Resources

On-Demand Webinar

Social Platform Impersonations: Types, Consequences, and Defenses

Social media is bigger than ever and threats are getting more sophisticated, but gone are the days when people could simply request to have an impersonation removed. Learn how to sift through the social media threat noise and get effective mitigation of social media threats including impersonations.
Blog

Abusing Data to Avoid Detection: Cybercriminal Adoption of Browser Fingerprinting

Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers for nearly 15 years, it is now commonly exploited by cybercriminals. Today, it is considered widely used for phishing purposes.
Datasheet

Fortra Threat Intelligence Services

Fortra’s Threat Intelligence services empower enterprises to take proactive measures against threats by delivering critical insight to disrupt threat actors, prevent fraud, and enrich security controls.
Datasheet

Dark Web Monitoring

See how Fortra's Threat Intelligence services empower enterprises to take proactive measures against threats by delivering critical insight to disrupt threat actors, prevent fraud, and enrich security controls.
Blog

Dark Web Actors Overwhelmingly Target Card Data, Finance in Q4

Credit unions were the top targeted industry on the Dark Web in Q4 2023, continuing its lead over the historically targeted banking industry for the third consecutive quarter. Financials as a whole continue to be a primary focus of criminal groups on underground channels, with more than 91% of malicious activity directed at either credit unions, banks, financial services, or payment services.Every...
Blog

Social Media Attacks Focus on Financials, Executives in Q4

In Q4, impersonation threats made up more than 45% of total attacks on social media, with the vast majority targeting banking and financial services. Impersonation on social media continues to grow, with threats specifically targeting corporate executives responsible for driving the majority of volume for three consecutive quarters.The average number of social media attacks per business has...
Blog

DarkLoader Leads Malware Attacks in Q4

In Q4, three malware families represented more than 93% of all payload volume targeting end users, with Malware-as-a-Service (MaaS) DarkLoader leading all other reports. Fortra first received reports of DarkLoader in user inboxes in Q3, with attack volume picking up significantly beginning in October. The shift to criminal activity associated with DarkLoader comes after coordinated efforts by...
Datasheet

Compromised Credentials Monitoring

Learn how PhishLabs Compromised Credentials Monitoring can deliver broad visibility allowing organizations to quickly respond and implement countermeasures such as forced password resets and lockouts to guard against potential account takeovers, breaches, and malware attacks.
Blog

O365 Volume Up in Q4 as Cybercriminals Target Brands in Credential Theft Attacks

The majority of malicious emails reported in user inboxes contained a link to a phishing site, making credential theft emails the attack method of choice for cybercriminals in Q4. Credential theft made up nearly 60% of all reported incidents, with more than half of the volume attributed to O365 attacks. Despite the threat actor preference toward this threat type, credential theft attacks declined...
Blog

Phishing-as-a-Service Profile: LabHost Threat Actor Group

Fortra is monitoring malicious activity targeting Canadian banks conducted by Phishing-as-a-Service group LabHost. Throughout 2022 and 2023, Fortra has observed phishing attacks connected with Phishing-as-a-Service (PhaaS) groups grow as threat actors use the tools provided through membership services to launch a variety of campaigns. The providers of these platforms boast features such as access...
Blog

How Threat Actors will Leverage Domain Impersonation in 2024

Historically, the average brand is targeted by 40 look-alike domains per month. Look-alikes are a strategic component of malicious lures and websites and used in a variety of spaces including social platforms, text messages, the open web, and email. An attack that incorporates a look-alike domain can mean the difference between a convincing campaign and a suspicious one, with a versatility that...
On-Demand Webinar

2023 Domain Impersonation Report - Key Findings

2023 Domain Protection Report – Key Findings The average brand is targeted by 40 look-alike domains per month. Domain impersonation is the foundation for a multitude of online threats. Watch Elyse Neumann, Fortra’s Sr. Director of Client Operations, and Eric George, Fortra’s Director of Solutions Engineering, as they discuss the key findings from...
Blog

Executive Attacks on Social Media Hit All-Time High as Analysts Point to AI

Executive impersonation on social media is at an all-time high as threat actors take advantage of AI to improve and scale their attacks. In Q3, accounts pretending to belong to high-ranking executives on social media climbed to more than 54% of total impersonation volume, surpassing brand attacks for the first time since Fortra began tracking this data. The volume and composition of these attacks...
Blog

Cybercriminal Focus in the New Year – Top 2024 Threat Trends

Criminals are constantly innovating ways to enhance deliverability and increase the success of their campaigns. Email phishing remains one of the most significant threats to organizations, but a growing number of campaigns are first touching victims via non-traditional lures or through engagement on platforms where users are more susceptible to scams. Understanding how online threats are evolving...
Blog

Getting the Board on Board: Explaining Cybersecurity ROI

In this Tripwire guest blog, we break down how to best communicate the significance of a cybersecurity investment. Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn't always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable Return On...
Guide

Domain Impersonation Report

Domain impersonation is the foundation for a multitude of online threats. Because a domain is dynamic, identifying when and how it will be used for malicious purposes can be challenging for security teams, and requires constant monitoring for behavior that will validate removal.In this Domain Impersonation Report, we review look-alike domain incidents to determine the volume and most prevalent...
Guide

Disrupt Counterfeit Threats

Counterfeit threats, such as fraudulent ads and look-alike domains, are on the rise especially with the expansion of e-commerce and online consumer-to-business interaction. However, the collection and mitigation of counterfeit activity can be complicated. Prioritizing relationships with platforms and providers along with collecting data showing evidence of abuse can accelerate the mitigation...
Video

On-Demand Webinar: Handling Threats That Land in User Inboxes

The risk of a user receiving a socially engineered attack is higher than ever, and technological solutions often miss the most devastating of them. Though technology is both an important and required component in protecting the enterprise, security teams need to remain vigilant and educated on quickly identifying threats which make it past...