targeting Retail Brands

Eric George, Director of Solution Engineering at PhishLabs As retail brands expand their online presence to selling goods and engaging with consumers, threat actors are leveraging the credibility of reputable organizations to profit off of cannibalized sales. Counterfeit storefronts mimic legitimate brands using look-alike domains, copyrighted content, and stolen intellectual...
Online Impersonation
domain impersonation report thumbnail
Guide

Domain Impersonation Whitepaper

Preventing Domain Impersonation: How to Stop Look-Alike Domains and Spoofing In the first half of 2023, cybercriminals targeted company brands using an average of 40 look-alike domains per month. Domain impersonation threats trick users into giving away sensitive information by convincing them an email is from a trusted source or a website is authentic. It’s crucial that...
Guide

How to Defend Against Look-alike Domain Threats: A Digital Risk Protection Playbook

Look-alike domains are one of the most versatile tools a threat actor can use to attack an organization. They lay the foundation for a wide range of cyberthreats, including reputation abuse, phishing sites, and email scams. This playbook breaks down: The domain lifecycle and how domains are abused Threats criminals use to deceive and defraud their targets How look-alike...
The Email Security Gaps in Your Cloud
Blog

The Email Security Gaps in Your Cloud

Thu, 12/14/2023
It’s not news that most enterprises operate in the cloud. Migration to the cloud leads to better collaboration, data storage, and lower costs compared to on-premises resources. Odds are your organization is currently enjoying the conveniences of the cloud.  The cloud has reshaped the way organizations operate, but with the migration comes new obstacles in email security, and...
Press Release

IT Security Wire: Cybersecurity in 2023: Top Three Predictions

In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup, Vice President of Security Operations at Fortra’s Alert Logic, share their 2023 cybersecurity predictions. Originally published in IT Security Wire “PaaS (phishing-as-a-service) platforms simplify the creation and execution of credential theft phishing attacks which target the customers or...
New Cyber Security Intelligence Article Covers Fortra’s Insights, Actions Against QR Phishing
Blog

New Cyber Security Intelligence Article Covers Fortra’s Insights, Actions Against QR Phishing

By Jessica Ryan on Thu, 10/19/2023
QR phishing is currently considered a high priority risk capable of bypassing existing security controls, according to the latest article from Cyber Security Intelligence. QR Phishing, otherwise known as Quishing, is an extension of phishing attacks that is gaining popularity among threat actors who understand many email systems have difficulty reading the contents of the code....
Threat Actor Profile: Strox Phishing-as-a-Service
Blog

Threat Actor Profile: Strox Phishing-as-a-Service

Thu, 10/12/2023
Threat Background & History Beginning in the first half of 2022, Fortra has monitored a significant ongoing upward trend in fraud activity originating from various Phishing-as-a-Service (PhaaS) operations. Some of these services have thrived, while the popularity of others has diminished. One PhaaS operation that has notably been present throughout the past two years is known...