Resources

Building a Business Case for Effective Security Awareness Training
Blog

Building a Business Case for Effective Security Awareness Training

Fri, 03/18/2016
  Security education programs are sometimes mandated, always important, and often difficult to justify the investment. It is easy to get the powers that be to sign off on a once-per-year security awareness training program that will satisfy compliance requirements, but we all know by now that compliance does not equal security. The Information Security Forum (ISF) has...
The unrelenting evolution of Vawtrak
Blog

The unrelenting evolution of Vawtrak

Fri, 12/19/2014
  In a recent blog post, we wrote about Vawtrak expanding targets and gaining momentum. Fast forward a few months and the threat is anything but diminishing. Sophos just released a technical report on Vawtrak which discusses the significance of the threat and its Crimeware-as-a-Service model. In December 2014, Vawtrak version 0x38 was released including significant code and...
External Data Leaks
Fraudsters Take Advanced Fee Scams to the Next Level
Blog

Fraudsters Take Advanced Fee Scams to the Next Level

By Jessica Ryan on Tue, 12/16/2014
We've all seen them before. The late prince Abdul has left us millions in inheritance and we need only provide a minor convenience fee to receive the funds. Advanced fee scams are nothing new and have been circulating the Internet since its inception. Until now, scammers have relied on email correspondence and convincing legal jargon to con victims out of their hard-earned...
Vulnerabilities found in Dendroid mobile Trojan
Blog

Vulnerabilities found in Dendroid mobile Trojan

Mon, 08/18/2014
  On Friday, the full source code of the Dendroid Remote Access Trojan (RAT) was leaked. Dendroid is a popular crimeware package that targets Android devices and is sold on underground forums for $300. Usually the source code for botnet control panels is encrypted, so it was surprising to find the full source code for the Dendroid control panel included in the leaked files....
Phishing Takedown Anti-Phishing Phishing Protection
Blog

Phishing Takedown Anti-Phishing Phishing Protection

Tue, 04/08/2014
  Phishing is a prevalent problem for businesses, particularly financial institutions. Over the years, many services have emerged to help organizations address phishing attacks that are targeting their customers' accounts. When seeking solutions, businesses find they have several options to choose from. These fall into three categories: Phishing takedown services Anti...
New Man-in-the-Middle attacks leveraging rogue DNS
Blog

New Man-in-the-Middle attacks leveraging rogue DNS

Wed, 03/26/2014
  New MitM attacks impersonate banking sites without triggering alerts PhishLabs has observed a new wave of "Man-in-the-Middle" (MitM) attacks targeting users of online banking and social media. Customers of more than 70 different financial institutions are being targeted. In these attacks, hackers use spam to deliver malware that changes DNS settings and installs a rogue...
Online Impersonation
Blog

“Your ACH Transaction” Spam Leads to Malware

Thu, 02/24/2011
PhishLabs has discovered a new malware campaign which appears to be an alert from NACHA regarding a failed ACH transaction. If a vulnerable user clicks the enclosed link, they will be infected with malware. Users receive an email message which appears as follows: From: [email protected] [mailto:[email protected]] Sent: Thursday, February 24, 2011 9:47 AM To: Denise Muns Subject: Your...
Blog

Advancements in Phishing Redirector Scripts

Fri, 02/05/2010
Almost since the beginning of phishing, attackers have created simple webpages that redirect users to another URL that contains the actual phishing form. They do this for several reasons. In case their phishing site is shutdown, they can simply change the destination of the redirect to point to another phishing site. This means that everyone who receives an email with the...