Resources
Blog

BankBot Anubis Still a Threat, Gets Upgrade

Wed, 08/08/2018
  Over the past few years mobile banking trojans have been a persistent threat. While Windows desktops and laptops once made up the lion's share of Internet traffic, mobile devices (particularly Android) have long since become the most common means of browsing the web. With banking trojans now incorporating such a wide range of malicious functionality, it's hardly surprising...
Understanding Why Spear Phish Are Highly Effective
Blog

Understanding Why Spear Phish Are Highly Effective

Thu, 07/19/2018
  In the Oscar-winning movie The Sting, Harry Gondorff (played by Paul Newman) explains to his apprentice Johnny Hooker (Robert Redford) that the con that they set up must be so convincing that their mark, Doyle Lonnegan (Robert Shaw) won't even realize that he's been taken. Today, Gondorff and Hooker might not have needed to use a past-posting scheme to con Lonnegan. Instead...
How To Tackle the Hidden Threat of Social Media
Blog

How To Tackle the Hidden Threat of Social Media

Tue, 07/17/2018
  As a marketer I am all too familiar with how social media can benefit or damage a brand. On the one hand, social media offers an easy and (sometimes) free way to communicate with customers, prospects, and partners that many brands have used to great advantage. But on the other hand, it's yet another source of potential threats to an organization's infrastructure and...
Adwind Remote Access Trojan Still Going Strong
Blog

Using Reported Phish to Hunt Threats

Tue, 07/10/2018
  Reported phishing emails are useful for plenty of reasons. They help you measure cyber risk, study common attack trends, and even provide inspiration for your own phishing simulations. One of the security functions that benefit most from reported phishing emails is threat hunting, the process of identifying threats quickly so they can be contained before any major damage...
How To Change Security Behaviors: Information Security
Blog

How To Change Security Behaviors: Information Security

Thu, 06/28/2018
  Let's be honest, employees make mistakes. And sometimes those mistakes have catastrophic consequences. Everybody has heard stories about people accidentally leaving an unencrypted work laptop on the train, or on the seat of their car. Heck, on a busy day we could even imagine ourselves doing it. But with industry regulators finally starting to find their teeth — and the...
How Social Media Threatens Personal and Corporate Security
Blog

How Social Media Threatens Personal and Corporate Security

Tue, 06/26/2018
  Each day the average person spends around 135 minutes on social media. We know what you're thinking. That's a heck of a lot of time spent liking things, laughing at memes, and watching baby animal videos. But it's not all fun and games. In today's world we are more connected than ever, and social media platforms encourage us to share what was once private information in a...
WannaCry, NotPetya and the Rest: How Ransomware Evolved in 2017
Blog

WannaCry, NotPetya and the Rest: How Ransomware Evolved in 2017

Tue, 05/08/2018
  Ransomware. The word strikes fear into the hearts of hospital administrators, local government officers, and small business owners everywhere. After exploding in 2016, ransomware has been covered extensively by media outlets and security experts, to the point where most organizations have started to take at least some action to mitigate their exposure. But have these...
6 Steps to Quickly Defang Reported Phishing Emails
Blog

6 Steps to Quickly Defang Reported Phishing Emails

Thu, 05/03/2018
  So here it is… the first one you've received. Everything has been building up to this. You spent days preparing the business case, weeks designing the training program… and it's finally paid off. The first user-reported phishing email has hit your inbox. Now… what should you do with it? Time is of the Essence Reported phishing emails are good for a lot of reasons. For...
Silent Librarian University Attacks Continue Unabated in Days Following Indictment
Blog

Silent Librarian University Attacks Continue Unabated in Days Following Indictment

Thu, 04/05/2018
  On Friday, March 23, nine Iranian threat actors were indicted for stealing massive quantities of data from universities, businesses, and governments all over the world. If you've been following our blog (or the news), you already know the actors are associated with an organization called the Mabna Institute, and are responsible for stealing more than 31 terabytes of data...
Blog

Silent Librarian: More to the Story of the IranianMabna Institute Indictment

By Jessica Ryan on Mon, 03/26/2018
  Last Friday, Deputy Attorney General Rod Rosenstein announced the indictment of nine Iranians who worked for an organization named the Mabna Institute. According to prosecutors, the defendants stole more than 31 terabytes of data from universities, companies, and government agencies around the world. The cost to the universities alone reportedly amounted to approximately $3...
New Variant of BankBot Banking Trojan Ups Ante, Cashes Out on Android Users
Blog

New Variant of BankBot Banking Trojan Ups Ante, Cashes Out on Android Users

Tue, 03/13/2018
  A newly observed variant of BankBot has been discovered masquerading as Adobe Flash Player, Avito, and an HD Video Player. This variant, now detected by PhishLabs as BankBot Anubis, was first identified on March 5, 2018.  BankBot Anubis takes mobile threats to the next level incorporating ransomware, keylogger abilities, remote access trojan functions, SMS interception,...
Blog

How To Make Reporting a Phish So Easy Even Your Busiest Execs Will Do It

Tue, 02/13/2018
  Frustrating, isn't it?  You design a powerful anti-phishing program, secure funding from your executive board, provide world-class training. You do everything right… Oh, your users are probably spotting phishing emails. After all, they've engaged with the training, and seem to be taking it seriously. But no matter how many times you remind them, they just won't report...
The 11 Types of Reported Emails
Blog

The 11 Types of Reported Emails

Thu, 01/18/2018
  You receive an email, you are unfamiliar with the sender's name or email address, and they are offering you a new service or deal on something. Is it malicious? Not necessarily. Perhaps you forgot about signing up for a newsletter a while back. Malicious Versus Benign According to Symantec, 55.5 percent of business emails are considered spam emails, with the average...
A Quarter of Phishing Attacks are Now Hosted on HTTPS Domains: Why?
Blog

A Quarter of Phishing Attacks are Now Hosted on HTTPS Domains: Why?

Tue, 12/05/2017
  The push for more widespread adoption of HTTPS has been in full-force this year as a way to increase the number of websites that securely transmit information on the Internet. In January, both Chrome and Firefox browsers began alerting users whenever sensitive information, such as passwords or credit card information, was entered on a non-HTTPS web page. In October, Google...
Holiday Phishing Scams Target Job Seekers
Blog

Holiday Phishing Scams Target Job Seekers

Tue, 11/21/2017
  'Tis the season for shopping, time spent with friends and family, and preparations to celebrate the holidays. As most of us plan for the coming season, cyber criminals are looking for opportunities to catch victims off guard and steal valuable personal information. People looking to supplement their gift-giving budget with a seasonal holiday job should take a close look at...
Adwind Remote Access Trojan Still Going Strong
Blog

Adwind Remote Access Trojan Still Going Strong

Wed, 11/01/2017
   A Java-based Adwind Remote Access Trojan campaign has been observed sending spam emails containing a malicious JAR file under the guise of “Request For Quotation,” “Transfer Import,” “Swift Copy,” “Proforma Invoice,” “DHL Delivery Notification” and many others.  Adwind, also known as jRAT and JSocket, is a cross-platform remote access tool designed to run on Mac OS, Windows...
Nigerian 419 Scams: How to Spot a Phish
Blog

Nigerian 419 Scams: How to Spot a Phish

Wed, 10/11/2017
  All through October, in aid of National Cyber Security Awareness Month (#CyberAware) we’re putting phishing under the microscope. In each post we’ll take a close look at one specific type of phishing, including the actors responsible, who it targets, and how/why it works. Today, we’re a true phishing classic: Nigerian 419 scams. We've put the 15 best practices for spotting...
BEC Scams: How to Spot a Phish
Blog

BEC Scams: How to Spot a Phish

Tue, 10/10/2017
  All through October, in aid of National Cyber Security Awareness Month (#CyberAware) we’re putting phishing under the microscope. In each post we’ll take a close look at one specific type of phishing, including the actors responsible, who it targets, and how/why it works. Today, we’re exploring one of the most audacious phishing tactics: Business email compromise (BEC) also...
The Impact of Phishing, and Why it Should be Your #1 Priority
Blog

The Impact of Phishing, and Why it Should be Your #1 Priority

Wed, 10/04/2017
  Nation states. Hacktivists. Cyber criminals. There are so many players in the modern threat landscape it can be hard to keep up. And the number of threats? Practically too many to count. By the time you’ve secured your organization against password reuse, DDoS, and crimeware attacks, your resources are likely so diminished there’s no point even thinking about what else...
The Mobile Phishing Threat You'll See Very Soon: URL Padding
Blog

The Mobile Phishing Threat You'll See Very Soon: URL Padding

Thu, 06/15/2017
  The fact that hackers are increasingly targeting mobile devices isn’t exactly a secret. And really, it’s not surprising either. After all, most of us are practically glued to our smartphones throughout the day. An SMS arrived? Better read it straight away. New email? Let me at it. Somebody I don’t care about updated their Facebook status? Great, let’s see what they’re up...