Resources

Financials and Card Data Top Q3 Targets on the Dark Web
Blog
Blog

Abusing Data to Avoid Detection: Cybercriminal Adoption of Browser Fingerprinting

Fri, 04/05/2024
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers for nearly 15 years, it is now commonly exploited by cybercriminals. Today, it is considered widely used for phishing purposes.
Online Impersonation
Video
Video

On-Demand Webinar: Handling Threats That Land in User Inboxes

The risk of a user receiving a socially engineered attack is higher than ever, and technological solutions often miss the most devastating of them. Though technology is both an important and required component in protecting the enterprise, security teams need to remain vigilant and educated on quickly identifying threats which make it past technology. This includes the latest social engineering...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
domain protection best practices
Video
Video

Domain Protection Best Practices Webinar

Domains are the cornerstone of an organization’s digital presence and IT infrastructure, which means domains are also lucrative to cybercriminals who use domain impersonation to create fake email addresses and websites for personal gain. Organizations cannot afford to keep domain protection out of their overall cybersecurity strategy. Watch Eric George, Director of Solutions Engineering at Fortra...
Online Impersonation
cyber threat defense report thumbnail
Video
Video

Key Insights from the 2023 Cyberthreat Defense Report

Eric George, Director of Solutions Engineering at Fortra, and Steve Piper, CEO of CyberEdge The 2023 Cyberthreat Defense Report provides deep insight into the perspectives of cybersecurity professionals. Join us to learn what your peers are thinking and doing Thursday, May 4, at 11 a.m. ET. Eric George, Director of Solutions Engineering at Fortra, and Steve Piper, CEO of CyberEdge, will present an...
Account Takeover Protection
Online Impersonation
Video
Video

Emerging Threats: Disrupt Counterfeit Activity Targeting Retail Brands

Eric George, Director of Solution Engineering at PhishLabs As retail brands expand their online presence to selling goods and engaging with consumers, threat actors are leveraging the credibility of reputable organizations to profit off of cannibalized sales. Counterfeit storefronts mimic legitimate brands using look-alike domains, copyrighted content, and stolen intellectual property. Threat...
Online Impersonation
Top Brand Threats and Defense Tactics
Guide
Guide

Brand Threats Masterclass

In 2024, organizations face growing brand protection challenges with online impersonation attacks targeting their assets through non-traditional means. These attacks are spanning channels not typically protected by corporate controls and leveraging AI to generate lures, making detection increasingly broad and mitigation nuanced. To better understand the top brand risks, Fortra held a roundtable...
Account Takeover Protection
External Data Leaks
Q3 Payload Report
Blog
Blog

Q3 Payload Report

By Jessica Ryan on Thu, 10/26/2023
QBot, the leading payload family in Q3, was disrupted as part of a coordinated, multinational operation led by the FBI on August 29, 2023. This resulted in the removal of 700,000 QBot payloads from infected devices across the globe, and interrupted the activity of one of the most active malware families since the former juggernaut Emotet, which was disrupted in 2021. While QBot led all other...
Account Takeover Protection
On-Demand Webinar
On-Demand Webinar

ҰourDoma1п.com: How Look-alike Domains Drive BEC, Brand Abuse, and More

Domains are often the first source of interaction with customers. However, anyone can register a look-alike domain, create a fraudulent website, and start impersonating a trusted company – quickly diminishing brand credibility. In this webinar, PhishLabs’ Founder and CTO, John LaCour, will cover why cyber criminals register hundreds of thousands of look-alike domains every year and how they use...
Online Impersonation
On-Demand Webinar
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (August 2022)

John Wilson, Senior Fellow for Threat Research at Agari by Fortra Throughout Q2, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
10,000 organisations targeted by phishing attack that bypasses multi-factor authentication
Blog
Blog

10,000 organisations targeted by phishing attack that bypasses multi-factor authentication

Thu, 07/21/2022
Courtesy of Tripwire by Fortra. Microsoft has shared details of a widespread phishing campaign that not only attempted to steal the passwords of targeted organisations, but was also capable of circumventing multi-factor authentication (MFA) defences. The attackers used AiTM (Attacker-in-The-Middle) reverse-proxy sites to pose as Office 365 login pages which requested MFA codes, and then use them...
Account Takeover Protection
Customer Phishing Protection Couldn’t Be Easier with PhishLabs
Blog
Blog

Customer Phishing Protection Couldn’t Be Easier with PhishLabs

By Monica Delyani on Thu, 07/07/2022
It’s not news that cybercrime is a constant battle—large enterprises and small businesses everywhere are susceptible to a myriad of advanced email threats and socially engineered attacks , such as executive or brand impersonation. According to IC3’s Internet Crime Report, over $44 million in losses in 2021 were a direct result of malicious phishing and advanced email scams. Despite billions having...
Account Takeover Protection
On-Demand Webinar
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (May 2022)

Throughout Q1, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
On-Demand Webinar
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (Feb 2022)

Throughout 2021, PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The PhishLabs Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
On-Demand Webinar
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (Nov 2021)

Throughout 2021, PhishLabs has detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The PhishLabs Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
The Most Prevalent Threats to Corporate Inboxes
Blog
Blog

The Most Prevalent Threats to Corporate Inboxes

Thu, 08/26/2021
Every quarter, PhishLabs analyzes and mitigates hundreds of thousands of phishing and social media attacks targeting enterprises. In this post, we discuss the top threats reaching corporate inboxes based on incidents detected and mitigated with our Suspicious Email Analysis solution. Credential Theft Credential theft continues to represent the largest share of threats targeting corporate inboxes...
Account Takeover Protection
Threat Evasion Techniques: Restricting by Interaction
Blog
Blog

Threat Evasion Techniques: Restricting by Interaction

Mon, 08/02/2021
Threat actors improve the resiliency of phishing campaigns by concealing malicious content from security teams. Avoiding detection increases an attacker’s odds of reaching more victims and achieving a more lucrative outcome. There are many types of evasion techniques that can be used individually or in tandem. In this post we discuss active evasion, restricting by interaction. Restricting by...
Account Takeover Protection
Threat Evasion Techniques: Restricting By Device
Blog
Blog

Threat Evasion Techniques: Restricting By Device

Tue, 07/27/2021
Cybercriminals use evasion techniques to bypass scanning technologies and defeat human analysis in order to extend the life of phishing campaigns. There are a variety of evasion techniques and criminals often use multiple variations in tandem. In this post, we focus on active evasion, restricting non-targets by device. Restricting by Device Active evasion is any method an attacker uses to prevent...
Account Takeover Protection
On-Demand Webinar
On-Demand Webinar

Q1 2021 Threat Trends & Intelligence Webinar

In Q1, we detected and mitigated hundreds of thousands of external threats targeting a broad range of enterprises and their brands. In this webinar, John LaCour, Founder and CTO of PhishLabs, will review the findings from analyzing these threats and provide insight into key trends shaping the threat landscape. Attendees will learn: How phishing attack volume changed in Q1 Which industries were...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks