It’s not news that cybercrime is a constant battle—large enterprises and small businesses everywhere are susceptible to a myriad of advanced email threats and socially engineered attacks , such as executive or brand impersonation. According to IC3’s Internet Crime Report, over $44 million in losses in 2021 were a direct result of malicious phishing and advanced email scams. Despite billions having...

The financial services cybersecurity environment is extremely complex, with a dizzying number of often-overlapping regulations, ongoing threats, and understaffed teams trying to manage it all. Despite paying significant attention to security, many organizations continue to be the targets of advanced persistent threats, fraud, sophisticated phishing campaigns, and other bold efforts to access the...

Vishing reports in Q1 2022 increased nearly 550% over Q1 2021, according to Agari and PhishLabs ’ Quarterly Threat Trends & Intelligence Report . While these Response-Based attacks have recently displayed stunning numbers, malicious emails as a whole are growing steadily, and represent the top online attack vector targeting corporate users. Malicious emails are delivered primarily in the form of...

Vishing attacks targeting corporate users have more than doubled for the second consecutive quarter, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report . Response-Based attacks such as these are increasingly targeting corporate users and stand alongside email-based Credential Theft and Malware attacks to make up the top attack vector targeting enterprises. Every quarter...

Ransomware continues to grow as a thriving underground economy with limited risk and little barrier to entry. Ransomware attacks are supported by a robust ecosystem of dark web services, where many of the tasks needed to carry out an attack can be outsourced. These tasks are increasingly available and sold by threat actors who specialize in them. In this post, we take a look at Initial Access...

Phishing volume continues to outpace 2020 by 22%, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. Every quarter, PhishLabs analyzes hundreds of thousands of phishing and social media attacks targeting enterprises to identify key trends in the threat landscape. In this piece we take a look at phishing volume, industries targeted, and how attacks are being staged. 2021...

Cybercriminals continue to heavily abuse domains to launch phishing attacks. PhishLabs’ analysis of Q1 phishing attacks has found that: 96% used Legacy Generic (gTLD) or Country Code (ccTLD) Top-level Domains Almost 83% abused HTTPS Domain Validated (DV) Certificates were used 94.5% of the time For this analysis, PhishLabs looked at three categories of TLDs: Legacy gTLDs, ccTLDs, and New gTLDs. >>...

In Q1, PhishLabs analyzed and mitigated hundreds of thousands of phishing attacks that targeted corporate users. In this post, we break down these attacks and shed light on the phishing emails that are making it into corporate inboxes. Threats Found in Corporate Inboxes Credential Theft Credential theft attacks continue to be the most prolific threats observed in corporate inboxes. In Q1, nearly...

Phishing is on the rise. PhishLabs identified 47% more phishing sites in Q1 of 2021 than there were in Q1 of 2020. This trend is continuing as Q2 attacks are also up significantly year-over-year. Last year, phishing spiked in late Q1 and Q2 as threat actors took advantage of pandemic-related fear and uncertainty. This year, we are seeing an even greater increase in attacks. Closer Look: Of the...

In 2020, ransomware attacks in the U.S. increased 139% year-over-year . Attacks are more strategic, demands are higher, and new tactics have emerged that leave victims experiencing the pressure to pay. Organizations that are affected by ransomware believe they are left with one of two choices: Refuse to meet ransom demands and risk the loss of data or, pay the ransom and hazard it released anyway...

Microsoft Office 365 phish are some of the most common threats that reach end users inboxes. Over the course of a two-year period, PhishLabs has observed that O365 phish have accounted for more than half of all reported phish by enterprises - by a significant margin. Today, we are highlighting a recent O365 campaign, and breaking down the techniques used to enhance the threat actor's odds of...

PhishLabs is monitoring a multi-stage phishing campaign that impersonates government entities and telecoms to target financial institutions and their customers. The threat actor behind the attacks has been designated Royal Ripper. The initial stage of the attack harvests personal information and the sort code of the victim's bank. It then uses the sort code to redirect the victim to a second...